Cybersecurity News
PGMiner, Innovative Monero-Mining Botnet, Surprises Researchers
The malware takes aim at PostgreSQL database servers with never-before-seen techniques.
11 December 2020
Microsoft Warns of Powerful New Adware
The new adware, dubbed Adrozek, is being distributed by large, well organized threat actors, according to Microsoft research.11 December 2020
Feds: K-12 Cyberattacks Dramatically on the Rise
Attackers are targeting students and faculty alike with malware, phishing, DDoS, Zoom bombs and more, the FBI and CISA said.
11 December 2020
Facebook Shutters Accounts Used in APT32 Cyberattacks
Facebook shut down accounts and Pages used by two separate threat groups to spread malware and conduct phishing attacks.
11 December 2020
7 Security Tips For Gamers
Gamers can expect to be prime targets over the holidays as COVID-19 rages on. Here's some advice on how to keep hackers at bay.
11 December 2020
'Tis the Season to Confront Third-Party Risk
On any given day it's hard to ensure that outside companies and individuals adhere to an organization's security practices and policies. But when it's the holidays and, oh, a global pandemic, companies need to be extra vigilant.
11 December 2020
Penetration Testing: A Road Map for Improving Outcomes
As cybersecurity incidents gain sophistication, to ensure we are assessing security postures effectively, it is critical to copy real-world adversaries' tools, tactics, and procedures during testing activities.11 December 2020
Mastercard, Visa cut card payment ties with Pornhub over child abuse, illegal content allegations
Mastercard has terminated services whereas Visa has placed a temporary hold on card payments.11 December 2020
Is your trading app putting your money at risk?
A Q&A with security researcher Alejandro Hernández, who has unearthed a long list of vulnerabilities in leading trading platforms that may expose their users to a host of security and privacy risks
The post Is your trading app putting your money at risk? appeared first on WeLiveSecurity
11 December 2020
Critical CSRF vulnerability found on Glassdoor company review platform
The critical flaw impacted both job seeker and employer accounts on the web domain.11 December 2020
CISA and FBI warn of rise in ransomware attacks targeting K-12 schools
The percentage of ransomware attacks against K-12 schools increased at the beginning of the 2020 school year11 December 2020
Facebook doxes APT32, links Vietnam's primary hacking group to local IT firm
Facebook suspends accounts linked to APT32, says the group used its platform to spread malware.10 December 2020
Knowing What the Enemy Knows Is Key to Proper Defense
Think like an attacker if you want to understand your attack surface, says security researcher at Black Hat Europe.10 December 2020
Juvenile Pleads Guilty to 2016 DNS Attack
Mirai botnet was used to target Sony in an attack that took down DynDNS and a number of its notable customers.10 December 2020
Tech unicorn UiPath discloses data breach
EXCLUSIVE: UiPath admits to accidentally exposing a file containing the personal details of some of its registered users.10 December 2020
Contact-Tracing Apps Still Expose Users to Security, Privacy Issues
Of nearly 100 apps tested, 40% have significant security issues, using either GPS locations or bespoke Bluetooth proximity detection to determine exposure.10 December 2020
'Fingerprint-Jacking' Attack Technique Manipulates Android UI
Researchers explore fingerprint-jacking, a user interface-based attack that targets fingerprints scanned into Android apps.10 December 2020
Defending the Intelligent Edge from Evolving Attacks
Fortinet's Aamir Lakhani discusses best practices for securing company data against next-gen threats, like edge access trojans (EATs).
10 December 2020
FireEye Breach Fallout Yet to Be Felt
Aftermath of the FireEye breach by Russia's foreign service agency raises concerns over what the attackers could do next - and how to defend against it.10 December 2020
Chinese APT suspected of supply chain attack on Mongolian government agencies
Chinese hackers have compromised the update mechanism of a chat app used by hundreds of Mongolian government agencies.10 December 2020