Cybersecurity News


Unpatched Bugs Found Lurking in Provisioning Platform Used with Cisco UC

Unpatched Bugs Found Lurking in Provisioning Platform Used with Cisco UC A trio of security flaws open the door to remote-code execution and a malware tsunami.
11 June 2021

Trickbot Investigation Shows Details of Massive Cybercrime Effort

Nearly a score of cybercriminals allegedly worked together to create the Trickbot malware and deploy it against more than a million users, an unsealed indictment claims.
11 June 2021

McDonald's Data Breach Exposed Business & Customer Data

An investigation has revealed company data has been breached in the United States, South Korea, and Taiwan.
11 June 2021

Baby Clothes Giant Carter’s Leaks 410K Customer Records

Baby Clothes Giant Carter’s Leaks 410K Customer Records Purchase automation software delivered shortened URLs without protections.
11 June 2021

REvil Hits US Nuclear Weapons Contractor: Report

REvil Hits US Nuclear Weapons Contractor: Report "We hereby keep a right (sic) to forward all of the relevant documentation and data to military agencies of our choise (sic)" REvil reportedly wrote.
11 June 2021

Cyberpunk 2077 Hacked Data Circulating Online

Cyberpunk 2077 Hacked Data Circulating Online CD Projekt Red confirmed that employee and game-related data appears to be floating around the cyber-underground, four months after a hack on the Witcher and Cyberpunk 2077 developer.
11 June 2021

Details Emerge on How Gaming Giant EA Was Hacked

Hacking group stole source code to FIFA 21 and the company's Frostbite engine.
11 June 2021

Many Mobile Apps Intentionally Using Insecure Connections for Sending Data

A new analysis of iOS and Android apps released to Apple's and Google's app stores over the past five years found many to be deliberately breaking HTTPS protections.
11 June 2021

Monumental Supply-Chain Attack on Airlines Traced to State Actor

Monumental Supply-Chain Attack on Airlines Traced to State Actor Airlines are warned to scour networks for traces of the campaign, likely the work of APT41, lurking in networks.
11 June 2021

Secure Access Trade-offs for DevSecOps Teams

Thanks to recent advancements in access technologies, everyone can apply identity-based authentication and authorization and zero-trust principles for their computing resources.
11 June 2021

Lax security around URL shortener exposed PII of US retailer Carter’s customer base

Hundreds of thousands of customers may have been impacted.
11 June 2021

Week in security with Tony Anscombe

ESET Research dissects campaigns by the Gelsemium and BackdoorDiplomacy APT groups – Hacking an orbiting satellite isn't necessarily the stuff of Hollywood

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

11 June 2021

Police Grab Slilpp, Biggest Stolen-Logins Market

Police Grab Slilpp, Biggest Stolen-Logins Market There were more than 80 million login credentials for sale, used to inflict over $200 million in losses in the U.S. alone.
11 June 2021

Hackers Steal FIFA 21 Source Code, Tools in EA Breach

Hackers Steal FIFA 21 Source Code, Tools in EA Breach Raft of other proprietary game data and related software and developer kits also pilfered in the unspecified attack, which the company is investigating.
11 June 2021

Tracking ransomware cryptocurrency payments: What now for Bitcoin?

Should we expect cybercriminals to ditch the pseudonymous cryptocurrency for other forms of payment that may be better at throwing law enforcement off the scent?

The post Tracking ransomware cryptocurrency payments: What now for Bitcoin? appeared first on WeLiveSecurity

11 June 2021

Card Broken: 1000 arrests made in Chinese crackdown on fraud, cryptocurrency laundering

Criminals involved in telecom scams allegedly funneled their profits through cryptocurrency platforms.
11 June 2021

Feds strike Slilpp, a marketplace for flogging initial access credentials

The marketplace was one of the largest sellers of stolen login information.
11 June 2021

New Ransomware Group Claiming Connection to REvil Gang Surfaces

'Prometheus' is the latest example of how the ransomware-as-a-service model is letting new gangs scale up operations quickly.
10 June 2021

'Fancy Lazarus' Criminal Group Launches DDoS Extortion Campaign

The group has re-emerged after a brief hiatus with a new email campaign threatening a DDoS attack against businesses that don't pay ransom.
10 June 2021

Healthcare Device Security Firm COO Charged with Hacking Medical Center

Vikas Singla, chief operating officer of security firm that provides products and services to the healthcare industry, faces charges surrounding a cyberattack he allegedly conducted against Duluth, Ga.-based Gwinnett Medial Center.
10 June 2021