Cybersecurity News


mHealth Apps Expose Millions to Cyberattacks

mHealth Apps Expose Millions to Cyberattacks Researcher testing of 30 mobile health apps for clinicians found that all of them had vulnerable APIs.
12 February 2021

Yandex Data Breach Exposes 4K+ Email Accounts

Yandex Data Breach Exposes 4K+ Email Accounts In a security notice, Yandex said an employee had been providing unauthorized access to users’ email accounts “for personal gain.”
12 February 2021

‘Annoyingly Believable’ Tax Scam Targets Mobile Users

‘Annoyingly Believable’ Tax Scam Targets Mobile Users A well-crafted SMS phishing effort is harvesting personal data and credit-card details under the guise of offering tax refunds.
12 February 2021

Water Utility Hack Could Inspire More Intruders

If past cyberattacks are any indication, success begets imitation. In the wake of last week's hack of Florida water utility, other water utilities and users of remote desktop software would be wise to shore up defenses, experts say.
12 February 2021

Singtel Suffers Zero-Day Cyberattack, Damage Unknown

Singtel Suffers Zero-Day Cyberattack, Damage Unknown The Tier 1 telecom giant was caught up in a coordinated, wide-ranging attack using unpatched security bugs in the Accellion legacy file-transfer platform.
12 February 2021

Week in security with Tony Anscombe

ESET's Q4 2020 threat report is out – How smart sex toys can ruin your privacy – Protecting water supply systems

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

12 February 2021

Florida Water Plant Hack: Leaked Credentials Found in Breach Database

Florida Water Plant Hack: Leaked Credentials Found in Breach Database Researchers discovered credentials for the Oldsmar water treatment facility in the massive compilation of data from breaches posted just days before the attack.
12 February 2021

You've Got Cloud Security All Wrong: Managing Identity in a Cloud World

In a hybrid and multicloud world, identity is the new perimeter and a critical attack surface for bad actors.
12 February 2021

Yandex said it caught an employee selling access to users' inboxes

The Russian company said the employee sold access to 4,887 user email accounts.
12 February 2021

Microsoft said the number of web shells has doubled since last year

Microsoft says it's seeing around 140,000 web shells a month, up from roughly 77,000 last August.
12 February 2021

Fifty shades of vulnerable: How to play it safe with your smart sex toy

While you’re living out your fantasies, your internet-enabled sex toy may be setting you up for a privacy nightmare

The post Fifty shades of vulnerable: How to play it safe with your smart sex toy appeared first on WeLiveSecurity

12 February 2021

Ransomware Attackers Set Their Sights on SaaS

Ransomware has begun to target data-heavy SaaS applications, open source, and Web and application frameworks.
11 February 2021

Pre-Valentine’s Day Malware Attack Mimics Flower, Lingerie Stores

Pre-Valentine’s Day Malware Attack Mimics Flower, Lingerie Stores Emails pretending to confirm hefty orders from lingerie shop Ajour Lingerie and flower store Rose World are actually spreading the BazaLoader malware.
11 February 2021

Growing Collaboration Among Criminal Groups Heightens Ransomware Threat for Healthcare Sector

Expect increase in ransomware and 'triple extortion' attacks, Cyber Threat Intelligence League says.
11 February 2021

Accellion to retire product at the heart of recent hacks

The Accellion FTA file transfer service has been at the heart of recent hacks at banks, telcos, and government organizations across the world.
11 February 2021

Pandemic Initially Led to Fewer Disclosed Vulnerabilities, Data Suggests

Vulnerability disclosure started off slow but caught up by the end of the year, according to a new report.
11 February 2021

Microsoft Launches Phase 2 Mitigation for Zerologon Flaw

The Netlogon remote code execution vulnerability, disclosed last August, has been weaponized by APT groups.
11 February 2021

Game Over: Stopping DDoS Attacks Before They Start

Video games are poised for a revolution, but benefits will come to fruition only if the industry can guarantee consistent performance and availability.
11 February 2021

7 Things We Know So Far About the SolarWinds Attacks

7 Things We Know So Far About the SolarWinds Attacks Two months after the news first broke, many questions remain about the sophisticated cyber-espionage campaign.
11 February 2021