Cybersecurity News


CaddyWiper: New wiper malware discovered in Ukraine

This is the third time in as many weeks that ESET researchers have spotted previously unknown data wiping malware taking aim at Ukrainian organizations

The post CaddyWiper: New wiper malware discovered in Ukraine appeared first on WeLiveSecurity

14 March 2022

Staff Think Conti Group Is a Legit Employer – Podcast

Staff Think Conti Group Is a Legit Employer – Podcast The ransomware group’s benefits – bonuses, employee of the month, performance reviews & top-notch training – might be better than yours, says BreachQuest’s Marco Figueroa.
14 March 2022

Request for Comments: Web Software Module for the PCI Secure Software Standard


From 14 March to 12 April 2022, eligible stakeholders are invited to review and provide feedback on the Web Software Module for the PCI Secure Software Standard during a 30-day request for comments (RFC) period.

14 March 2022

Cybercrooks’ Political In-Fighting Threatens the West

Cybercrooks’ Political In-Fighting Threatens the West They’re choosing sides in the Russia-Ukraine war, beckoning previously shunned ransomware groups and thereby reinvigorating those groups' once-diminished power.
14 March 2022

Automotive giant Denso confirms hack, Pandora ransomware group takes credit

Denso supplies Toyota, General Motors, and Honda, to name but a few.
14 March 2022

Ukraine reportedly adopts Clearview AI to track Russian invaders

The facial recognition technology has not been made available to Russia.
14 March 2022

Ubisoft reveals 'security incident' forcing company-wide password refresh

The gaming giant remains tight-lipped on the particulars of the assumed hack.
14 March 2022

A first look at threat intelligence and threat hunting tools

An overview of some of the most popular open-source tools for threat intelligence and threat hunting

The post A first look at threat intelligence and threat hunting tools appeared first on WeLiveSecurity

14 March 2022

Russia Issues Its Own TLS Certs

Russia Issues Its Own TLS Certs The country’s citizens are being blocked from the internet because foreign certificate authorities can't accept payments due to Ukraine-related sanctions, so it created its own CA.
11 March 2022

Week in security with Tony Anscombe

Gray zone conflicts in cyberspace – Can you identify fake news? – Top cybersecurity threats for the healthcare sector

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

11 March 2022

Report: Recent 10x Increase in Cyberattacks on Ukraine

As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians.
11 March 2022

ESET Research webinar: How APT groups have turned Ukraine into a cyber‑battlefield

Ukraine has been under cyber-fire for years now – here’s what you should know about various disruptive cyberattacks that have hit the country since 2014

The post ESET Research webinar: How APT groups have turned Ukraine into a cyber‑battlefield appeared first on WeLiveSecurity

11 March 2022

Raccoon Stealer Crawls Into Telegram

Raccoon Stealer Crawls Into Telegram The credential-stealing trash panda is using the chat app to store and update C2 addresses as crooks find creative new ways to distribute the malware.
11 March 2022

Malware Posing as Russia DDoS Tool Bites Pro-Ukraine Hackers

Malware Posing as Russia DDoS Tool Bites Pro-Ukraine Hackers Be careful when downloading a tool to cyber-target Russia: It could be an infostealer wolf dressed in sheep's clothing that grabs your cryptocurrency info instead.
10 March 2022

True or false? How to spot – and stop – fake news

How can you tell fact from fiction and avoid falling for and spreading falsehoods about the war in Ukraine?

The post True or false? How to spot – and stop – fake news appeared first on WeLiveSecurity

10 March 2022

Most Orgs Would Take Security Bugs Over Ethical Hacking Help

Most Orgs Would Take Security Bugs Over Ethical Hacking Help A new survey suggests that security is becoming more important for enterprises, but they’re still falling back on old "security by obscurity" ways.
10 March 2022

Russia May Use Ransomware Payouts to Avoid Sanctions

Russia May Use Ransomware Payouts to Avoid Sanctions FinCEN warns financial institutions to beware of unusual cryptocurrency payments or illegal transactions Russia may use to evade restrictions imposed due to its invasion of Ukraine.
10 March 2022

Multi-Ransomwared Victims Have It Coming–Podcast

Multi-Ransomwared Victims Have It Coming–Podcast Let's blame the victim. IT decision makers' confidence about security doesn't jibe with their concession that repeated incidents are their own fault, says ExtraHop's Jamie Moles.
10 March 2022

Qakbot Botnet Sprouts Fangs, Injects Malware into Email Threads

Qakbot Botnet Sprouts Fangs, Injects Malware into Email Threads The ever-shifting, ever-more-powerful malware is now hijacking email threads to download malicious DLLs that inject password-stealing code into webpages, among other foul things.
10 March 2022

APT41 Spies Broke Into 6 US State Networks via a Livestock App

APT41 Spies Broke Into 6 US State Networks via a Livestock App The China-affiliated state-sponsored threat actor used Log4j and zero-day bugs in the USAHerds animal-tracking software to hack into multiple government networks.
09 March 2022