From helpnetsecurity.com
It seems like only yesterday that we were all reading up on what the implementation of the European Union’s General Data Protection Regulation (GDPR) would mean for businesses operating in (or handling data collection with organizations in) the EU.
From thehackernews.com
A sweeping probe into a data leak of more than 50,000 phone numbers has revealed an extensive misuse of Israeli company NSO Group’s Pegasus “military-grade spyware” to facilitate human rights violations by surveilling heads of state, activists, journalists, and lawyers around the world.
Dubbed the “Pegasus Project,” the investigation is a collaboration by more than 80 journalists from a consortium of 17 media organizations in 10 countries coordinated by Forbidden Stories, a Paris-based media non-profit, along with the technical support of Amnesty International.
From securityboulevard.com
In January, we published the Ransomware Pandemic, a report discussing the ever-evolving threat of ransomware and the growing devastation disseminated by these malicious malware strains. The report discussed the future forecast for ransomware and how we imagined the threat would progress in the immediate future. Just six months later, these predictions have already become a reality. In this part of our discussion about the ransomware pandemic, we shall examine these developments and discuss exactly how we, as a community, can begin to confront this ongoing struggle.
From 2-spyware.com
Trojan.Win64.Miner.gen is the type of cyber infection that damages the machine while running in the background. It is not showing any symptoms and mainly affecting data on the system or speed, so users cannot notice the intruder easily. The trojan is categorized as a miner because it invades the machine with the purpose of using resources to mine cryptocurrency. Every time you turn on your computer the malicious program launches and starts its malicious procedures. The infection can spread via pirated applications, cracked games, malicious file attachments from email notifications.[1]
From kalilinuxtutorials.com
Security Scorecards is a tool for Security Health Metrics For Open Source.
A short motivational video clip to inspire us: https://youtu.be/rDMMYT3vkTk “You passed! All D’s … and an A!”
Goals
From bleepingcomputer.com
Google has released Chrome 91.0.4472.164 for Windows, Mac, and Linux to fix seven security vulnerabilities, one of them a high severity zero-day vulnerability exploited in the wild.
“Google is aware of reports that an exploit for CVE-2021-30563 exists in the wild,” the company revealed.
The new Chrome release has started rolling out worldwide to the Stable desktop channel and will become available to all users over the following days.
Google Chrome will automatically update itself on the next launch, but you can also manually update it by checking for the newly released version from Settings > Help > ‘About Google Chrome.’
From securityaffairs.co
A Linux variant of the HelloKitty ransomware was employed in attacks against VMware ESXi systems.
The move of the ransomware gang aims at expanding the operations targeting enterprises that are largely adopting virtualizing platforms. Targeting VMware ESXi systems, threat actors could encrypt as many virtual machines as possible with a significant impact on the victims.
Researchers from MalwareHunterTeam spotted multiple Linux ELF64 versions of the HelloKitty ransomware designed to target VMware ESXi servers and encrypt virtual machines hosted on them.