Cybersecurity News


Kia Faces $20M DoppelPaymer Ransomware Attack

Kia Motors America this week experienced a nationwide IT outage; now, reports indicate the company was hit with ransomware.
17 February 2021

Ninja Forms WordPress Plugin Bug Opens Websites to Hacks

Ninja Forms WordPress Plugin Bug Opens Websites to Hacks The popular plugin is installed on more than 1 million websites, and has four flaws that allow various kinds of serious attacks, including site takeover and email hijacking.
17 February 2021

U.S. Accuses North Korean Hackers of Stealing Millions

U.S. Accuses North Korean Hackers of Stealing Millions The feds have expanded the list of financial and political hacking crimes they allege are linked to Lazarus Group and North Korea.
17 February 2021

Ransomware? Let's Call It What It Really Is: Extortionware

Just as the targets of these attacks have shifted from individuals to corporations, so too has the narrow focus given way to applying force and pressure to pay.
17 February 2021

Breach Etiquette: How to Mind Your Manners When It Matters

Breach Etiquette: How to Mind Your Manners When It Matters Panic-stricken as you may be in the face of a cyberattack, keeping calm and, perhaps most importantly, responding appropriately are critical to limiting the damage.
17 February 2021

US charges two more members of the 'Lazarus' North Korean hacking group

The US DOJ described the North Korean hackers as "the world's leading bank robbers" and "a criminal syndicate with a flag."
17 February 2021

Enterprise Windows Threats Drop as Mac Attacks Rise: Report

An analysis of 2020 malware activity indicates businesses should be worried about internal hack tools, ransomware, and spyware in the year ahead.
17 February 2021

Masslogger Swipes Microsoft Outlook, Google Chrome Credentials

Masslogger Swipes Microsoft Outlook, Google Chrome Credentials A new version of the Masslogger trojan has been targeting Windows users - now using a compiled HTML (CHM) file format to start the infection chain.
17 February 2021

Details Tied to Safari Browser-based ‘ScamClub’ Campaign Revealed

Details Tied to Safari Browser-based ‘ScamClub’ Campaign Revealed Public disclosure of a privilege escalation attack details how a cybergang bypassed browser iframe sandboxing with malicious PostMessage popups.
17 February 2021

4 Predictions for the Future of Privacy

Use these predictions to avoid pushback, find opportunity, and create value for your organization.
17 February 2021

Dutch police post 'friendly' warnings on hacking forums

Dutch police: "Hosting criminal infrastructure in The Netherlands is a lost cause."
17 February 2021

Bug in shared SDK can let attackers join calls undetected across multiple apps

Apps that use the SDK include MeetMe, Skout, Nimo TV, temi, and Talkspace.
17 February 2021

Owner of app that hijacked millions of devices with one update exposes buy-to-infect scam

The owners of the once-legitimate Android app insist that a buyer was responsible for a malicious update with far-reaching consequences.
17 February 2021

Tracker pixels in emails are now an ‘endemic’ privacy concern

Critics suggest the practice is marketing gone too far.
17 February 2021

Securing Your WiFi Access Point

The first step to creating a cybersecure home is to start by securing your WiFi Access Point. Change your WiFi Access Points default adminstrator password to something only you know. Many WiFi Access Points or WiFi routers are shipped with default administrator passwords that are publicly known and posted on the Internet. The first step to creating a cybersecure home is to start by securing your WiFi Access Point. Change your WiFi Access Points default adminstrator password to something only you know. Many WiFi Access Points or WiFi routers are shipped with default administrator passwords that are publicly known and posted on the Internet.
17 February 2021

Attacks targeting IT firms stir concern, controversy

The Exaramel backdoor, discovered by ESET in 2018, resurfaces in a campaign hitting companies that use an outdated version of a popular IT monitoring tool

The post Attacks targeting IT firms stir concern, controversy appeared first on WeLiveSecurity

16 February 2021

Compromised Credentials Show That Abuse Happens in Multiple Phases

The third stage, when threat actors rush to use stolen usernames and password pairs in credential-stuffing attacks, is the most damaging for organizations, F5 says.
16 February 2021

Centreon says only 15 entitites were targeted in recent Russian hacking spree

Hacked companies were using very outdated versions of Centreon's open-source IT monitoring software.
16 February 2021

Firms Patch Greater Number of Systems, but Still Slowly

Fewer systems have flaws; however, the time to remediate vulnerabilities stays flat, and many issues targeted by in-the-wild malware remain open to attack.
16 February 2021

Complaint Blasts TikTok’s ‘Misleading’ Privacy Policies

Complaint Blasts TikTok’s ‘Misleading’ Privacy Policies TikTok is again in hot water for how the popular video-sharing app collects and shares data - particularly from its underage userbase.
16 February 2021