Cybersecurity News
HackerOne Drops Mobile Voting App Vendor Voatz
Bug bounty platform provider cited "Voatz's pattern of interactions with the research community" in its decision to halt the app vendor's vuln disclosure program on HackerOne.30 March 2020
Zoom Kills iOS App’s Data-Sharing Facebook Feature
Zoom removed its Facebook SDK for iOS feature after a report found the app sending Facebook "unnecessary" user data.
30 March 2020
Untangling Third-Party Risk (and Fourth, and Fifth...)
Third parties bring critical products and services to your organization. They also bring risk that must be understood and managed.
30 March 2020
Zeus Sphinx Banking Trojan Arises Amid COVID-19
The malware is back after three years, looking to cash in on interest in government relief efforts around coronavirus.
30 March 2020
Annual Protest to ‘Fight Krebs’ Raises €150K+
In 2018, KrebsOnSecurity unmasked the creators of Coinhive -- a now-defunct cryptocurrency mining service that was being massively abused by cybercriminals -- as the administrators of a popular German language image-hosting forum. In protest of that story, forum members donated hundreds of thousands of euros to nonprofits that combat cancer (Krebs means "cancer" in German). This week, the forum is celebrating its third annual observance of that protest to "fight Krebs," albeit with a Coronavirus twist.30 March 2020
Hacker hijacks YouTube accounts to broadcast Bill Gates-themed crypto Ponzi scam
UPDATE: Microsoft says none of its verified accounts were hacked. YouTube has also intervened to take down the scam's live streams.30 March 2020
Hacker hijacks Microsoft YouTube accounts to broadcast crypto Ponzi scam
Several of Microsoft's YouTube accounts appear to have been hacked.30 March 2020
Work from home: Videoconferencing with security in mind
With COVID-19 concerns canceling face-to-face meetings, be aware of the security risks of videoconferencing and how to easily overcome them
The post Work from home: Videoconferencing with security in mind appeared first on WeLiveSecurity
30 March 2020
Securing Your Remote Workforce: A Coronavirus Guide for Businesses
Often the hardest part in creating an effective awareness program is deciding what NOT to teach.30 March 2020
Zeus Sphinx malware resurrects to abuse COVID-19 fears
Operators are exploiting the pandemic in the quest to steal your financial information.30 March 2020
RDP and VPN use skyrocketed since coronavirus onset
RDP use is up by 41%, enterprise VPN use is up by 33%.29 March 2020
Voter records for the entire country of Georgia published online
A file containing voter information for 4,934,863 Georgians has been published on a hacker forum over the weekend.29 March 2020
Personal details for the entire country of Georgia published online
A file containing personal information for 4,934,863 Georgians has been published on a hacker forum over the weekend.29 March 2020
Source code of Dharma ransomware pops up for sale on hacking forums
The source code of one of today's most profitable and advanced ransomware strains is up for sale on two Russian-language hacking forums.29 March 2020
A mysterious hacker group is eavesdropping on corporate email and FTP traffic
Hacker group uses zero-day in DrayTek Vigor enterprise routers and VPN gateways to record network traffic.27 March 2020
Network of fake QR code generators will steal your Bitcoin
Nine malicious QR code generator sites have stolen $46,000 from users so far.27 March 2020
Malicious USB Drive Hides Behind Gift Card Lure
Victims are being enticed to insert an unknown USB drive into their computers.27 March 2020
Virgin Media Could Pay GB pound 4.5B for Leak Affecting 900,000 Customers
A misconfigured database holding personal data was left available online between April 2019 and February 2020.27 March 2020
The Wild, Wild West(world) of Cybersecurity
Though set in the future, HBO's "Westworld" works as an allegory for the present moment in cybersecurity.
27 March 2020
Purported Brute-Force Attack Aims at Linksys Routers as More People Work Remotely
The attack takes control of poorly secured network devices, redirecting Web addresses to a COVID-themed landing page that attempts to fool victims into downloading malware.27 March 2020