Cybersecurity News
Colossal Intel Update Anchored by Critical Privilege-Escalation Bugs
Intel released 40 security advisories in total, addressing critical- and high-severity flaws across its Active Management Technology, Wireless Bluetooth and NUC products.
10 November 2020
Scalper-Bots Shake Down Desperate PS5, Xbox Series X Shoppers
Retail bots are helping scalpers scoop up PS5, Xbox Series X inventory and charge massive markups.
10 November 2020
Cloud Usage, Biometrics Surge As Remote Work Grows Permanent
A new report reveals organizations are increasing their adoption of biometric authentication and disallowing SMS as a login method.10 November 2020
Overlooked Security Risks of the M&A Rebound
Successful technology integration, post-merger, is tricky in any market, and never more so than with today's remote work environments and distributed IT infrastructure.10 November 2020
Microsoft November 2020 Patch Tuesday arrives with fix for Windows zero-day
The Microsoft November 2020 Patch Tuesday fixes 112 vulnerabilities, 24 of which are remote code execution (RCE) bugs.10 November 2020
New Platypus attack can steal data from Intel CPUs
Intel has released microcode updates today to prevent attackers from abusing the Intel RAPL mechanism to steal sensitive data from its CPUs.10 November 2020
Apple to Deliver ‘Privacy Labels’ for Apps, Revealing Data-Sharing Details
Developers will have to reveal how data is shared with any “third-party partners,” which include analytics tools, advertising networks, third-party SDKs or other external vendors.
10 November 2020
Ransomware Group Turns to Facebook Ads
It's bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up.10 November 2020
Data on millions of hotel guests exposed in cloud storage leak
The cache of data sitting wide open on a server included full names, national ID numbers and credit card data
The post Data on millions of hotel guests exposed in cloud storage leak appeared first on WeLiveSecurity
10 November 2020
The Double-Edged Sword of Cybersecurity Insurance
With ransomware on the rise, more organizations are opting to purchase cyber insurance -- tipping off criminals about how much to demand for access back to pilfered systems and data.
10 November 2020
Ghimob Android Banking Trojan Targets 153 Mobile Apps
A banking trojan is targeting mobile app users in Brazil - and researchers warn that its operator has big plans to expand abroad.
10 November 2020
How Hackers Blend Attack Methods to Bypass MFA
Protecting mobile apps requires a multilayered approach with a mix of cybersecurity measures to counter various attacks at different layers.10 November 2020
Microsoft Teams Users Under Attack in ‘FakeUpdates’ Malware Campaign
Microsoft warns that cybercriminals are using Cobalt Strike to infect entire networks beyond the infection point, according to a report.
10 November 2020
Critical privilege escalation bugs squashed in WordPress Ultimate Member plugin
The vulnerabilities impacted roughly 100,000 websites.10 November 2020
Chrome to block tab-nabbing attacks
Firefox and Safari are already blocking these types of web attacks10 November 2020
New 'Ghimob' malware can spy on 153 Android mobile applications
New Ghimob Android trojan rises and evolves from Brazil to spread internationally.10 November 2020
Npm package caught stealing sensitive Discord and browser files
Malicious code was found hidden inside a JavaScript library named Discord.dll.09 November 2020
New Brazilian Banking Trojan Targets Mobile Users in Multiple Countries
Ghimob is a full-fledged spy in your pocket, Kaspersky says.09 November 2020
FTC Announces Consent Agreement With Zoom
The agreement covers Zoom's misleading statements on security for its audio and video calling.09 November 2020
Hotels.com & Expedia Provider Exposes Millions of Guests' Data
Hotel reservation platform Prestige Software compromised personal data belonging to millions of travelers through a misconfigured AWS S3 bucket.09 November 2020