Cybersecurity News


Microsoft Patch Tuesday, June 2022 Edition

Microsoft on Tuesday released software updates to fix 60 security vulnerabilities in its Windows operating systems and other software, including a zero-day flaw in all supported Microsoft Office versions on all flavors of Windows that's seen active exploitation for at least two months now. On a lighter note, Microsoft is officially retiring its Internet Explorer (IE) web browser, which turns 27 years old this year.
15 June 2022

Ransomware Group Debuts Searchable Victim Data

Cybercrime groups that specialize in stealing corporate data and demanding a ransom not to publish it have tried countless approaches to shaming their victims into paying. The latest innovation in ratcheting up the heat comes from the ALPHV/BlackCat ransomware group, which has traditionally published any stolen victim data on the Dark Web. Today, however, the group began publishing individual victim websites on the public Internet, with the leaked data made available in an easily searchable form.
14 June 2022

Paving the Way: Inspiring Women in Payments - A Q&A featuring Laura Godoy

 

Laura Godoy is all too familiar with the “glass ceiling” that exists for women in technology professions. Over the years she has seen many women abandon their careers and their dreams because of societal beliefs about the roles of women. In this edition of our blog, Laura discusses her passion for fighting for equality for women in technology professions and how women already have the tools to change their working conditions.

14 June 2022

Kaiser Permanente Exposes Nearly 70K Medical Records in Data Breach

Kaiser Permanente Exposes Nearly 70K Medical Records in Data Breach Attackers gained access to private account details through an email compromise incident that occurred in April.
14 June 2022

Linux Malware Deemed ‘Nearly Impossible’ to Detect

Linux Malware Deemed ‘Nearly Impossible’ to Detect Symbiote, discovered in November, parasitically infects running processes so it can steal credentials, gain rootlkit functionality and install a backdoor for remote access.
14 June 2022

“Downthem” DDoS-for-Hire Boss Gets 2 Years in Prison

A 33-year-old Illinois man was sentenced to two years in prison today following his conviction last year for operating services that allowed paying customers to launch powerful distributed denial-of-service (DDoS) attacks against hundreds of thousands of Internet users and websites.
13 June 2022

Request for Comments: New Mobile Payments on COTS (MPoC) Standard


From 13 June to 15 July 2022, Participating Organizations, PCI-recognized Laboratories, PCI-recognized Assessors, and Approved Scanning Vendors are invited to review and provide feedback on the new Mobile Payments on COTS (MPoC) Standard during a 30-day request for comments (RFC) period.

13 June 2022

Bluetooth Signals Can Be Used to Track Smartphones, Say Researchers

Bluetooth Signals Can Be Used to Track Smartphones, Say Researchers Researchers demonstrated a possible way to track individuals via Bluetooth signals.
13 June 2022

Industroyer: A cyber‑weapon that brought down a power grid

Five years ago, ESET researchers released their analysis of the first ever malware that was designed specifically to attack power grids

The post Industroyer: A cyber‑weapon that brought down a power grid appeared first on WeLiveSecurity

13 June 2022

Adconion Execs Plead Guilty in Federal Anti-Spam Case

On the eve of their federal criminal trial for allegedly stealing vast swaths of Internet addresses for use in large-scale email spam campaigns, three current or former executives at online advertising firm Adconion Direct have agreed to plead guilty to lesser misdemeanor charges of fraud and misrepresentation via email.
10 June 2022

3 takeaways from RSA Conference 2022 – Week in security with Tony Anscombe

Here are three themes that stood out at the world's largest gathering of cybersecurity professionals

The post 3 takeaways from RSA Conference 2022 – Week in security with Tony Anscombe appeared first on WeLiveSecurity

10 June 2022

RSA – APIs, your organization’s dedicated backdoors

API-based data transfer is so rapid, there’s but little time to stop very bad things happening quickly

The post RSA – APIs, your organization’s dedicated backdoors appeared first on WeLiveSecurity

10 June 2022

U.S. Water Utilities Prime Cyberattack Target, Experts

U.S. Water Utilities Prime Cyberattack Target, Experts Environmentalists and policymakers warn water treatment plants are ripe for attack.
10 June 2022

Potent Emotet Variant Spreads Via Stolen Email Credentials

Potent Emotet Variant Spreads Via Stolen Email Credentials The dangerous malware appears to be well and truly back in action, sporting new variants and security-dodging behaviors in a wave of recent phishing campaigns.
10 June 2022

Why you can't trust Instagram

Weeks after I reported that my Instagram account had been hacked, Instagram remained silent. My account is now long gone.
09 June 2022

Feds Forced Travel Firms to Share Surveillance Data on Hacker

Feds Forced Travel Firms to Share Surveillance Data on Hacker Sabre and Travelport had to report the weekly activities of former “Cardplanet” cybercriminal Aleksei Burkov for two years, info that eventually led to his arrest and prosecution.
09 June 2022

RSA – Creepy real‑world edition

Digital fiddling somehow got mixed up in a real war

The post RSA – Creepy real‑world edition appeared first on WeLiveSecurity

09 June 2022

This new Linux malware is 'almost impossible' to detect

Symbiote is parasitic malware that provides rootkit-level functionality.
09 June 2022

RSA – Digital healthcare meets security, but does it really want to?

Technology is understandably viewed as a nuisance to be managed in pursuit of the health organizations’ primary mission

The post RSA – Digital healthcare meets security, but does it really want to? appeared first on WeLiveSecurity

08 June 2022

Taming the Digital Asset Tsunami

Taming the Digital Asset Tsunami Rob Gurzeev, CEO and Co-Founder of CyCognito, explores external attack surface soft spots tied to an ever-expanding number of digital assets companies too often struggle to keep track of and manage effectively.
08 June 2022