Cybersecurity News


Remote Desktop Bugs: Patches That Took Priority in a Pandemic Year

Remote Desktop flaws were a patching priority this year as Microsoft distributed fixes and businesses scrambled to protect remote employees.
28 December 2020

Homomorphic Encryption: The 'Golden Age' of Cryptography

Homomorphic Encryption: The 'Golden Age' of Cryptography The ability to perform complex calculations on encrypted data promises a new level of privacy and data security for companies in the public and private sectors. So when can they get started?
28 December 2020

Vietnam targeted in complex supply chain attack

Hackers have inserted malware inside an app offered for download by the Vietnam Government Certification Authority (VGCA).
28 December 2020

Smart tech gifts: How to keep your kids and family safe

Cyberthreats can take the fun out of connected gadgets – here's how to make sure your children enjoy the tech without putting themselves or their family at risk

The post Smart tech gifts: How to keep your kids and family safe appeared first on WeLiveSecurity

25 December 2020

Russian crypto-exchange Livecoin hacked after it lost control of its servers

Hackers gained access to the Livecoin portal and modified exchange rates to 10-15 times their normal values.
24 December 2020

Amazon Gift Card Scam Delivers Dridex This Holiday Season

Dridex operators launch a social engineering scam that promises victims a $100 gift card but delivers a banking Trojan.
24 December 2020

Citrix devices are being abused as DDoS attack vectors

Citrix says it's working on a fix, expected next year.
24 December 2020

Windows Zero-Day Still Circulating After Faulty Fix

Windows Zero-Day Still Circulating After Faulty Fix The LPE bug could allow an attacker to install programs; view, change, or delete data; or create new accounts with full user rights.
24 December 2020

Quarterbacking Vulnerability Remediation

It's time that security got out of the armchair and out on the field.
24 December 2020

HelpSystems Acquires Data Security Firm Vera

The purchase is intended to increase London-based HelpSystems' file collaboration security capabilities.
24 December 2020

Delivering Santa from Third-Party Risk

Delivering Santa from Third-Party Risk 2020 has made even St. Nick susceptible to the risks associated with the coronavirus pandemic. Fortunately, cybersecurity experts are ready to help the merry old elf with advice on reducing risks to his global operations.
24 December 2020

Microsoft, McAfee, Rapid7, and Others Form New Ransomware Task Force

Industry group wants to get a framework in the hands of the new administration's cybersecurity officials by early spring 2021.
23 December 2020

White Ops Announces Its Acquisition

A group including Goldman Sachs Merchant Banking Division, ClearSky Security, and NightDragon has purchased the human verification technology company.
23 December 2020

Lazarus Group Hits COVID-19 Vaccine-Maker in Espionage Attack

Lazarus Group Hits COVID-19 Vaccine-Maker in Espionage Attack The nation-state actor is looking to speed up vaccine development efforts in North Korea.
23 December 2020

Data breach hits 30,000 signed up to workplace pensions provider

Data breach hits 30,000 signed up to workplace pensions provider

Fraud worries as UK company Now:Pensions says ‘third-party contractor’ posted personal details of clients to online public forum

About 30,000 customers of Now:Pensions face an anxious Christmas after a serious data breach at the pensions provider led to their sensitive personal details being posted on the internet.

In an email sent to affected customers, the workplace pensions firm warned that names, postal and email addresses, birth dates and National Insurance numbers all appeared in a public forum online.

Continue reading...
23 December 2020

Lazarus Group Seeks Intelligence Related to COVID-19

Researchers attribute attacks targeting a pharmaceutical company and a government ministry related to COVID-19 response.
23 December 2020

Third-Party APIs: How to Prevent Enumeration Attacks

Third-Party APIs: How to Prevent Enumeration Attacks Jason Kent, hacker-in-residence at Cequence, walks through online-retail card fraud and what to do about it.
23 December 2020

Hey Alexa, Who Am I Messaging?

Hey Alexa, Who Am I Messaging? Research shows that microphones on digital assistants are sensitive enough to record what someone is typing on a smartphone to steal PINs and other sensitive info.
23 December 2020

Emotet Returns to Hit 100K Mailboxes Per Day

Emotet Returns to Hit 100K Mailboxes Per Day Just in time for the Christmas holiday, Emotet is sending the gift of Trickbot.
23 December 2020

Enterprise IoT Security Is a Supply Chain Problem

Organizations that wish to take advantage of the potential benefits of IoT systems in enterprise environments should start evaluating third-party risk during the acquisition process.
23 December 2020