Cybersecurity News
Booking your next holiday? Watch out for these Airbnb scams
With vacations in full swing, cybercriminals will be looking to scam vacationers looking for that perfect accommodation.
The post Booking your next holiday? Watch out for these Airbnb scams appeared first on WeLiveSecurity
Podcast: Why Securing Active Directory Is a Nightmare

Enterprise data breach cost reached record high during COVID-19 pandemic
IBM research estimates that the average data breach now costs upward of $4 million.No More Ransom Saves Victims Nearly €1 Over 5 Years

Apple releases patch for zero‑day flaw in iOS, iPadOS and macOS
The vulnerability is under active exploitation by unknown attackers and affects a wide range of Apple’s products.
The post Apple releases patch for zero‑day flaw in iOS, iPadOS and macOS appeared first on WeLiveSecurity
Zimbra Server Bugs Could Lead to Email Plundering

Back-to-Basics: Use Strong Passwords
As small and medium businesses begin to re-open following the pandemic, it’s important to do so securely in order to protect customer’s payment card data. Too often, data breaches happen as a result of vulnerabilities that are entirely preventable. The PCI Security Standards Council (PCI SSC) has developed a set of payment protection resources for small businesses. In this 8-part back-to-basics series, we highlight payment security basics for protecting against payment data theft. Today’s blog focuses on using strong passwords.
Three Zero-Day Bugs Plague Kaseya Unitrends Backup Servers

Apple Patches Actively Exploited Zero-Day in iOS, MacOS

Malware developers turn to 'exotic' programming languages to thwart researchers
They are focused on exploiting pain points in code analysis and reverse-engineering.Podcast: IoT Piranhas Are Swarming Industrial Controls

Babuk Ransomware Gang Ransomed, New Forum Stuffed With Porn

Microsoft Rushes Fix for ‘PetitPotam’ Attack PoC

PlugwalkJoe Does the Perp Walk
One day after last summer's mass-hack of Twitter, KrebsOnSecurity wrote that 22-year-old British citizen Joseph "PlugwalkJoe" O'Connor appeared to have been involved in the incident. When the Justice Department last week announced O'Connor's arrest and indictment, his alleged role in the Twitter compromise was well covered in the media. But most of the coverage so far seem to have overlooked the far more sinister criminal charges in the indictment, which involve an underground scene wherein young men turn to extortion, sextortion, SIM swapping, death threats and physical attacks -- all in a bid to seize control over highly-prized social media accounts.Malware Makers Using ‘Exotic’ Programming Languages

The True Impact of Ransomware Attacks

Twitter handle swatter jailed after victim dies following home raid
The 60-year-old victim's daughter believes he was "scared to death."WhatsApp chief says government officials, US allies targeted by Pegasus spyware
The officials were allegedly targeted in attacks dating back to 2019.Officials who are US allies among targets of NSO malware, says WhatsApp chief

Will Cathcart claims government officials around the world among 1,400 WhatsApp users targeted in 2019
Senior government officials around the world – including individuals in high national security positions who are “allies of the US” – were targeted by governments with NSO Group spyware in a 2019 attack against 1,400 WhatsApp users, according to the messaging app’s chief executive.
Will Cathcart disclosed the new details about individuals who were targeted in the attack after revelations this week by the Pegasus project, a collaboration of 17 media organisations which investigated NSO, the Israeli company that sells its powerful surveillance software to government clients around the world.
What is in the data leak?
Related: How does Apple technology hold up against NSO spyware?
Continue reading...Discord CDN and API Abuses Drive Wave of Malware Detections
