SecurityWeek

A new Mirai-based botnet is targeting zero-day vulnerabilities in Tenda routers, according to researchers at 360 Netlab, a unit of Chinese cybersecurity company Qihoo 360.

A newly released “vaccine” can prevent certain ransomware families from erasing shadow copies to prevent data recovery.

A threat actor linked to China has used UEFI malware based on code from Hacking Team in attacks aimed at organizations with an interest in North Korea, Kaspersky reported on Monday.

Google on Friday announced the Android Partner Vulnerability Initiative (APVI), an effort aimed at improving patching of security issues specific to Android OEMs.

Industrial automation giant Rockwell Automation on Friday announced the acquisition of Oylo, a cybersecurity company based in Spain. Financial terms of the deal were not disclosed.

A North American merchant’s point-of-sale (POS) terminals were infected with a mix of POS malware earlier this year, Visa reports.

As yet unidentifed hackers have managed to steal employee salary payments at several Swiss universities, officials said Sunday."According to our information, several top schools in Switzerland have been affected," Martina Weiss, director general of the rectors group of Switzerland's public universities, told AFP.

The U.S. Department of Defense’s Cyber National Mission Force (CNMF) and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) last week published a malware analysis report for what they described as a new malware variant named SLOTHFULMEDIA.

The Fitbits on our wrists collect our health and fitness data; Apple promises privacy but lots of iPhone apps can still share our personal information; and who really knows what they’re agreeing to when a website asks, “Do You Accept All Cookies?” Most people just click “OK” and hope for the best, says former Democratic presidential candidate Andrew Yang.

Cloud-based enterprise device security platform provider Eclypsium on Thursday announced raising $13 million in an oversubscribed funding round. To date, the company has raised a total of $25 million.

It could be the wackiest product yet from Amazon -- a tiny indoor drone which buzzes around people's homes as a security sentry.The introduction of the Ring Always Home Cam planned for 2021 has opened up fresh debate on the potential for intrusive surveillance and privacy infringement.

The Best Defense Against Cyber Threats is Good Information

Documents filed by cloud software provider Blackbaud with the United States Securities and Exchange Commission (SEC) this week reveal that bank account details and social security numbers might have been affected in a ransomware attack earlier this year.

IETF Publishes New Proposal to Add Security to Network Timing

Pastebin recently announced two new security features, but some industry professionals have warned that they will likely be abused for malicious purposes.

The hospital chain Universal Health Services said Thursday that computer services at all 250 of its U.S. facilities were hobbled in last weekend’s malware attack and efforts to restore hospital networks were continuing.

Cisco this week announced plans to acquire Kubernetes-native security platform Portshift.

Facebook on Thursday released a detailed technical report on a malware campaign that targeted its ad platform for years.

Microsoft this week announced the public preview of support for confidential computing nodes in Azure Kubernetes Service (AKS).

A German privacy watchdog said Thursday that it is fining clothing retailer H&M 35.3 million euros ($41 million) after the company was found to have spied on some of its employees in Germany.