Trump says hires new lawyers to defend him in impeachment | Donald Trump News

Former president says David Schoen and Bruce Castor will now lead his defence to charges of “incitement to insurrection”. Former US President Donald Trump has hired two new lawyers to head his defence team for his historic second impeachment trial, which is due to begin next week. Trump’s announcement follows reports that he had abruptly parted ways with several of his impeachment lawyers.

Germany to send medical aid to Portugal: COVID latest | Coronavirus pandemic News

Germany said on Sunday it will send medical staff and equipment to Portugal, where space in hospital intensive care units is running out after a surge in coronavirus infections. Separately, World Health Organization experts have visited the market in Wuhan, central China, linked to the first known COVID-19 cluster, seeking clues about the beginning of the coronavirus outbreak as a number of

Republican lawmaker censured by party for voting to impeach Trump | Politics News

Symbolic rebuke comes amid growing Republican opposition to Senate trial of ex-president, set to begin next month. A Republican legislator from the US state of South Carolina has been censured by the state branch of the party after he voted to impeach former United States President Donald Trump earlier this month. Congressman Tom Rice was one of 10 Republicans in the US House of

Iran says local COVID-19 vaccine effective against UK variant | Coronavirus pandemic News

COVIran Barekat jab shown to completely defuse the UK variant of coronavirus in its human trials, officials say. Tehran, Iran – Iranian health officials say the country’s top COVID-19 vaccine candidate has been shown to work on the variant of the coronavirus first discovered in the United Kingdom. Hassan Jalili, who oversees local vaccine production at Setad, a powerful state organisation

In the Wake of the SolarWinds Hack, Here’s How Businesses Should Respond

Throughout 2020, businesses, in general, have had their hands full with IT challenges. They had to rush to accommodate a sudden shift to remote work. Then they had to navigate a rapid adoption of automation technologies. And as the year came to a close, more businesses began trying to assemble the safety infrastructure required to return to some semblance of normal in 2021. But at the end of

US slams China’s ‘destabilising’ South China Sea military flights | South China Sea News

US says Chinese military flights posed no threat to its Navy aircraft carrier but fit a pattern of aggressive behaviour by Beijing. The US military has said that Chinese military flights in the past week in the South China Sea “at no time” posed any threat to a US Navy aircraft carrier strike group in the region, but fit a pattern of destabilising and aggressive behaviour by Beijing. “The

Hezbollah Hacker Group Targeted Telecoms, Hosting, ISPs Worldwide

A “persistent attacker group” with alleged ties to Hezbollah has retooled its malware arsenal with a new version of a remote access Trojan (RAT) to break into companies worldwide and extract valuable information. In a new report published by the ClearSky research team on Thursday, the Israeli cybersecurity firm said it identified at least 250 public-facing web servers since early 2020 that have

Google uncovers new iOS security feature Apple quietly added after zero-day attacks

Google Project Zero on Thursday disclosed details of a new security mechanism that Apple quietly added to iOS 14 as a countermeasure to prevent attacks that were recently found to leverage zero-days in its messaging app. Dubbed “BlastDoor,” the improved sandbox system for iMessage data was disclosed by Samuel Groß, a security researcher with Project Zero, a team of security researchers at

Partisan news thrived under Trump. Can Biden bridge the divide? | Coronavirus pandemic News

As President Joe Biden’s administration tries to accelerate coronavirus vaccination drives, and get Democrats and Republicans in Congress to agree on a massive round of virus relief aid, another, perhaps more daunting partisan challenge looms for the new occupants of 1600 Pennsylvania Avenue – healing a fractured nation hooked on partisan news. Fostering trust in the nation’s institutions –

Partisan news thrived under Trump. Can Biden bridge the divide? | Coronavirus pandemic News

As President Joe Biden’s administration tries to accelerate coronavirus vaccination drives, and get Democrats and Republicans in Congress to agree on a massive round of virus relief aid, another, perhaps more daunting partisan challenge looms for the new occupants of 1600 Pennsylvania Avenue – healing a fractured nation hooked on partisan news. Fostering trust in the nation’s institutions –

New CISOs Survey Reveals How Small Cybersecurity Teams Can Confront 2021

The pressure on small to medium-sized enterprises to protect their organizations against cyberthreats is astronomical. These businesses face the same threats as the largest enterprises, experience the same (relative) damages and consequences when breaches occur as the largest enterprises but are forced to protect their organizations with a fraction of the resources as the largest enterprises.

