Cybersecurity News
TeaBot Trojan Targets Banks via Hijacked Android Handsets
Malware first observed in Italy can steal victims’ credentials and SMS messages as well as livestream device screens on demand.
ESET Research goes to RSA Conference 2021 with two presentations
We will explore two threats – Android stalkerware and XP exploits
The post ESET Research goes to RSA Conference 2021 with two presentations appeared first on WeLiveSecurity
ESET Research goes to RSA Conference 2021 with record number of presentations
We will explore Android stalkerware, air-gapped networks and XP exploits
The post ESET Research goes to RSA Conference 2021 with record number of presentations appeared first on WeLiveSecurity
Researchers track down five affiliates of DarkSide ransomware service
Customers of the RaaS can deploy malware as they see fit and dictate the content of leaks.FBI, CISA publish alert on DarkSide ransomware
The advisory deals with ransomware-as-a-service, thrust into the spotlight by the Colonial Pipeline cyberattack.You Are a Target
You may not realize it, but you are a target. Your computer, work, personal accounts, and your information are all highly valuable to cyber criminals. Be mindful that bad guys are out to get you.A Startup With NSA Roots Wants Silently Disarming Cyberattacks on the Wire to Become the Norm
Trinity Cyber takes a new spin on some traditional network-security techniques, but can its approach catch on widely?
Adobe Issues Patch for Acrobat Zero-Day
The vulnerability is being exploited in limited attacks against Adobe Reader users on Windows.Application Attacks Spike as Criminals Target Remote Workers
Application-specific and Web application attacks made up 67% of all attacks in 2020 as criminal strategies shifted in the pandemic.Microsoft Patch Tuesday: 4 Critical CVEs, 3 Publicly Known, 1 Wormable
Microsoft releases security patches for 55 vulnerabilities in its monthly roundup, which includes a critical, wormable flaw in the HTTP protocol stack.Microsoft Patch Tuesday, May 2021 Edition
Microsoft today released fixes to plug at least 55 security holes in its Windows operating systems and other software. Four of these weaknesses can be exploited by malware and malcontents to seize complete, remote control over vulnerable systems without any help from users. On deck this month are patches to quash a wormable flaw, a creepy wireless bug, and yet another reason to call for the death of Microsoft's Internet Explorer (IE) web browser.Wormable Windows Bug Opens Door to DoS, RCE
Microsoft's May 2021 Patch Tuesday updates include fixes for four critical security vulnerabilities.
GitHub Prepares to Move Beyond Passwords
GitHub adds support for FIDO2 security keys for Git over SSH to fend off account hijacking and further its plan to stick a fork in the security bane of passwords.
Cartoon Caption Winner: Greetings, Earthlings
And the winner of Dark Reading's April cartoon caption contest is ...
Hackers Leverage Adobe Zero-Day Bug Impacting Acrobat Reader
A patch for Adobe Acrobat, the world’s leading PDF reader, fixes a vulnerability under active attack affecting both Windows and macOS systems that could lead to arbitrary code execution.
E-commerce Payment Security: A Perspective from Brazil
It has been more than a year since the outbreak of the COVID-19 global pandemic which has had a significant impact on health, lifestyles, and the way business is done. In the world of payments, many businesses have had to reinvent themselves and adapt to remote transactions and the world of e-commerce (in many cases on the cloud). On this blog, we discuss the challenges of e-commerce on payment security in Brazil with Carlos Caetano, Associate Regional Director, Brazil for the PCI Security Standards Council (PCI SSC) and Gerson Rolim, Antifraud and Internet Payments Steering Committees Coordinator, Camara-e.net. Camara-e.net is a member of the PCI Brazil Regional Engagement Board (REB), a board that represents the perspectives of PCI Participating Organizations and PCI constituents in Brazil, advising and providing feedback and guidance to the PCI SSC on standards and programs development and adoption in Brazil.
Fake Chrome App Anchors Rapidly Worming ‘Smish’ Cyberattack
An ingenious attack on Android devices self-propagates, with the potential for a range of damage.
3 Cybersecurity Myths to Bust
Deeply rooted cybersecurity misconceptions are poisoning our ability to understand and defend against attacks.A Closer Look at the DarkSide Ransomware Gang
The FBI confirmed this week that a relatively new ransomware group known as DarkSide is responsible for an attack that caused Colonial Pipeline to shut down 5,550 miles of pipe, stranding countless barrels of gasoline, diesel and jet fuel on the Gulf Coast. Here's a closer look at the DarkSide cybercrime gang, as seen through their negotiations with a recent U.S. victim that earns $15 billion in annual revenue.Shifting Threats in a Changed World: Edge, IoT and Vaccine Fraud
Aamir Lakhani, researcher at FortiGuard Labs, discusses leading-edge threats related to edge access/browsers/IoT, and the COVID-19 vaccine, as a way of getting into larger organizations.