Cybersecurity News
Clipboard hijacking malware found in 725 Ruby libraries
The malware would replace Bitcoin addresses copied to the clipboard with one controlled by the attacker.17 April 2020
Scams, lies, and coronavirus
Scams demanding bitcoin on pain of infecting you with the coronavirus gain their fair share of shine among schemes with a thin veneer of plausibility
The post Scams, lies, and coronavirus appeared first on WeLiveSecurity
17 April 2020
Academics steal data from air-gapped systems using PC fan vibrations
Israeli researchers use vibrations from CPU, GPU, or PC chassis fans to broadcast stolen information through solid materials and to nearby receives, breaking air-gapped system protections.17 April 2020
Could Return of Ghost Squad Hackers Signal Rise in COVID-19-Related Hactivism?
New research suggests GSH is active in Southeast Asia following a couple of quiet years.16 April 2020
Poorly Secured Docker Image Comes Under Rapid Attack
A honeypot experiment shows just how quickly cybercriminals will move to compromise vulnerable cloud infrastructure.
16 April 2020
New PoetRAT Hits Energy Sector With Data-Stealing Tools
A never-before-seen RAT is targeting Azerbaijan energy companies with various tools aimed at stealing credentials and exfiltrating valuable data.
16 April 2020
Neglected Infrastructure, Invasive Tech to Plague Infosec in 2022
Researchers outline cybersecurity threats they predict businesses will face in two years as technology evolves.16 April 2020
Massive Bot-Enabled Ad Fraud Campaign Targeted Connected TVs
ICEBUCKET operation is the largest ever to attempt to steal from advertisers by using bots to impersonate human smart-TV viewers, White Ops says.16 April 2020
Small Business Is Big Target for Ransomware
Small businesses are being hit by ransomware, and a majority are paying up to get their data back.16 April 2020
Cisco IP Phone Harbors Critical RCE Flaw
Cisco stomped out a critical vulnerability in its IP Phone web server that could enable remote code execution by an unauthenticated attacker.
16 April 2020
4 Cybersecurity Lessons from the Pandemic
An epidemiologist-turned-CTO describes the parallels between the spread of a computer virus and the real-world coronavirus.16 April 2020
Apple releases mobility data to help combat COVID‑19
The tool, which comes after a similar effort by Google, looks at how people’s traveling behavior has changed since the start of the pandemic
The post Apple releases mobility data to help combat COVID‑19 appeared first on WeLiveSecurity
16 April 2020
Post Pandemic, Technologists Pose Secure Certification for Immunity
Going digital with immunity passports could speed rollout and allow for better warnings of potential hot spots. But security and privacy issues remain.16 April 2020
Arxan Technologies Joins New Software Company Digital.ai
The application security provider teams up with CollabNet VersionOne and XebiaLabs to create Digital.ai, a new enterprise DevOps platform.16 April 2020
Linksys asks users to reset passwords after hackers hijacked home routers last month
Linksys locks Smart WiFi cloud accounts and asks users to reset passwords after hackers hijacked routers to redirect traffic to malware sites.16 April 2020
Sipping from the Coronavirus Domain Firehose
Security experts are poring over thousands of new Coronavirus-themed domain names registered each day, but this often manual effort struggles to keep pace with the flood of domains invoking the virus to promote malware and phishing sites, as well as non-existent healthcare products and charities. As a result, domain name registrars are under increasing pressure to do more to combat scams and misinformation during the COVID-19 pandemic.16 April 2020
Streaming TV Fraudsters Steal Millions of Ad Dollars in ‘ICEBUCKET’ Attack
Crooks manipulated connected TV supply-side ad platforms to create millions of fictional eyeballs.
16 April 2020
5 Things Ransomware Taught Me About Responding in a Crisis
What happened in Atlanta is worth studying because it was one of the earliest cases of a major city ransomware attacks and because it came out the other side stronger and more resilient.16 April 2020
Alleged Zoom Zero-Days for Windows, MacOS for Sale, Report
Alleged Windows flaw allows for remote code execution and is being flogged for $500,000.
16 April 2020
Kernel vulnerabilities in Android devices using Qualcomm chips explored
The security flaws that allowed attackers to achieve root capabilities on handsets have now been described in detail.16 April 2020