Cybersecurity News


RCE ‘Bug’ Found and Disputed in Popular PHP Scripting Framework

RCE ‘Bug’ Found and Disputed in Popular PHP Scripting Framework Impacted are PHP-based websites running a vulnerable version of the web-app creation tool Zend Framework and some Laminas Project releases.
05 January 2021

China's APT Groups May Be Looking to Cash In

Two campaigns have resulted in encrypted drives and ransom notes, suggesting that some China-linked nation-state advanced persistent threat groups have added financial gain as a motive, researchers say.
05 January 2021

Cyberattacks on Healthcare Spike 45% Since November

Cyberattacks on Healthcare Spike 45% Since November The relentless rise in COVID-19 cases is battering already frayed healthcare systems — and ransomware criminals are using the opportunity to strike.
05 January 2021

SolarWinds Hit With Class-Action Lawsuit Following Orion Breach

SolarWinds shareholders accuse the company of lying about its security practices ahead of the disclosure of a massive security incident.
05 January 2021

FBI, CISA, NSA & ODNI Cite Russia in Joint Statement on 'Serious' SolarWinds Attacks

The attacks appear to be an "intelligence-gathering" mission, the agencies said.
05 January 2021

US government formally blames Russia for SolarWinds hack

Joint statement from the FBI, CISA, ODNI, and NSA says SolarWinds hack was "likely Russian in origin."
05 January 2021

Stolen employee credentials put leading gaming firms at risk

It’s hardly fun and games for top gaming companies and their customers as half a million employee credentials turn up for sale on the dark web

The post Stolen employee credentials put leading gaming firms at risk appeared first on WeLiveSecurity

05 January 2021

Telegram Triangulation Pinpoints Users’ Exact Locations

Telegram Triangulation Pinpoints Users’ Exact Locations The "People Nearby" feature in the secure messaging app can be abused to unmask a user's precise location, a researcher said.
05 January 2021

Google Warns of Critical Android Remote Code Execution Bug

Google Warns of Critical Android Remote Code Execution Bug Google's Android security update addressed 43 bugs overall affecting Android handsets, including Samsung phones.
05 January 2021

Hamas May Be Threat to 8chan, QAnon Online

In October 2020, KrebsOnSecurity looked at how a web of sites connected to conspiracy theory movements QAnon and 8chan were being kept online by DDoS-Guard, a dodgy Russian firm that also hosts the official site for the terrorist group Hamas. New research shows DDoS-Guard relies on data centers provided by a U.S.-based publicly traded company, which experts say could be exposed to civil and criminal liabilities as a result of DDoS-Guard's business with Hamas.
05 January 2021

Italian mobile operator offers to replace SIM cards after massive data breach

Hackers stole the personal data for 2.5 million Ho Mobile subscribers.
05 January 2021

Major Gaming Companies Hit with Ransomware Linked to APT27

Major Gaming Companies Hit with Ransomware Linked to APT27 Researchers say a recent attack targeting videogaming developers has 'strong links' to the infamous APT27 threat group.
05 January 2021

ElectroRAT Drains Cryptocurrency Wallet Funds of Thousands

ElectroRAT Drains Cryptocurrency Wallet Funds of Thousands At least 6,500 cryptocurrency users have been infected by new, 'extremely intrusive' malware that's spread via trojanized macOS, Windows and Linux apps.
05 January 2021

Hackers target cryptocurrency users with new ElectroRAT malware

Intezer Labs said it discovered fake cryptocurrency apps laced with ElectroRAT, a new Go-based malware strain.
05 January 2021

What You Need to Know About California's New Privacy Rules

Proposition 24 will change Californians' rights and business's responsibilities regarding consumer data protection.
05 January 2021

Data from August Breach of Amazon Partner Juspay Dumped Online

Data from August Breach of Amazon Partner Juspay Dumped Online Researcher discovered info of 35 million credit-card users from an attack on the Indian startup, which handles payments for numerous online marketplaces.
05 January 2021

As coronavirus cases surge, so do cyberattacks against the healthcare sector

Researchers say healthcare organizations have faced a 45% spike in attacks since November.
05 January 2021

Ransomware Gang Collects Data from Blood Testing Lab

Ransomware Gang Collects Data from Blood Testing Lab Apex Laboratory patient data was lifted and posted on a leak site.
04 January 2021

Microsoft Source Code Exposed: What We Know & What It Means

Microsoft says there is no increase in security risk; however, experts say access to source code could make some steps easier for attackers.
04 January 2021

Researcher Breaks reCAPTCHA With Google’s Speech-to-Text API

Researcher Breaks reCAPTCHA With Google’s Speech-to-Text API Researcher uses an old unCAPTCHA trick against latest the audio version of reCAPTCHA, with a 97 percent success rate.
04 January 2021