Cybersecurity News


Assume ClubHouse Conversations Are Being Recorded, Researchers Warn

Assume ClubHouse Conversations Are Being Recorded, Researchers Warn At nearly a year old, the invitation-only, audio-based social-media platform ClubHouse is grappling with security issues on multiple fronts, but the consensus among researchers is coming into focus: Assume your ClubHouse conversations are being recorded. The company confirmed to Bloomberg that over the weekend a user was able to breach “multiple” ClubHouse room audio feeds […]
22 February 2021

Brave browser’s Tor mode exposed users’ dark web activity

A bug in the ad blocking component of Brave’s Tor feature caused the browser to leak users' DNS queries

The post Brave browser’s Tor mode exposed users’ dark web activity appeared first on WeLiveSecurity

22 February 2021

Accellion FTA Zero-Day Attacks Show Ties to Clop Ransomware, FIN11

Accellion FTA Zero-Day Attacks Show Ties to Clop Ransomware, FIN11 The threat actors stole data and used Clop's leaks site to demand money in an extortion scheme, though no ransomware was deployed.
22 February 2021

Paving the way: Inspiring Women in Payments - A Q&A featuring Jen Stone

 

She was a single mom with three kids in daycare, no child support, and a job as an executive assistant that didn’t pay enough to cover the bills. With absolutely no experience, Jen Stone took a chance on a helpdesk position, which changed her life. In this edition of our blog, Jen explains how she found success by taking ownership of her own career.

22 February 2021

8 Ways Ransomware Operators Target Your Network

8 Ways Ransomware Operators Target Your Network Security researchers explore how criminals are expanding their arsenals with new, more subtle, and more effective ransomware attack techniques.
22 February 2021

Cybersecurity Responsibility in a Post-Pandemic World

In this video, Omdia Cybersecurity Senior Research Director Maxine Holt explains why a more sustainable approach to post-pandemic cybersecurity is necessary.
22 February 2021

Powerhouse VPN products can be abused for large-scale DDoS attacks

Around 1,500 Powerhouse VPN servers are exposed online and ready to be abused by DDoS groups.
22 February 2021

What Can Your Connected Car Reveal About You?

App developers must take responsibility for the security of users' data.
22 February 2021

Stored XSS bug in Apple iCloud domain disclosed by bug bounty hunter

The cross-site scripting bug reportedly earned the researcher a $5000 reward.
22 February 2021

Chinese hackers cloned attack tool belonging to NSA’s Equation Group

The Jian tool was used to exploit a Windows zero-day vulnerability years before a patch was issued.
22 February 2021

30,000 Macs infected with new Silver Sparrow malware

Silver Sparrow can even run on systems with Apple's new M1 chip.
22 February 2021

Kia Denies Ransomware Attack as IT Outage Continues

Kia Motors America states there is no evidence its recent systems outage was caused by a ransomware attack.
19 February 2021

Malformed URL Prefix Phishing Attacks Spike 6,000%

Malformed URL Prefix Phishing Attacks Spike 6,000% Sneaky attackers are flipping backslashes in phishing email URLs to evade protections, researchers said.
19 February 2021

Mysterious Silver Sparrow Malware Found Nesting on 30K Macs

Mysterious Silver Sparrow Malware Found Nesting on 30K Macs A second malware that targets Macs with Apple's in-house M1 chip is infecting machines worldwide -- but it's unclear why.
19 February 2021

Credential-Stuffing Attack Targets Regional Internet Registry

Credential-Stuffing Attack Targets Regional Internet Registry RIPE NCC, the regional Internet registry for Europe, West Asia, and the former Soviet Union, said attackers attempted a credential-stuffing attack against its single-sign on service.
19 February 2021

Attackers Already Targeting Apple's M1 Chip with Custom Malware

A proof-of-concept program infects systems with ARM64-compiled binaries and then reaches out to download additional functionality.
19 February 2021

Mexican Politician Removed Over Alleged Ties to Romanian ATM Skimmer Gang

The leader of Mexico's Green Party has been removed from office following allegations that he received money from a Romanian ATM skimmer gang that stole hundreds of millions of dollars from tourists visiting Mexico's top tourist destinations over the past five years. The scandal is the latest fallout stemming from a three-part investigation into the organized crime group by KrebsOnSecurity in 2015.
19 February 2021

Week in security with Tony Anscombe

Avoid COVID-19 vaccine fraud and hoaxes – Romance scams cause record-high losses – Exaramel in the spotlight after attacks in France

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

19 February 2021

Brave browser leaks onion addresses in DNS traffic

DNS leak leaves footprints in DNS server logs for a Brave user's Tor traffic.
19 February 2021

TDoS attacks could cost lives, warns FBI

Both hacktivists and extortionists have used telephony denial-of-service attacks as a way to further their goals

The post TDoS attacks could cost lives, warns FBI appeared first on WeLiveSecurity

19 February 2021