Cybersecurity News
Light-Based Attacks Expand in the Digital Home
The team that hacked Amazon Echo and other smart speakers using a laser pointer continue to investigate why MEMS microphones respond to sound.
25 November 2020
YouTube suspends OANN for allegedly peddling fake COVID-19 cures
If the outlet wants to monetize videos in the future, it must reapply to YouTube’s member program.25 November 2020
Home Depot agrees to $17.5 million settlement over 2014 data breach
The US retailer’s point-of-sale systems were infected with malware.25 November 2020
Latest Version of TrickBot Employs Clever New Obfuscation Trick
The malware takes advantage of how the Windows command line interpreter works to try and slip past anti-detection tools, Huntress Labs says.24 November 2020
Baidu Apps Leaked Location Data, Machine Learning Reveals
Several apps available on the Google Play Store, including two made by Chinese Internet giant Baidu, leaked information about the phone's hardware and location without the user's knowledge, research finds.24 November 2020
How Ransomware Defense is Evolving With Ransomware Attacks
As data exfiltration threats and bigger ransom requests become the norm, security professionals are advancing from the basic "keep good backups" advice.
24 November 2020
CISA Warns of Holiday Online Shopping Scams
The agency urges shoppers to be cautious of fraudulent websites, unsolicited emails, and unencrypted financial transactions.24 November 2020
Post-Breach, Peatix Data Reportedly Found on Instagram, Telegram
Events application Peatix this week disclosed a data breach, after user account information reportedly began circulating on Instagram and Telegram.
24 November 2020
Alexa, Disarm the Victim's Home Security System
Researchers who last year hacked popular voice assistants with laser pointers take their work to the next level.24 November 2020
2FA bypass discovered in web hosting software cPanel
More than 70 million sites are managed via cPanel software, according to the company.24 November 2020
‘Minecraft Mods’ Attack More Than 1 Million Android Devices
Fake Minecraft Modpacks on Google Play deliver millions of abusive ads and make normal phone use impossible.
24 November 2020
Cloud Security Startup Lightspin Emerges From Stealth
The startup, founded by former white-hat hackers, has secured a $4 million seed round to close security gaps in cloud environments.24 November 2020
US Treasury's OFAC Ransomware Advisory: Navigating the Gray Areas
Leveraging the right response strategy, following the regulations, and understanding the ransom entity are the fundamentals in any ransomware outbreak.
24 November 2020
What's in Store for Privacy in 2021
Changes are coming to the privacy landscape, including more regulations and technologies.24 November 2020
Smart Doorbells on Amazon, eBay, Harbor Serious Security Issues
Matt Lewis, with NCC Group, talks to Threatpost about a slew of security and privacy issues found in smart doorbells that are being sold on Amazon and eBay.
24 November 2020
Baidu Apps in Google Play Leak Sensitive Data
Cyberattackers could use the information to track users across devices, disable phone service, or intercept messages and phone calls.
24 November 2020
Up to 350,000 Spotify accounts hacked in credential stuffing attacks
This won't be music to your ears – researchers spot an unsecured database replete with records used for an account hijacking spree
The post Up to 350,000 Spotify accounts hacked in credential stuffing attacks appeared first on WeLiveSecurity
24 November 2020
Printers' Cybersecurity Threats Too Often Ignored
Remote workforce heightens the need to protect printing systems against intrusion and compromise.24 November 2020
Blackrota Golang Backdoor Packs Heavy Obfuscation Punch
Blackrota is targeting a security bug in Docker, but is nearly impossible to reverse-analyze.
24 November 2020
Stantinko's Linux malware now poses as an Apache web server
Eight-year-old Stantinko botnet updates its Linux malware.24 November 2020