Cybersecurity News
Kia Faces $20M DoppelPaymer Ransomware Attack
Kia Motors America this week experienced a nationwide IT outage; now, reports indicate the company was hit with ransomware.17 February 2021
Ninja Forms WordPress Plugin Bug Opens Websites to Hacks
The popular plugin is installed on more than 1 million websites, and has four flaws that allow various kinds of serious attacks, including site takeover and email hijacking.
17 February 2021
U.S. Accuses North Korean Hackers of Stealing Millions
The feds have expanded the list of financial and political hacking crimes they allege are linked to Lazarus Group and North Korea.
17 February 2021
Ransomware? Let's Call It What It Really Is: Extortionware
Just as the targets of these attacks have shifted from individuals to corporations, so too has the narrow focus given way to applying force and pressure to pay.17 February 2021
Breach Etiquette: How to Mind Your Manners When It Matters
Panic-stricken as you may be in the face of a cyberattack, keeping calm and, perhaps most importantly, responding appropriately are critical to limiting the damage.
17 February 2021
US charges two more members of the 'Lazarus' North Korean hacking group
The US DOJ described the North Korean hackers as "the world's leading bank robbers" and "a criminal syndicate with a flag."17 February 2021
Enterprise Windows Threats Drop as Mac Attacks Rise: Report
An analysis of 2020 malware activity indicates businesses should be worried about internal hack tools, ransomware, and spyware in the year ahead.17 February 2021
Masslogger Swipes Microsoft Outlook, Google Chrome Credentials
A new version of the Masslogger trojan has been targeting Windows users - now using a compiled HTML (CHM) file format to start the infection chain.
17 February 2021
Details Tied to Safari Browser-based ‘ScamClub’ Campaign Revealed
Public disclosure of a privilege escalation attack details how a cybergang bypassed browser iframe sandboxing with malicious PostMessage popups.
17 February 2021
4 Predictions for the Future of Privacy
Use these predictions to avoid pushback, find opportunity, and create value for your organization.17 February 2021
Dutch police post 'friendly' warnings on hacking forums
Dutch police: "Hosting criminal infrastructure in The Netherlands is a lost cause."17 February 2021
Bug in shared SDK can let attackers join calls undetected across multiple apps
Apps that use the SDK include MeetMe, Skout, Nimo TV, temi, and Talkspace.17 February 2021
Owner of app that hijacked millions of devices with one update exposes buy-to-infect scam
The owners of the once-legitimate Android app insist that a buyer was responsible for a malicious update with far-reaching consequences.17 February 2021
Tracker pixels in emails are now an ‘endemic’ privacy concern
Critics suggest the practice is marketing gone too far.17 February 2021
Securing Your WiFi Access Point
The first step to creating a cybersecure home is to start by securing your WiFi Access Point. Change your WiFi Access Points default adminstrator password to something only you know. Many WiFi Access Points or WiFi routers are shipped with default administrator passwords that are publicly known and posted on the Internet. The first step to creating a cybersecure home is to start by securing your WiFi Access Point. Change your WiFi Access Points default adminstrator password to something only you know. Many WiFi Access Points or WiFi routers are shipped with default administrator passwords that are publicly known and posted on the Internet.17 February 2021
Attacks targeting IT firms stir concern, controversy
The Exaramel backdoor, discovered by ESET in 2018, resurfaces in a campaign hitting companies that use an outdated version of a popular IT monitoring tool
The post Attacks targeting IT firms stir concern, controversy appeared first on WeLiveSecurity
16 February 2021
Compromised Credentials Show That Abuse Happens in Multiple Phases
The third stage, when threat actors rush to use stolen usernames and password pairs in credential-stuffing attacks, is the most damaging for organizations, F5 says.16 February 2021
Centreon says only 15 entitites were targeted in recent Russian hacking spree
Hacked companies were using very outdated versions of Centreon's open-source IT monitoring software.16 February 2021
Firms Patch Greater Number of Systems, but Still Slowly
Fewer systems have flaws; however, the time to remediate vulnerabilities stays flat, and many issues targeted by in-the-wild malware remain open to attack.16 February 2021
Complaint Blasts TikTok’s ‘Misleading’ Privacy Policies
TikTok is again in hot water for how the popular video-sharing app collects and shares data - particularly from its underage userbase.
16 February 2021