Cybersecurity News


Log4Shell Vulnerability Targeted in VMware Servers to Exfiltrate Data

Log4Shell Vulnerability Targeted in VMware Servers to Exfiltrate Data CISA warns that threat actors are ramping up attacks against unpatched Log4Shell vulnerability in VMware servers.
28 June 2022

PCI DSS v4.0: A Perspective from India

 

Nitin Bhatnagar: Hello, listeners. Welcome to Coffee with the Council, where we discuss what's happening around the payment industry globally and bring a regional perspective to our audience. I'm your host, Nitin Bhatnagar, Associate Director of India for the PCI Security Standards Council. Today, we will be talking about PCI DSS v4.0, a perspective from India, with our special guests Swati Sharma, Leader, CISO Office, Amazon Pay; Dhananjay Khanna SVP and CISO of SBI Card; and Divya John, AVP, Risk and Compliance, HDFC bank. Let's get started.

27 June 2022

5 ways cybercriminals steal credit card details

Here are some of the most common ways hackers can get hold of other people’s credit card data – and how you can keep yours safe

The post 5 ways cybercriminals steal credit card details appeared first on WeLiveSecurity

27 June 2022

Instagram’s new age verification tool – Week in security with Tony Anscombe

As Instagram tests a new age verification tool, what are some of the concerns when it comes to confirming someone's age on the internet?

The post Instagram’s new age verification tool – Week in security with Tony Anscombe appeared first on WeLiveSecurity

24 June 2022

Google details commercial spyware that targets both Android and iOS devices

Hermit highlights a wider issue concerning our privacy and freedom.
24 June 2022

Scalper bots are snapping up appointments for government services in Israel

Scalpers are snapping up public service appointments and selling them on.
24 June 2022

Google Warns Spyware Being Deployed Against Android, iOS Users

Google Warns Spyware Being Deployed Against Android, iOS Users The company is warning victims in Italy and Kazakhstan that they have been targeted by the malware from Italian firm RCS Labs.
24 June 2022

These hackers are spreading ransomware as a distraction - to hide their cyber spying

Five ransomware strains have been linked to Bronze Starlight activities.
23 June 2022

Fancy Bear Uses Nuke Threat Lure to Exploit 1-Click Bug

Fancy Bear Uses Nuke Threat Lure to Exploit 1-Click Bug The APT is pairing a known Microsoft flaw with a malicious document to load malware that nabs credentials from Chrome, Firefox and Edge browsers.
23 June 2022

Virtual private networks: 5 common questions about VPNs answered

(Almost) everything you always wanted to know about virtual private networks, but were afraid to ask

The post Virtual private networks: 5 common questions about VPNs answered appeared first on WeLiveSecurity

23 June 2022

Ukrainian organizations warned of hacking attempts using CredoMap malware, Cobalt Strike beacons

Russian hackers continue their attempts to break into the systems of Ukrainian organisations, this time with phishing and fake emails.
22 June 2022

Meet the Administrators of the RSOCKS Proxy Botnet

Authorities in the United States, Germany, the Netherlands and the U.K. last week said they dismantled the "RSOCKS" botnet, a collection of millions of hacked devices that were sold as "proxies" to cybercriminals looking for ways to route their malicious traffic through someone else's computer. While the coordinated action did not name the Russian hackers allegedly behind RSOCKS, KrebsOnSecurity has identified its owner as a Russian man living abroad who also runs the world's top Russian spamming forum.
22 June 2022

Gamification of Ethical Hacking and Hacking Esports

Gamification of Ethical Hacking and Hacking Esports Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea, explores why gamified platforms and hacking esports are the future.
22 June 2022

Discovery of 56 OT Device Flaws Blamed on Lackluster Security Culture

Discovery of 56 OT Device Flaws Blamed on Lackluster Security Culture Culture of ‘insecure-by-design’ security is cited in discovery of bug-riddled operational technology devices.
22 June 2022

Elusive ToddyCat APT Targets Microsoft Exchange Servers

Elusive ToddyCat APT Targets Microsoft Exchange Servers The threat actor targets institutions and companies in Europe and Asia.
22 June 2022

How Microsoft's AI spots ransomware attacks before they even get started

Microsoft is targeting human-operated ransomware operations.
22 June 2022

Modern IT Security Teams’ Inevitable Need for Advanced Vulnerability Management

Modern IT Security Teams’ Inevitable Need for Advanced Vulnerability Management Traditional vulnerability management programs are outdated, with little to no innovation in the last two decades. Today's dynamic IT environment demands an advanced vulnerability management program to deal with the complex attack surface and curb security risks.
21 June 2022

Kazakh Govt. Used Spyware Against Protesters

Kazakh Govt. Used Spyware Against Protesters Researchers have discovered that a Kazakhstan government entity deployed sophisticated Italian spyware within its borders.
21 June 2022

Office 365 Config Loophole Opens OneDrive, SharePoint Data to Ransomware Attack

Office 365 Config Loophole Opens OneDrive, SharePoint Data to Ransomware Attack A reported a "potentially dangerous piece of functionality" allows an attacker to launch an attack on cloud infrastructure and ransom files stored in SharePoint and OneDrive.
21 June 2022

Magecart attacks are still around. And they are becoming more stealthy

They might not be the hottest topics in the cybersecurity realm anymore, but they are still a problem.
21 June 2022