Cybersecurity News


Fake Netflix App on Google Play Spreads Malware Via WhatsApp

Fake Netflix App on Google Play Spreads Malware Via WhatsApp The wormable malware spread from Android to Android by sending messages offering free Netflix Premium for 60 days.
07 April 2021

5 Ways to Transform Your Phishing Defenses Right Now

By transforming how you approach phishing, you can break the phishing kill chain and meaningfully reduce your business risk.
07 April 2021

Attackers Actively Seeking, Exploiting Vulnerable SAP Applications

Analysis of threat activity in mission-critical environments prompts CISA advisory urging SAP customers to apply necessary security patches and updates.
07 April 2021

Facebook: Stolen Data Scraped from Platform in 2019

Facebook: Stolen Data Scraped from Platform in 2019 The flaw that caused the leak of personal data of more than 533 million users over the weekend no longer exists; however, the social media giant still faces an investigation by EU regulators.
07 April 2021

Cartoon Caption Winner: Something Seems Afoul

Cartoon Caption Winner: Something Seems Afoul And the winner of Dark Readings's March cartoon caption contest is ...
07 April 2021

New wormable Android malware poses as Netflix to hijack WhatsApp sessions

Users are lured in with the promise of a free premium subscription.
07 April 2021

Supply‑chain attacks: When trust goes wrong, try hope?

How can organizations tackle the growing menace of attacks that shake trust in software?

The post Supply‑chain attacks: When trust goes wrong, try hope? appeared first on WeLiveSecurity

07 April 2021

Data of 553m Facebook users dumped online: how to see if you are impacted

The data is old but that doesn’t mean it still can’t be used.
07 April 2021

Microsoft Teams, Exchange Server, Windows 10 Hacked in Pwn2Own 2021

The 2021 Pwn2Own is among the largest in its history, with 23 separate entries targeting 10 products.
06 April 2021

Security Falls Short in Rapid COVID Cloud Migration

The quick pivot to the cloud for remote support also ushered in risks.
06 April 2021

Crime Service Gives Firms Another Reason to Purge Macros

Recent Trickbot campaigns and at least three common banking Trojans all attempt to infect systems using malicious macros in Microsoft Office documents created using EtterSilent.
06 April 2021

Critical Cloud Bug in VMWare Carbon Black Allows Takeover

Critical Cloud Bug in VMWare Carbon Black Allows Takeover CVE-2021-21982 affects a platform designed to secure private clouds, and the virtual servers and workloads that they contain.
06 April 2021

Chinese Hackers Selling Intimate Stolen Camera Footage

Chinese Hackers Selling Intimate Stolen Camera Footage A massive operation offers access to hacked camera feeds in bedrooms and at hotels.
06 April 2021

The Edge Pro Tip: Update Your DDoS Defense Plan

The Edge Pro Tip: Update Your DDoS Defense Plan The idea of monetizing distributed denial-of-service (DDoS) attacks dates back to the 1990s. But the rise of DDoS-for-hire services and cryptocurrencies has radically changed the landscape.
06 April 2021

Are You One of the 533M People Who Got Facebooked?

Ne'er-do-wells leaked personal data -- including phone numbers -- for some 553 million Facebook users this week. Facebook says the data was collected before 2020 when it changed things to prevent such information from being scraped from profiles. To my mind, this just reinforces the need to remove mobile phone numbers from all of your online accounts wherever feasible. Meanwhile, if you're a Facebook product user and want to learn if your data was leaked, there are easy ways to find out.
06 April 2021

SAP Bugs Under Active Cyberattack, Causing Widespread Compromise

SAP Bugs Under Active Cyberattack, Causing Widespread Compromise Cyberattackers are actively exploiting known security vulnerabilities in widely deployed, mission-critical SAP applications, allowing for full takeover and the ability to infest an organization further.
06 April 2021

Ryuk's Rampage Has Lessons for the Enterprise

The Ryuk ransomware epidemic is no accident. The cybercriminals responsible for its spread have systematically exploited weaknesses in enterprise defenses that must be addressed.
06 April 2021

9 Modern-Day Best Practices for Log Management

9 Modern-Day Best Practices for Log Management Log management is nothing new. But doing so smartly, correctly, and concisely in today's data-driven world is another story.
06 April 2021

NFT Thefts Reveal Security Risks in Coupling Private Keys & Digital Assets

Compromised NFT accounts highlight security concerns inherent in the design of centralized systems.
06 April 2021