Cybersecurity News


FonixCrypter ransomware gang releases master decryption key

FonixCrypter gang claimed it shut down and deleted their ransomware's source code.
29 January 2021

WordPress Pop-Up Builder Plugin Flaw Plagues 200K Sites

WordPress Pop-Up Builder Plugin Flaw Plagues 200K Sites The flaw could have let attackers send out custom newsletters and delete newsletter subscribers from 200,000 affected websites.
29 January 2021

Microsoft 365 Becomes Haven for BEC Innovation

Microsoft 365 Becomes Haven for BEC Innovation Two new phishing tactics use the platform's automated responses to evade email filters.
29 January 2021

Cloud Security Startup Armo Emerges from Stealth with $4.5M

Armo's platform was developed to protect cloud-native workloads and provide DevOps teams with greater visibility and control.
29 January 2021

Google deploys Chrome mitigations against new NAT Slipstreaming attack

After the discovery of NAT Slipstreaming 2.0 attack this week, Google says it will block Chrome traffic on ports 69, 137, 161, 1719, 1720, 1723, 6566, and 10080.
29 January 2021

FBI Encounters: Reporting an Insider Security Incident to the Feds

FBI Encounters: Reporting an Insider Security Incident to the Feds Most insider incidents don't get reported to the FBI due to fear of debilitating business disruptions, public embarrassment, and screeching vans skidding into the parking lot to confiscate servers. But is that reality?
29 January 2021

Ransomware Payoffs Surge by 311% to Nearly $350 Million

Payments to ransomware gangs using cryptocurrency more than quadrupled in 2020, with less than 200 cryptocurrency wallets receiving 80% of funds.
29 January 2021

The Taxman Cometh for ID Theft Victims

The unprecedented volume of unemployment insurance fraud witnessed in 2020 hasn't abated, although news coverage of the issue has largely been pushed off the front pages by other events. But the ID theft problem is coming to the fore once again: Countless Americans will soon be receiving notices from state regulators saying they owe thousands of dollars in taxes on benefits they never received last year.
29 January 2021

Industrial Gear at Risk from Fuji Code-Execution Bugs

Industrial Gear at Risk from Fuji Code-Execution Bugs Fuji Electric’s Tellus Lite V-Simulator and V-Server Lite can allow attackers to take advantage of operational technology (OT)-IT convergence on factory floors, at utility plants and more.
29 January 2021

Apple iOS 14 Thwarts iMessage Attacks With BlastDoor System

Apple iOS 14 Thwarts iMessage Attacks With BlastDoor System Apple has made structural improvements in iOS 14 to block message-based, zero-click exploits.
29 January 2021

Week in security with Tony Anscombe

Law enforcement disrupts Emotet – Wormable Android malware spreading via WhatsApp – Three iOS zero-day bugs squashed

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

29 January 2021

Paving the way: Inspiring Women in Payments - A Q&A featuring Sheryl Benedict

 

After seeing the 1983 film WarGames as a child, Sheryl Benedict became fascinated by computer technology. In this edition of our blog, Sheryl explains how the thought of protecting organizations from the bad guys inspired her to achieve great things in cybersecurity.

29 January 2021

Is the Web Supply Chain Next in Line for State-Sponsored Attacks?

Attackers go after the weak links first, and the Web supply chain provides an abundance of weak links to target.
29 January 2021

Lazarus Affiliate ‘ZINC’ Blamed for Campaign Against Security Researcher

Lazarus Affiliate ‘ZINC’ Blamed for Campaign Against Security Researcher New details emerge of how North Korean-linked APT won trust of experts and exploited Visual Studio to infect systems with ‘Comebacker’ malware.
29 January 2021

2020 Marked a Renaissance in DDoS Attacks

Amid the global pandemic, cybercriminals ramped up use of one of the oldest attack techniques around.
29 January 2021

Electronic health records provider Athena to pay $18m settlement in kickback lawsuit

Athena was accused of paying under the table to push athenaClinicals software.
29 January 2021

Google bans another misbehaving CA from Chrome

Digital certificates issued by Spanish certificate authority Camerfirma will stop working in Chrome 90, in April.
29 January 2021

Google researcher discovers new iOS security system

iOS 14 shipped with BlastDoor, a new sandbox system for processing iMessages data.
28 January 2021

Law Enforcement Aims to Take Down Netwalker Ransomware

The Department of Justice has so far charged one Canadian national and seized nearly $500,000 in relation to Netwalker ransomware.
28 January 2021

Rocke Group’s Malware Now Has Worm Capabilities

Rocke Group’s Malware Now Has Worm Capabilities The Pro-Ocean cryptojacking malware now comes with the ability to spread like a worm, as well as harboring new detection-evasion tactics.
28 January 2021