Cybersecurity News


LinkedIn’s 1.2B Data-Scrape Victims Already Being Targeted by Attackers

LinkedIn’s 1.2B Data-Scrape Victims Already Being Targeted by Attackers A refined database of 88K U.S. business owners on LinkedIn has been posted in a hacker forum.
01 July 2021

Netgear Authentication Bypass Allows Router Takeover

Netgear Authentication Bypass Allows Router Takeover Microsoft researchers discovered the firmware flaws in the DGN-2200v1 series router that can enable authentication bypass to take over devices and access stored credentials.
01 July 2021

Microsoft reveals authentication failures, system hijack vulnerabilities in Netgear routers

Microsoft says the bugs could have allowed “attackers to roam untethered through an entire organization.”
01 July 2021

Columbian police collar suspected Gozi Trojan distributor

The alleged hacker is wanted in the United States.
01 July 2021

Dropbox Used to Mask Malware Movement in Cyberespionage Campaign

Dropbox Used to Mask Malware Movement in Cyberespionage Campaign The ongoing spear-phishing campaign targeting the Afghan government uses Dropbox as an API that leaves no traces of communications with weirdo websites.
01 July 2021

Chinese hacking group impersonates Afghan president to infiltrate government agencies

The APT has been accused of infiltrating the country’s security council.
01 July 2021

Robinhood ordered to pay $70 million over ‘harm’ caused to ‘millions' of traders

The penalty is the largest issued by FINRA to date.
01 July 2021

Security provider for Matt Hancock’s office worked at Porton Down

Security provider for Matt Hancock’s office worked at Porton Down

US firm Emcor offers ‘facilities management’ at sensitive sites, including DHSC and RAF bases

A firm that provided security at Matt Hancock’s office, where leaked CCTV footage showed him kissing an aide, has also worked at the Porton Down defence research laboratory, RAF bases, and a military bunker that would house ministers in the event of a nuclear strike.

Labour called for an immediate audit of government contracts after documents reviewed by the Guardian showed that Emcor provided “facilities management” services at a range of highly sensitive sites, as well as the health department (DHSC).

Related: Ministers should not have cameras in their offices, Sajid Javid says

Continue reading...
01 July 2021

SentinelOne Starts Trading on NYSE, Raises $1.2B in IPO

IPO is the highest valued in cybersecurity history, according to reports.
30 June 2021

SMB Worm Targeting EternalBlue Vuln Spreads to US

"Indexsinas" is the latest threat designed to exploit Windows servers that remain vulnerable to an NSA-developed exploit Microsoft patched more than four years ago.
30 June 2021

We Infiltrated a Counterfeit Check Ring! Now What?

Imagine waking up each morning knowing the identities of thousands of people who are about to be mugged for thousands of dollars each. You know exactly when and where each of those muggings will take place, and you've shared this information in advance with the authorities each day for a year with no outward indication that they are doing anything about it. How frustrated would you be? Such is the curse of the fraud fighter known online by the handles “Brianna Ware” and “BWare” for short, a longtime member of a global group of volunteers who’ve infiltrated a cybercrime gang that disseminates fraudulent checks tied to a dizzying number of online scams.
30 June 2021

MyBook Investigation Reveals Attackers Exploited Legacy, Zero-Day Vulnerabilities

A previously unknown flaw in Western Digital's older network-attached storage systems allowed unauthenticated commands to trigger a factory reset, formatting the hard drives, says the company after its preliminary investigation.
30 June 2021

MyBook Investigation Reveals Attackers Exploited Legacy, 0-Day Vulnerabilities

A previously unknown flaw in Western Digital's older network-attached storage systems allowed unauthenticated commands to trigger a factory reset, formatting the hard drives, says the company after its preliminary investigation.
30 June 2021

Impersonation Becomes Top Phishing Technique

A new report finds IT, healthcare, and manufacturing are the industries most targeted by phishing emails.
30 June 2021

Indexsinas SMB Worm Campaign Infests Whole Enterprises

Indexsinas SMB Worm Campaign Infests Whole Enterprises The self-propagating malware's attack chain is complex, using former NSA cyberweapons, and ultimately drops cryptominers on targeted machines.
30 June 2021

Attackers Already Unleashing Malware for Apple macOS M1 Chip

Apple security expert Patrick Wardle found that some macOS malware written for the new M1 processor can bypass anti-malware tools.
30 June 2021

Global police shut down VPN service favored by cybercriminals

A global operation takes down the infrastructure of DoubleVPN and seizes data about its customers

The post Global police shut down VPN service favored by cybercriminals appeared first on WeLiveSecurity

30 June 2021

Intl. Law Enforcement Operation Takes Down DoubleVPN

The VPN service allegedly provided a means for cybercriminals to target their victims, Europol officials report.
30 June 2021

3 Things Every CISO Wishes You Understood

Ensuring the CISO's voice is heard by the board will make security top of mind for the business, its employees, and their customers.
30 June 2021

7 Skills the Transportation Sector Needs to Fuel Its Security Teams

7 Skills the Transportation Sector Needs to Fuel Its Security Teams Without a top-notch team to stop attackers, our favorite modes of transportation could come to a screeching halt.
30 June 2021