Cybersecurity News
Pwnie Awards 2020 winners include Zerologon, CurveBall, Checkm8, BraveStarr attacks
The cybersecurity community voted for the best bugs and vulnerabilities discovered over the past year.10 December 2020
PLEASE_READ_ME Ransomware Attacks 85K MySQL Servers
Ransomware actors behind the attack have breached at least 85,000 MySQL servers, and are currently selling at least compromised 250,000 databases.
10 December 2020
Critical Cisco Jabber Bug Gets Updated Fix
A series of bugs, patched in September, still allow remote code execution by attackers.
10 December 2020
85,000 MySQL Servers Hit in Active Ransomware Campaign
Attackers pressure victims into paying ransom by publishing and offering for sale data stolen in a campaign that dates back to January.10 December 2020
Cyber Monday is Every Monday: Securing the ‘New Normal’
From eCommerce threats, to security concerns in connected speakers, Fortinet researchers discuss the top evolving threats of 2020, heading into the new year.
10 December 2020
The Line Between Physical Security & Cybersecurity Blurs as World Gets More Digital
Security teams are being challenged by the connected nature of IP devices, and preventing them from being compromised by cybercriminals has become an essential part of keeping people and property safe.10 December 2020
Romania to host the EU's new cybersecurity research hub
Romania's capital, Bucharest, was selected as host for the EU's future cybersecurity research hub.10 December 2020
Google Shares Cloud Security Tips
Anton Chuvakin, head of solution strategy at Google Cloud Security, discusses common cloud security hurdles and how to get over them.10 December 2020
Misery of Ransomware Hits Hospitals the Hardest
Ransomware attacks targeting hospitals have exacted a human cost as well as financial.
10 December 2020
Proof-of-concept exploit code published for new Kerberos Bronze Bit attack
The Kerberos Bronze Bit attack can allow intruders to bypass authentication and access sensitive network services.10 December 2020
Critical Steam Flaws Could Let Gamers to Crash Opponents’ Computers
Valve fixed critical bugs in its Steam gaming client, which is a platform for popular video games like Counter Strike: Global Offensive, Dota2 and Half Life.
10 December 2020
Cybersecurity Advent calendar: Tips for buying gifts and not receiving coal
While shopping for the perfect presents, be on the lookout for naughty cybercriminals trying to ruin your Christmas cheer by tricking you out of both gifts and money
The post Cybersecurity Advent calendar: Tips for buying gifts and not receiving coal appeared first on WeLiveSecurity
10 December 2020
Operation StealthyTrident: corporate software under attack
LuckyMouse, TA428, HyperBro, Tmanger and ShadowPad linked in Mongolian supply-chain attack
The post Operation StealthyTrident: corporate software under attack appeared first on WeLiveSecurity
10 December 2020
njRAT Trojan operators are now using Pastebin as alternative to central command server
Avoiding C2 infrastructure could help hackers avoid detection.10 December 2020
Remote code execution vulnerability uncovered in Starbucks mobile platform
The researcher’s report revealed multiple endpoints vulnerable to the same flaw.10 December 2020
Hackers are selling more than 85,000 SQL databases on a dark web portal
Hackers break into databases, steal their content, hold it for ransom for 9 days, and then sell to the highest bidder if the DB owner doesn't want to pay the ransom demand.09 December 2020
Researcher Developed New Kernel-Level Exploits for Old Vulns in Windows
Problem has to do with a print driver component found in all versions of Windows going back to Windows 7, security researcher from Singular Security Lab says at Black Hat Europe 2020.09 December 2020
Adobe to block Flash content from running on January 12, 2021
Adobe releases final Flash update with stronger language asking users to uninstall the app before its EOL.09 December 2020
Ransomware Makes Up Half of All Major Incidents
Misconfigurations and lack of visibility allow attackers to compromise networks and monetize their intrusions, according to CrowdStrike's analysis of about 200 incidents.09 December 2020