Using the Manager Attribute in Active Directory (AD) for Password Resets

Creating workflows around verifying password resets can be challenging for organizations, especially since many have shifted work due to the COVID-19 global pandemic. With the numbers of cyberattacks against businesses exploding and compromised credentials often being the culprit, companies have to bolster security around resetting passwords on user accounts. How can organizations bolster the

UK says Hong Kong offer upholds ‘freedom and autonomy’ | Hong Kong Protests News

Under scheme that comes into effect on Sunday, Hong Kong people with BN(O) status will have path to UK citizenship. Britain’s government said on Friday it was standing by the people of its former colony Hong Kong in the face of a Chinese crackdown as it prepared to launch a settlement scheme that could allow millions of the territory’s people to live permanently in the United Kingdom. People

Authorities Seize Dark-Web Site Linked to the Netwalker Ransomware

U.S. and Bulgarian authorities this week took control of the dark web site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. “We are striking back against the growing threat of ransomware by not only bringing criminal charges against the responsible actors, but also disrupting criminal online infrastructure and, wherever possible, recovering ransom

Italy CERT Warns of a New Credential Stealing Android Malware

Researchers have disclosed a new family of Android malware that abuses accessibility services in the device to hijack user credentials and record audio and video. Dubbed “Oscorp” by Italy’s CERT-AGID, the malware “induce(s) the user to install an accessibility service with which [the attackers] can read what is present and what is typed on the screen.” So named because of the title of the login

Germany to restrict travel to curb COVID variants: Live news | Coronavirus pandemic News

Germany prepares entry bans for travellers from the UK, Portugal, Brazil and South Africa to limit spread of variants. Germany is preparing entry bans for travellers from the United Kingdom, Portugal, Brazil and South Africa to limit the spread of the more contagious variants of the coronavirus. The World Health Organization (WHO) said one-third of the African continent will be vaccinated by

European Authorities Disrupt Emotet — World’s Most Dangerous Malware

Law enforcement agencies from as many as eight countries dismantled the infrastructure of Emotet, a notorious email-based Windows malware behind several botnet-driven spam campaigns and ransomware attacks over the past decade. The coordinated takedown of the botnet on Tuesday — dubbed “Operation Ladybird” — is the result of a joint effort between authorities in the Netherlands, Germany, the U.S

New Attack Could Let Remote Hackers Target Devices On Internal Networks

A newly devised variant of the NAT Slipstreaming attack can be leveraged to compromise and expose any device in an internal network, according to the latest research. Detailed by enterprise IoT security firm Armis, the new attack (CVE-2020-16043 and CVE-2021-23961) builds on the previously disclosed technique to bypass routers and firewalls and reach any unmanaged device within the internal

Chinese cities using anal swabs to screen COVID infections | Coronavirus pandemic News

Study shows virus traces in faecal samples could remain detectable for a longer time and provide more accurate test results. Some Chinese cities are using samples taken from the anus to detect potential COVID-19 infections as China steps up screening to make sure no potential carrier of the new coronavirus is missed ahead of next month’s the Lunar New Year holidays when tens of millions of

Warning Issued Over Hackable ADT’s LifeShield Home Security Cameras

Newly discovered security vulnerabilities in ADT’s Blue (formerly LifeShield) home security cameras could have been exploited to hijack both audio and video streams. The vulnerabilities (tracked as CVE-2020-8101) were identified in the video doorbell camera by Bitdefender researchers in February 2020 before they were eventually addressed on August 17, 2020. LifeShield was acquired by

