Cybersecurity News


Operation NightScout: Supply‑chain attack targets online gaming in Asia

ESET researchers uncover a supply-chain attack used in a cyberespionage operation targeting online‑gaming communities in Asia

The post Operation NightScout: Supply‑chain attack targets online gaming in Asia appeared first on WeLiveSecurity

01 February 2021

Hacker group inserted malware in NoxPlayer Android emulator

Attackers targeted only a handful of victims. Only five detected until now, in countries such as Taiwan, Hong Kong, and Sri Lanka.
01 February 2021

Libgcrypt developers release urgent update to tackle severe vulnerability

A severe heap buffer issue was found by Google Project Zero’s Tavis Ormandy.
01 February 2021

UK Research and Innovation suffers ransomware attack

The agency has suspended some services while an investigation takes place.
01 February 2021

SonicWall zero-day exploited in the wild

Security firm NCC Group said it detected "indiscriminate" exploitation of a mysterious SonicWall zero-day.
01 February 2021

FonixCrypter ransomware gang releases master decryption key

FonixCrypter gang claimed it shut down and deleted their ransomware's source code.
29 January 2021

WordPress Pop-Up Builder Plugin Flaw Plagues 200K Sites

WordPress Pop-Up Builder Plugin Flaw Plagues 200K Sites The flaw could have let attackers send out custom newsletters and delete newsletter subscribers from 200,000 affected websites.
29 January 2021

Microsoft 365 Becomes Haven for BEC Innovation

Microsoft 365 Becomes Haven for BEC Innovation Two new phishing tactics use the platform's automated responses to evade email filters.
29 January 2021

Cloud Security Startup Armo Emerges from Stealth with $4.5M

Armo's platform was developed to protect cloud-native workloads and provide DevOps teams with greater visibility and control.
29 January 2021

Google deploys Chrome mitigations against new NAT Slipstreaming attack

After the discovery of NAT Slipstreaming 2.0 attack this week, Google says it will block Chrome traffic on ports 69, 137, 161, 1719, 1720, 1723, 6566, and 10080.
29 January 2021

FBI Encounters: Reporting an Insider Security Incident to the Feds

FBI Encounters: Reporting an Insider Security Incident to the Feds Most insider incidents don't get reported to the FBI due to fear of debilitating business disruptions, public embarrassment, and screeching vans skidding into the parking lot to confiscate servers. But is that reality?
29 January 2021

Ransomware Payoffs Surge by 311% to Nearly $350 Million

Payments to ransomware gangs using cryptocurrency more than quadrupled in 2020, with less than 200 cryptocurrency wallets receiving 80% of funds.
29 January 2021

The Taxman Cometh for ID Theft Victims

The unprecedented volume of unemployment insurance fraud witnessed in 2020 hasn't abated, although news coverage of the issue has largely been pushed off the front pages by other events. But the ID theft problem is coming to the fore once again: Countless Americans will soon be receiving notices from state regulators saying they owe thousands of dollars in taxes on benefits they never received last year.
29 January 2021

Industrial Gear at Risk from Fuji Code-Execution Bugs

Industrial Gear at Risk from Fuji Code-Execution Bugs Fuji Electric’s Tellus Lite V-Simulator and V-Server Lite can allow attackers to take advantage of operational technology (OT)-IT convergence on factory floors, at utility plants and more.
29 January 2021

Apple iOS 14 Thwarts iMessage Attacks With BlastDoor System

Apple iOS 14 Thwarts iMessage Attacks With BlastDoor System Apple has made structural improvements in iOS 14 to block message-based, zero-click exploits.
29 January 2021

Week in security with Tony Anscombe

Law enforcement disrupts Emotet – Wormable Android malware spreading via WhatsApp – Three iOS zero-day bugs squashed

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

29 January 2021

Paving the way: Inspiring Women in Payments - A Q&A featuring Sheryl Benedict

 

After seeing the 1983 film WarGames as a child, Sheryl Benedict became fascinated by computer technology. In this edition of our blog, Sheryl explains how the thought of protecting organizations from the bad guys inspired her to achieve great things in cybersecurity.

29 January 2021

Is the Web Supply Chain Next in Line for State-Sponsored Attacks?

Attackers go after the weak links first, and the Web supply chain provides an abundance of weak links to target.
29 January 2021

Lazarus Affiliate ‘ZINC’ Blamed for Campaign Against Security Researcher

Lazarus Affiliate ‘ZINC’ Blamed for Campaign Against Security Researcher New details emerge of how North Korean-linked APT won trust of experts and exploited Visual Studio to infect systems with ‘Comebacker’ malware.
29 January 2021

2020 Marked a Renaissance in DDoS Attacks

Amid the global pandemic, cybercriminals ramped up use of one of the oldest attack techniques around.
29 January 2021