Cybersecurity News
Government VPN Servers Targeted in Zero-Day Attack
The attacks are being carried out against Chinese government interests worldwide, according to Qihoo 360.
06 April 2020
Mozilla Patches Two Critical Zero-Days in Firefox
The latest release of Firefox brings fixes for two Critical vulnerabilities already seen exploited in the wild.06 April 2020
Why Humans Are Phishing's Weakest Link
And it's not just because they click when they shouldn't... they also leave a trail of clues and details that make them easy to spoof06 April 2020
Why Humans Will Always Be Phishing's Weakest Link
And it's not just because they click when they shouldn't... they also leave a trail of clues and details that make them easy to spoof06 April 2020
Beyond Zoom: How Safe Are Slack and Other Collaboration Apps?
COVID-19’s effect on work footprints has created an unprecedented challenge for IT and security staff. Many departments are scrambling to enable collaboration apps for all -- but without proper security they can be a big risk.
06 April 2020
UK government slams ‘crackpot’ 5G-coronavirus theories following mast arson attacks
Suspected arson attacks have been connected to theories spreading online of 5G as a cause of coronavirus.06 April 2020
What to do you if your phone is lost or stolen
Losing your smartphone can be expensive, but the cost of the device may not be the final price you’ll be paying
The post What to do you if your phone is lost or stolen appeared first on WeLiveSecurity
06 April 2020
DarkHotel hackers use VPN zero-day to breach Chinese government agencies
Targets included government agencies in Beijing and Shanghai and Chinese diplomatic missions abroad.06 April 2020
Russian telco hijacks internet traffic for Google, AWS, Cloudflare, and others
Rostelecom involved in two BGP hijacking incidents this week impacting more than 200 CDNs and cloud providers.05 April 2020
Docker servers targeted by new Kinsing malware campaign
Hackers breach Docker clusters via administrative API ports left exposed online without a password.04 April 2020
Firefox Zero-Day Flaws Exploited in the Wild Get Patched
Mozilla Foundation rushes patches to fix bugs in its browser that could allow for remote code execution.
04 April 2020
12k+ Android apps contain master passwords, secret access keys, secret commands
Comprehensive academic study finds hidden backdoor-like behavior in 6,800 Play Store apps, 1,000 apps from third-party app stores, and almost 4,800 apps pre-installed on user devices.04 April 2020
DOJ says Zoom-bombing is a crime
DOJ officials say Zoom-bombing raids could lead to arrests, fines, and even prison sentences.03 April 2020
Google rolls back Chrome privacy feature due to COVID-19
Google disables SameSite cookie support to prevent any unforseen breakage to sites during the coronavirus outbreak.03 April 2020
Firefox gets fixes for two zero-days exploited in the wild
Mozilla releases Firefox 74.0.1 to patch two bugs exploited by hackers.03 April 2020
Week in security with Tony Anscombe
Staying safe from coronavirus-themed scams – Securing remote desktop connections – The security risks of videoconferencing
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
03 April 2020
Zoom’s privacy and security woes in the spotlight
The company goes straight from basking in the glow of its near-overnight success to launching an all‑out effort to fix its privacy and security issues
The post Zoom’s privacy and security woes in the spotlight appeared first on WeLiveSecurity
03 April 2020
Researcher Hijacks iOS, macOS Camera with Three Safari Zero-Days
A security researcher earned $75,000 for finding a whopping seven zero-days in Safari, three of which can be combined to access the camera.03 April 2020
5 Soothing Security Products We Wish Existed
Maybe security alert fatigue wouldn't be so bad if the alerts themselves delivered less stress and more aromatherapy.
03 April 2020
Self-Propagating Malware Targets Thousands of Docker Ports Per Day
A Bitcoin-mining campaign using the Kinsing malware is spreading quickly thanks to cloud-container misconfigurations.
03 April 2020