Cybersecurity News


Pair of Google Chrome Zero-Day Bugs Actively Exploited

Pair of Google Chrome Zero-Day Bugs Actively Exploited The security vulnerabilities bring the web behemoth up to 10 browser zero-days found so far this year.
14 September 2021

Unpatched Bugs Plague Databases; Your Data Is Probably Not Secure – Podcast

Unpatched Bugs Plague Databases; Your Data Is Probably Not Secure – Podcast Imperva's Elad Erez discusses findings that 46 percent of on-prem databases are sitting ducks, unpatched and vulnerable to attack, each with an average of 26 flaws.
14 September 2021

Romance, BEC Scams Lands Soldier in Jail for 46 Months

Romance, BEC Scams Lands Soldier in Jail for 46 Months A former Army Reservist pleaded guilty to scamming the elderly with catfishing and stealing from veterans.
14 September 2021

The state of ransomware: national emergencies and million-dollar blackmail

Banks, however, have experienced the highest volume of ransomware attacks this year.
14 September 2021

BlackMatter Ransomware Hits Japanese Tech Giant Olympus

BlackMatter Ransomware Hits Japanese Tech Giant Olympus The incident that occurred Sept. 8 and affected its EMEA IT systems seems to signal a return to business as usual for ransomware groups.
14 September 2021

HP patches severe OMEN driver privilege escalation vulnerability

The bug can be used to achieve kernel-mode permissions.
14 September 2021

Close to half of on-prem databases contain vulnerabilities, with many critical flaws

The Microsoft Exchange attack wave revealed the risks, but patching isn't always straightforward.
14 September 2021

What is a cyberattack surface and how can you reduce it?

Discover the best ways to mitigate your organization's attack surface, in order to maximize cybersecurity.

The post What is a cyberattack surface and how can you reduce it? appeared first on WeLiveSecurity

14 September 2021

Apple Issues Emergency Fix for NSO Zero-Click Zero Day

Apple Issues Emergency Fix for NSO Zero-Click Zero Day Citizen Lab urges Apple users to update immediately. The new zero-click zero-day ForcedEntry flaw affects all things Apple: iPhones, iPads, Macs and Watches.
13 September 2021

REvil’s Back; Coder Fat-Fingered Away Its Decryptor Key

REvil’s Back; Coder Fat-Fingered Away Its Decryptor Key How did Kaseya get a universal decryptor after a mind-bogglingly big ransomware attack? A REvil coder misclicked, generated & issued it, and “That’s how we sh*t ourselves.”
13 September 2021

WhatsApp’s End-to-End Encryption Isn’t Actually Broken

WhatsApp’s End-to-End Encryption Isn’t Actually Broken WhatsApp’s moderators sent messages flagged by intended recipients. Researchers say this isn't concerning -- yet.
13 September 2021

Honing Cybersecurity Strategy When Everyone’s a Target for Ransomware

Honing Cybersecurity Strategy When Everyone’s a Target for Ransomware Aamir Lakhani, researcher at FortiGuard Labs, explains why organizations must extend cyber-awareness training across the entire enterprise, from Luddites to the C-suite.
13 September 2021

WooCommerce Multi Currency Bug Allows Shoppers to Change eCommerce Pricing

WooCommerce Multi Currency Bug Allows Shoppers to Change eCommerce Pricing The security vulnerability can be exploited with a malicious CSV file.
13 September 2021

Over 60 million wearable, fitness tracking records exposed via unsecured database

Data sources included Apple's HealthKit and Fitbit.
13 September 2021

Over 60 million wearable, fitness tracking records exposed via unsecured database

Data sources included Apple's HealthKit and Fitbit.
13 September 2021

This is how a cybersecurity researcher accidentally broke Apple Shortcuts

Detectify explains how investigating CloudKit resulted in Shortcuts disruption for users back in March.
13 September 2021

Beware of these 5 common scams you can encounter on Instagram

From cybercriminal evergreens like phishing to the verification badge scam we look at the most common tactics fraudsters use to trick their victims

The post Beware of these 5 common scams you can encounter on Instagram appeared first on WeLiveSecurity

13 September 2021

MyRepublic Data Breach Raises Data-Protection Questions

MyRepublic Data Breach Raises Data-Protection Questions The incident raises considerations for security for critical data housed in third-party infrastructure, researchers say.
10 September 2021

Top Steps for Ransomware Recovery and Preparation

Top Steps for Ransomware Recovery and Preparation Alex Restrepo, Virtual Data Center Solutions at Veritas Technologies, discusses post-attack restoration options, and how to prepare for another one in the future.
10 September 2021

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

On Thursday evening, KrebsOnSecurity was the subject of a rather massive (and mercifully brief) distributed denial-of-service (DDoS) attack. The assault came from "Meris," the same new "Internet of Things" (IoT) botnet behind record-shattering attacks against Russian search giant Yandex this week and internet infrastructure firm Cloudflare earlier this summer.
10 September 2021