Cybersecurity News


Skype Phishing Attack Targets Remote Workers’ Passwords

Skype Phishing Attack Targets Remote Workers’ Passwords Attackers are sending convincing emails that ultimately steal victims' Skype credentials.
23 April 2020

The Evolving Threat of Credential Stuffing

Bots' swerve to focus on APIs means businesses must take the threat seriously and take effective action.
23 April 2020

Fake Skype, Signal Apps Used to Spread Surveillanceware

Fake Skype, Signal Apps Used to Spread Surveillanceware Threat groups are increasingly relying on trojanized apps pretending to be legitimate - such as Skype or Signal - but are really spreading surveillanceware.
23 April 2020

NSA shares list of vulnerabilities commonly exploited to plant web shells

NSA and ASD issue joint advisory on detecting and dealing with web shells.
23 April 2020

As we turn to remote working, Malwarebytes joins VPN fray

The new Malwarebytes Privacy VPN has been launched at a time VPN adoption is likely on the rise.
23 April 2020

SBA reveals potential data breach impacting 8,000 emergency business loan applicants

A US Senator says that the White House has “got to get it together.”
23 April 2020

ESET takes down VictoryGate cryptomining botnet

More than 35,000 computers believed to have been infected, according to ESET's sinkhole data.
23 April 2020

Scammers are now taking advantage of US small business relief fund in phishing emails

New campaigns are capitalizing not just on coronavirus fears but also on the outbreak’s financial ramifications.
23 April 2020

Following ESET’s discovery, a Monero mining botnet is disrupted

ESET researchers discover, and play a key role in the disruption of, a 35,000-strong botnet spreading in Latin America via infected USB drives

The post Following ESET’s discovery, a Monero mining botnet is disrupted appeared first on WeLiveSecurity

23 April 2020

Email bungle at company seeking jobkeeper payments exposes staff's personal details

Email bungle at company seeking jobkeeper payments exposes staff's personal details

Names, addresses and birthdates of more than 100 people shared in privacy breach

The company responsible for delivering traffic reports on radio and TV stations across Australia accidentally sent out the dates of birth, names and home addresses of more than 100 current and former staff to potentially thousands of people as the company seeks to apply for the jobkeeper payments.

Australian Traffic Network provides short traffic report updates during news bulletins to 80 radio and television stations, including the ABC, Seven, Nine, 10, 2GB and Triple M.

Related: As Australia takes on Google and Facebook over news content, the world is watching | Margaret Simons

Continue reading...
22 April 2020

Valve says it's safe to play CS:GO and TF2 after source code leaked online

Old 2017 source code for Counter-Strike: Global Offensive and Team Fortress 2 leaked online today on 4chan.
22 April 2020

Attackers Prefer Ransomware to Stealing Data

Financial data is still in demand, but ransomware becomes the most popular way to try to cash in from compromised companies, according to Trustwave.
22 April 2020

IBM Cloud Data Shield Brings Confidential Computing to Public Cloud

The Cloud Data Shield relies on confidential computing, which protects data while it's in use by enterprise applications.
22 April 2020

Fast-Moving DDoS Botnet Exploits Unpatched ZyXel RCE Bug

Fast-Moving DDoS Botnet Exploits Unpatched ZyXel RCE Bug The rapidly evolving Hoaxcalls botnet is exploiting an unpatched vulnerability in the ZyXEL Cloud CNM SecuManager in a bid to widen its spread.
22 April 2020

Apple iOS Zero-Day Vulnerabilities Exploited in Targeted Attacks

One of the flaws is remotely exploitable with no user interaction needed, ZecOps says.
22 April 2020

NSA Issues Guidance for Combating Web Shell Malware

The US intelligence agency teamed up with Australian Signals Directorate in newly released information on how to protect Web servers from the malware.
22 April 2020

5 Ways to Prove Security's Worth in the Age of COVID-19

5 Ways to Prove Security's Worth in the Age of COVID-19 Tightened budgets are placing jobs at risk, but security pros say they're armed with ways to demonstrate that what they're doing merits keeping them employed.
22 April 2020

11 Tips for Protecting Active Directory While Working from Home

To improve the security of your corporate's network, protect the remote use of AD credentials.
22 April 2020

Security researcher identifies new APT group mentioned in 2017 Shadow Brokers leak

Shadow Brokers data dump yields another one of its secrets
22 April 2020

Learning From the Honeypot: A Researcher and a Duplicitous Docker Image

Learning From the Honeypot: A Researcher and a Duplicitous Docker Image When Larry Cashdollar set up a honeypot in a Docker image, he found behavior that was more enlightening than he had imagined.
22 April 2020