New Docker Container Escape Bug Affects Microsoft Azure Functions

Cybersecurity researcher Paul Litvak today disclosed an unpatched vulnerability in Microsoft Azure Functions that could be used by an attacker to escalate privileges and escape the Docker container used for hosting them. The findings come as part of Intezer Lab‘s investigations into the Azure compute infrastructure. Following disclosure to Microsoft, the Windows maker is said to have “

Vaccine spat heats up as AstraZeneca confirms plans for EU talks | Coronavirus pandemic News

Spat between AstraZeneca and the EU raises concerns about vaccine nationalism, as nations jockey for limited supplies. The European Union’s dispute with AstraZeneca intensified Wednesday with the Anglo-Swedish drugmaker denying the EU’s assertion that it had pulled out of talks on COVID-19 vaccine supplies. AstraZeneca said in a statement that it still planned to meet with EU officials in

Top Cyber Attacks of 2020

With so much of the world transitioning to working, shopping, studying, and streaming online during the coronavirus pandemic, cybercriminals now have access to a larger base of potential victims than ever before. “Zoombomb” became the new photobomb—hackers would gain access to a private meeting or online class hosted on Zoom and shout profanities and racial slurs or flash pornographic images.

Apple Warns of 3 iOS Zero-Day Security Vulnerabilities Exploited in the Wild

Apple on Tuesday released updates for iOS, iPadOS, and tvOS with fixes for three security vulnerabilities that it says may have been actively exploited in the wild. Reported by an anonymous researcher, the three zero-day flaws — CVE-2021-1782, CVE-2021-1870, and CVE-2021-1871 — could have allowed an attacker to elevate privileges and achieve remote code execution. The iPhone maker did not

Global ice sheets melting at ‘worst-case’ rates: UK scientists | Climate News

Rate of loss rose from 0.8 trillion tonnes per year in the 1990s to 1.3 trillion tonnes per year by 2017, with potentially disastrous consequences. The rate at which ice is disappearing across the world matches “worst-case climate warming scenarios”, UK scientists have warned in new research. A team from the universities of Edinburgh, Leeds and University College London said the rate at which

vCISO Shares Most Common Risks Faced by Companies With Small Security Teams

Most companies with small security teams face the same issues. They have inadequate budgets, inadequate staff, and inadequate skills to face today’s onslaught of sophisticated cyberthreats. Many of these companies turn to virtual CISOs (vCISOs) to provide security expertise and guidance. vCISOs are typically former CISOs with years of experience building and managing information security

TikTok Bug Could Have Exposed Users’ Profile Data and Phone Numbers

Cybersecurity researchers on Tuesday disclosed a now-patched security flaw in TikTok that could have potentially enabled an attacker to build a database of the app’s users and their associated phone numbers for future malicious activity. Although this flaw only impacts those users who have linked a phone number with their account or logged in with a phone number, successful exploitation of the

Iran approves Russia’s Sputnik V COVID-19 vaccine | Coronavirus pandemic News

Foreign Minister Mohammad Javad Zarif says Iran hopes to begin purchases and start joint production of the shot ‘in the near future’. Iran has approved Russia’s Sputnik V vaccine and plans to both import it and produce it, giving the Middle East’s worst-hit country a tool to fight the spread of COVID-19, Foreign Minister Mohammad Javad Zarif has said. “The Sputnik V vaccine was yesterday also

Targeted Phishing Attacks Target High-Ranking Company Executives

An evolving phishing campaign observed at least since May 2020 has been found to target high-ranking company executives across manufacturing, real estate, finance, government, and technological sectors with the goal of obtaining sensitive information. The campaign hinges on a social engineering trick that involves sending emails to potential victims containing fake Office 365 password

N. Korean Hackers Targeting Security Experts to Steal Undisclosed Researches

Google on Monday disclosed details about an ongoing campaign carried out by a government-backed threat actor from North Korea that has targeted security researchers working on vulnerability research and development. The internet giant’s Threat Analysis Group (TAG) said the adversary created a research blog and multiple profiles on various social media platforms such as Twitter, Twitter,

