U.S. DoD Weapons Programs Lack ‘Key’ Cybersecurity Measures
The lack of cybersecurity requirements in weapons contracts from the Department of Defense opens the door for dangerous cyberattacks.
Vulnerabilities
Massive Supply-Chain Cyberattack Breaches Several Airlines
The cyberattack on SITA, a nearly ubiquitous airline service provider, has compromised frequent-flyer data across many carriers.
D-Link, IoT Devices Under Attack By Tor-Based Gafgyt Variant
A new variant of the Gafgyt botnet – that’s actively targeting vulnerable D-Link and Internet of Things devices – is the first variant of the malware to rely on Tor communications, researchers say.
Researchers with Microsoft and FireEye found three new malware families, which they said are used by the threat group behind the SolarWinds attack.
Espionage attacks exploiting the just-patched remote code-execution security bugs in Microsoft Exchange servers are quickly spreading.
Wireless mouse-utility lacks proper authentication and opens Windows systems to attack.
Attackers have weaponized code dependency confusion to target internal apps at tech giants.
Full dumps of email boxes, lateral movement and backdoors characterize sophisticated attacks by a Chinese APT – while more incidents spread like wildfire.
The UnC0ver team took advantage of an iOS flaw patched in January in its latest tool allowing developers and other enthusiasts to hack into their own devices.
A snapshot of the 2020 mobile threat landscape reveals major shifts toward adware and threats to online banks.
