Cybersecurity News


Scam-as-a-Service operation made more than $6.5 million in 2020

"Classiscam" operation is made up of around 40 groups operating in the US and across several European countries.
14 January 2021

Ring trials customer video end-to-end encryption for smart doorbells

The security feature will be opt-in for users that want to encrypt their video feeds.
14 January 2021

Hackers leak stolen COVID‑19 vaccine documents

The documents related to COVID-19 vaccine and medications were stolen from the EU's medicines agency last month

The post Hackers leak stolen COVID‑19 vaccine documents appeared first on WeLiveSecurity

13 January 2021

TikTok Takes Teen Accounts Private

TikTok Takes Teen Accounts Private The company announced accounts for ages 13-15 will default to privacy setting, among other safety measures.
13 January 2021

SolarWinds Attackers May Have Hit Mimecast, Driving New Concerns

Mimecast no longer uses the SolarWinds Orion network management software that served as an attack vector for thousands of organizations.
13 January 2021

High-Severity Cisco Flaw Found in CMX Software For Retailers

High-Severity Cisco Flaw Found in CMX Software For Retailers Cisco fixed high-severity flaws tied to 67 CVEs overall, including ones found inits AnyConnect Secure Mobility Client and in its RV110W, RV130, RV130W, and RV215W small business routers.
13 January 2021

Critical WordPress-Plugin Bug Found in ‘Orbit Fox’ Allows Site Takeover

Critical WordPress-Plugin Bug Found in ‘Orbit Fox’ Allows Site Takeover Two security vulnerabilities -- one a privilege-escalation problem and the other a stored XSS bug -- afflict a WordPress plugin with 40,000 installs.
13 January 2021

Iranian cyberspies behind major Christmas SMS spear-phishing campaign

Iranian hackers managed to successfully hide URLs to phishing sites behind legitimate google.com links.
13 January 2021

Huntress Acquires EDR Technology From Level Effect

Huntress seeks to improve its detection and response capabilities with a more comprehensive view of endpoint security.
13 January 2021

Virtual Pen-Testing Competition Tasks College Students With Running a Red Team Operation

Aimed at developing offensive cyber talent, last weekend's sixth annual Collegiate Penetration Testing Competition brought out some of the brightest from RIT and Stanford, among other universities.
13 January 2021

Understanding TCP/IP Stack Vulnerabilities in the IoT

Understanding TCP/IP Stack Vulnerabilities in the IoT Internet of Things devices are highly susceptible to attacks, breaches, and flaws emanating from issues within the TCP/IP network communications architecture. Here's an overview of what you need to know to mitigate risks.
13 January 2021

Hackers Leak Stolen Pfizer-BioNTech COVID-19 Vaccine Data

Hackers Leak Stolen Pfizer-BioNTech COVID-19 Vaccine Data On the heels of a cyberattack on the EMA, cybercriminals have now leaked Pfizer and BioNTech COVID-19 vaccine data on the internet.
13 January 2021

Sophisticated Hacks Against Android, Windows Reveal Zero-Day Trove

Sophisticated Hacks Against Android, Windows Reveal Zero-Day Trove Watering-hole attacks executed by ‘experts’ exploited Chrome, Windows and Android flaws and were carried out on two servers.
13 January 2021

CES 2021: Router swarms invade your home (and know where you are)

New mesh Wi-Fi routers may be the answer to your wireless signal woes, but how about your privacy and security?

The post CES 2021: Router swarms invade your home (and know where you are) appeared first on WeLiveSecurity

13 January 2021

The Data-Centric Path to Zero Trust

Data is an organization's most valuable asset, so a data-centric approach would provide the best value for organizations, now and in the future.
13 January 2021

TikTok tightens up privacy controls for young users

The default privacy setting for young users will now be set to private.
13 January 2021

CISOs Prep For COVID-19 Exposure Notification in the Workplace

CISOs Prep For COVID-19 Exposure Notification in the Workplace Security teams are preparing for the inevitable return to the workplace - and the privacy implications of exposure notification apps that companies may need to adopt.
13 January 2021

RG Coins cryptocurrency exchange owner lands 10 years behind bars for money laundering

Prosecutors uncovered fake auctions, scammed customers, and a web of cash-to-cryptocurrency schemes.
13 January 2021

Adobe fixes critical code execution vulnerabilities in 2021's first major patch round

Seven different products have received fixes during January’s security update.
13 January 2021

Microsoft Patch Tuesday, January 2021 Edition

Microsoft today released updates to plug more than 80 security holes in its Windows operating systems and other software, including one that is actively being exploited and another which was disclosed prior to today. Ten of the flaws earned Microsoft's most-dire "critical" rating, meaning they could be exploited by malware or miscreants to seize remote control over unpatched systems with little or no interaction from Windows users.
12 January 2021