US confirms first case of Brazil COVID-19 variant | Coronavirus pandemic News

News comes as President Joe Biden reinstates coronavirus travel bans for most non-US citizens from several countries. The United States has reported its first known case of the COVID-19 variant first detected in Brazil. The Minnesota Department of Health confirmed the case on Monday, the same day President Joe Biden extended coronavirus restrictions barring most non-US citizens who recently

Tracking Pen Testing Trends and Challenges

Over the years, penetration testing has had to change and adapt alongside the IT environments and technology that need to be assessed. Broad cybersecurity issues often influence the strategy and growth of pen-testing. In such a fast-paced field, organizations get real value from learning about others’ penetration testing experiences, identifying trends, and the role they play in today’s threat

Enhancing Email Security with MTA-STS and SMTP TLS Reporting

In 1982, when SMTP was first specified, it did not contain any mechanism for providing security at the transport level to secure communications between mail transfer agents. Later, in 1999, the STARTTLS command was added to SMTP that in turn supported the encryption of emails in between the servers, providing the ability to convert a non-secure connection into a secure one that is encrypted

China: Bodies of nine gold mine workers recovered | China News

Eleven rescued, one missing after a blast at a gold mine in coastal Shandong province on January 10. The bodies of nine workers killed in explosions at a gold mine in China have been found, raising the death toll from the incident earlier this month to 10. A total of 22 miners working about 600 metres (2,000 feet) underground were trapped after an explosion at the Hushan mine in Qixia, a major

Beware — A New Wormable Android Malware Spreading Through WhatsApp

A newly discovered Android malware has been found to propagate itself through WhatsApp messages to other contacts in order to expand what appears to be an adware campaign. “This malware spreads via victim’s WhatsApp by automatically replying to any received WhatsApp message notification with a link to [a] malicious Huawei Mobile app,” ESET researcher Lukas Stefanko said. The link to the fake

Vietnam’s Communist Party meets to pick new leaders, set strategy | Politics News

Continuity expected as Vietnam seeks to balance China and the United States. Vietnam’s ruling Communist Party gathers for its first national congress since 2016 later on Monday with a mission to select new leaders and shape policy for the next five years. The event, the 13th congress since the founding of the Communist Party of Vietnam in 1930, will bring 1,600 delegates from across the

Kuwait’s emir reappoints PM to form new cabinet | Middle East News

Sheikh Sabah had resigned after the parliament backed a request to question him over issues including his choice of cabinet members. Kuwait’s emir has issued a decree reappointing Sheikh Sabah Al Khalid Al Sabah as prime minister after the cabinet resigned last week in a standoff with parliament over its vote to question him on constitutional affairs, including his choice of ministers. State

Senate Republican warns Trump impeachment could set precedent | Donald Trump News

John Cornyn says ‘former Democratic Presidents’ could be impeached if Senate moves ahead with Donald Trump’s trial. One of the most influential Republicans in the United States Senate has warned that “former Democratic Presidents” could be impeached if the Senate moves ahead with an impeachment trial against former President Donald Trump. Trump was impeached in the US House of Representatives

Beware! Fully-Functional Released Online for SAP Solution Manager Flaw

Cybersecurity researchers have warned of a publicly available fully-functional exploit that could be used to target SAP enterprise software. The exploit leverages a vulnerability, tracked as CVE-2020-6207, that stems from a missing authentication check in SAP Solution Manager (SolMan) version 7.2 SAP SolMan is an application management and administration solution that offers end-to-end

US television host Larry King dies aged 87 | Arts and Culture News

Broadcaster was best known for a 25-year run as talk show host of CNN’s Larry King Live, interviewing world leaders, entertainers and other celebrities. Renowned US television broadcaster Larry King has died aged 87 in Los Angeles. A production company he co-founded, Ora Media, did not state a cause of death on Saturday but media reports said King had been battling COVID-19 for weeks and had

