Cybersecurity News
As Maze retires, clients turn to Sekhmet ransomware spin-off Egregor
The ransomware’s ‘retirement’ has left a hole that Egregor operators may capitalize on.04 November 2020
Police launch pilot program to tap resident Ring camera live streams
The small trial could herald a wider rollout with participating residents in the future.04 November 2020
23,600 hacked databases have leaked from a defunct 'data breach index' site
Site archive of Cit0day.in has now leaked on two hacking forums after the service shut down in September.04 November 2020
Toy maker Mattel discloses ransomware attack
Mattel said the ransomware attack had "no material impact to [its] operations or financial condition."03 November 2020
REvil ransomware gang 'acquires' KPOT malware
Ransomware gang who claims to have earned $100 million buys the source code of the KPOT information stealer trojan for $6,500.03 November 2020
Securing the 2020 Election: 'We're Not Out of the Woods Yet'
Election Day brought instances of misinformation, robocalls, and technical glitches, but officials are more worried about coming days and weeks.03 November 2020
APT Groups Get Innovative -- and More Dangerous -- in Q3
In "curious" trend, more threat actors diversified their tool sets in third quarter than usual.03 November 2020
US voters targeted with robocalls telling them to stay home or vote tomorrow
Robocalls have been reported in Florida, Georgia, Iowa, Kansas, Michigan, Nebraska, New York, New Hampshire, and North Carolina.03 November 2020
Oracle Solaris Zero-Day Attack Revealed
A threat actor is compromising telecommunications companies and targeted financial and professional consulting industries using an Oracle flaw.
03 November 2020
Neustar Agrees to Buy Verisign's Public DNS Service
The address space for Verisign Public DNS will be incorporated into Neustar's UltraDNS Public service following the acquisition.03 November 2020
APT Groups Finding Success with Mix of Old and New Tools
The APT threat landscape is a mixed bag of tried-and-true tactics and cutting-edge techniques, largely supercharged by geo-politics, a report finds.
03 November 2020
34M Records from 17 Companies Up for Sale in Cybercrime Forum
A diverse set of companies, including an adaptive-learning platform in Brazil, an online grocery service in Singapore and a cold-brew coffee-maker company, are caught up in the large data trove.
03 November 2020
Cybercrime: Nation-States Go Prime Time
Critical infrastructure remains a high-value target, but 90% of nation-states also attack other industry sectors.03 November 2020
Oracle Issues Out-of-Band Update for Remote-Access Vulnerability
The exploit could give an attacker complete control of vulnerable WebLogic servers.03 November 2020
Two Charged in SIM Swapping, Vishing Scams
Two young men from the eastern United States have been hit with identity theft and conspiracy charges for allegedly stealing bitcoin and social media accounts by tricking employees at wireless phone companies into giving away credentials needed to remotely access and modify customer account information.03 November 2020
After two zero-days in Chrome desktop, Google patches a third zero-day in the Android version
Android smartphone users are advised to update Chrome to version 86.0.4240.185 or later.03 November 2020
Two Chrome Browser Updates Plug Holes Actively Targeted by Exploits
Patches for both the Chrome desktop and Android browser address high-severity flaws with known exploits available in the wild.
03 November 2020
Google squashes two more Chrome bugs under active attacks
The updates come on the heels of news of attacks exploiting another zero-day in Chrome in tandem with a previously-unknown Windows flaw
The post Google squashes two more Chrome bugs under active attacks appeared first on WeLiveSecurity
03 November 2020
Configuration snafu exposes passwords for two million marijuana growers
Passwords for GrowDiaries users were stored using the weak MD5 hashing function, putting customer accounts at risk of attacks.03 November 2020
Women in Payments: Q&A with Gina Gobeyn
From businesswoman to cybersecurity chief, Gina Gobeyn took a nontraditional route to the payments space and found that it made all the difference. In this month’s blog series, Gobeyn explains why soft skills are just as important as technical skills when it comes to protecting data and fighting bad guys.
03 November 2020