Cybersecurity News


Twitter’s new strike system will target prolific COVID-19 fake information spreaders

Twitter says repeat offenders will be booted from the platform.
02 March 2021

Mobile Adware Booms, Online Banks Become Prime Target for Attacks

Mobile Adware Booms, Online Banks Become Prime Target for Attacks A snapshot of the 2020 mobile threat landscape reveals major shifts toward adware and threats to online banks.
01 March 2021

Malware Loader Abuses Google SEO to Expand Payload Delivery

Malware Loader Abuses Google SEO to Expand Payload Delivery Gootloader has expanded its payloads beyond the Gootkit malware family, using Google SEO poisoning to gain traction.
01 March 2021

Universal Health Services Suffered $67 Million Loss Due to Ransomware Attack

Earnings report points to diversion of care during incident for financial loss.
01 March 2021

New Jailbreak Tool Works on Most iPhones

The Unc0ver team has released a tool that works on iOS 11 and later, and exploits a vulnerability that was recently under attack.
01 March 2021

Passwords, Private Posts Exposed in Hack of Gab Social Network

Passwords, Private Posts Exposed in Hack of Gab Social Network The Distributed Denial of Secrets group claim they have received more than 70 gigabytes of data exfiltrated from social media platform Gab.
01 March 2021

SolarWinds security fiasco may have started with simple password blunders

Many things came together to crack SolarWinds, but it may all have started with that classic mistake of leaking a lousy password.
01 March 2021

Is Your Browser Extension a Botnet Backdoor?

A company that rents out access to more than 10 million Web browsers so that clients can hide their true Internet addresses has built its network by paying browser extension makers to quietly include its code in their creations. This story examines the lopsided economics of extension development, and why installing an extension can be such a risky proposition.
01 March 2021

MSP Provider Builds Red Team as Attackers Target Industry

NinjaRMM, which provides tools for managed service providers, aims to create a red team capability following years of attacks against MSPs.
01 March 2021

Popular password manager in the spotlight over web trackers

While the trackers in LastPass’ Android app don’t collect any personal data, the news may not sit well with some privacy-minded users

The post Popular password manager in the spotlight over web trackers appeared first on WeLiveSecurity

01 March 2021

Firewall Vendor Patches Critical Auth Bypass Flaw

Firewall Vendor Patches Critical Auth Bypass Flaw Cybersecurity firm Genua fixes a critical flaw in its GenuGate High Resistance Firewall, allowing attackers to log in as root users.
01 March 2021

Cybercrime 'Help Wanted': Job Hunting on the Dark Web

Cybercrime 'Help Wanted': Job Hunting on the Dark Web How's your 'Probiv'? How about customer service? Here's how Dark Web forums connect cybercriminals looking for talent with those looking for work -- and which skills are hot right now.
01 March 2021

Building a Next-Generation SOC Starts With Holistic Operations

The proper template for a modernized SOC team is one that operates seamlessly across domains with a singular, end-to-end view.
01 March 2021

How Criminals Job Hunt on the Dark Web

How Criminals Job Hunt on the Dark Web How's your 'Probiv'? How about customer service? Here's how Dark Web forums connect cybercriminals looking for talent with those looking for work -- and which skills are hot right now.
01 March 2021

Hackers exploit websites to give them excellent SEO before deploying malware

Climbing up Google’s ranks is key to this new technique.
01 March 2021

Tether faces 500 Bitcoin ransom: We are ‘not paying’

The cryptocurrency firm says “forged” documents attempting to undermine the ecosystem as a whole are also circulating.
01 March 2021

Judge approves $650m settlement for Facebook users in privacy, biometrics lawsuit

Facebook users represented in the lawsuit may soon receive hundreds of dollars each.
01 March 2021

Minion privilege escalation exploit patched in SaltStack Salt project

The bug permitted attackers to perform privilege escalation attacks in the automation software.
01 March 2021

Businessman charged with intent to steal General Electric’s secret silicon technology

Trade secrets worth millions on the market were the goal of the conspiracy.
01 March 2021

Amazon Dismisses Claims Alexa ‘Skills’ Can Bypass Security Vetting Process

Amazon Dismisses Claims Alexa ‘Skills’ Can Bypass Security Vetting Process Researchers found a number of privacy and security issues in Amazon's Alexa skill vetting process, which could lead to attackers stealing data or launching phishing attacks.
26 February 2021