Experts Detail A Recent Remotely Exploitable Windows Vulnerability

More details have emerged about a security feature bypass vulnerability in Windows NT LAN Manager (NTLM) that was addressed by Microsoft as part of its monthly Patch Tuesday updates earlier this month. The flaw, tracked as CVE-2021-1678 (CVSS score 4.3), was described as a “remotely exploitable” flaw found in a vulnerable component bound to the network stack, although exact details of the flaw

SonicWall Hacked Using 0-Day Bugs In Its Own VPN Product

SonicWall, a popular internet security provider of firewall and VPN products, on late Friday disclosed that it fell victim to a coordinated attack on its internal systems. The San Jose-based company said the attacks leveraged zero-day vulnerabilities in SonicWall secure remote access products such as NetExtender VPN client version 10.x and Secure Mobile Access (SMA) that are used to provide

Rural Colombian groups seek help from new US gov’t amid violence | FARC News

Bogota, Colombia – More than 100 Colombian human rights associations from remote Afro-Colombian and Indigenous communities have written to the new US administration to ask for help with the continued violence and killings they face. “Our black, indigenous and rural farming communities living in remote areas around Colombia have lived for over 40 years in the midst of an armed conflict … and

Missing Link in a ‘Zero Trust’ Security Model—The Device You’re Connecting With!

Like it or not, 2020 was the year that proved that teams could work from literally anywhere. While terms like “flex work” and “WFH” were thrown around before COVID-19 came around, thanks to the pandemic, remote working has become the defacto way people work nowadays. Today, digital-based work interactions take the place of in-person ones with near-seamless fluidity, and the best part is that

Biden to order stopgap aid while Congress considers big stimulus | Business and Economy News

US President Joe Biden is set to sign two executive orders on Friday to provide stopgap help to struggling Americans while Congress mulls his proposed $1.9 trillion coronavirus relief aid package. United States President Joe Biden plans to take executive action Friday to provide a stopgap measure of financial relief to millions of Americans while Congress begins to consider his much larger $

Sharing eBook With Your Kindle Could Have Let Hackers Hijack Your Account

Amazon has addressed a number of flaws in its Kindle e-reader platform that could have allowed an attacker to take control of victims’ devices by simply sending them a malicious e-book. Dubbed “KindleDrip,” the exploit chain takes advantage of a feature called “Send to Kindle” to send a malware-laced document to a Kindle device that, when opened, could be leveraged to remotely execute arbitrary

Importance of Application Security and Customer Data Protection to a Startup

When you are a startup, there are umpteen things that demand your attention. You must give your hundred percent (probably even more!) to work effectively and efficiently with the limited resources. Understandably, the application security importance may be pushed at the bottom of your things-to-do list. One other reason to ignore web application protectioncould be your belief that only large

QAnon in disarray as reality of Biden presidency settles | Donald Trump News

As adherents of the QAnon conspiracy theory face the reality of Joe Biden’s presidency – something they believed could never happen – the movement appears to be searching for a way forward as some cast aside their beliefs, according to researchers. QAnon is a loose set of unfounded beliefs based on the refuted notion that a cannibalistic cabal of liberal elites working to traffic children and

Here’s How SolarWinds Hackers Stayed Undetected for Long Enough

Microsoft on Wednesday shared more specifics about the tactics, techniques, and procedures (TTPs) adopted by the attackers behind the SolarWinds hack to stay under the radar and avoid detection, as cybersecurity companies work towards getting a “clearer picture” of one of the most sophisticated attacks in recent history. Calling the threat actor “skillful and methodic operators who follow

MrbMiner Crypto-Mining Malware Links to Iranian Software Company

A relatively new crypto-mining malware that surfaced last year and infected thousands of Microsoft SQL Server (MSSQL) databases has now been linked to a small software development company based in Iran. The attribution was made possible due to an operational security oversight, said researchers from cybersecurity firm Sophos, that led to the company’s name inadvertently making its way into the