Cybersecurity News


Threat from Organized Cybercrime Syndicates Is Rising

Threat from Organized Cybercrime Syndicates Is Rising Europol reports that criminal groups are undermining the EU’s economy and its society, offering everything from murder-for-hire to kidnapping, torture and mutilation.
12 November 2021

Costco Confirms: A Data Skimmer’s Been Ripping Off Customers

Costco Confirms: A Data Skimmer’s Been Ripping Off Customers Big-box behemoth retailer Costco is offering victims 12 months of credit monitoring, a $1 million insurance reimbursement policy and ID theft recovery services.
12 November 2021

Top 10 Cybersecurity Best Practices to Combat Ransomware

Top 10 Cybersecurity Best Practices to Combat Ransomware Immutable storage and more: Sonya Duffin, data protection expert at Veritas Technologies, offers the Top 10 steps for building a multi-layer resilience profile.
12 November 2021

Windows 10 Privilege-Escalation Zero-Day Gets an Unofficial Fix

Windows 10 Privilege-Escalation Zero-Day Gets an Unofficial Fix Researchers warn that CVE-2021-34484 can be exploited with a patch bypass for a bug originally addressed in August by Microsoft.
12 November 2021

Mac Zero Day Targets Apple Devices in Hong Kong

Mac Zero Day Targets Apple Devices in Hong Kong Google researchers have detailed a widespread watering-hole attack that installed a backdoor on Apple devices that visited Hong Kong-based media and pro-democracy sites.
12 November 2021

Week in security with Tony Anscombe

Steps to take right after a data breach – What to consider before going passwordless – 7 million people hit by Robinhood data breach

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

12 November 2021

Millions of Routers, IoT Devices at Risk from New Open-Source Malware

Millions of Routers, IoT Devices at Risk from New Open-Source Malware BotenaGo, written in Google’s Golang programming language, can exploit more than 30 different vulnerabilities.
12 November 2021

Invest in These 3 Key Security Technologies to Fight Ransomware

Invest in These 3 Key Security Technologies to Fight Ransomware Ransomware volumes are up 1000%. Aamir Lakhani, cybersecurity researcher and practitioner at FortiGuard Labs , discusses secure email, network segmentation and sandboxing for defense.
11 November 2021

Back-to-Back PlayStation 5 Hacks Hit on the Same Day

Back-to-Back PlayStation 5 Hacks Hit on the Same Day Cyberattackers stole PS5 root keys and exploited the kernel, revealing rampant insecurity in gaming devices.
11 November 2021

Cyber-Mercenary Group Void Balaur Attacks High-Profile Targets for Cash

Cyber-Mercenary Group Void Balaur Attacks High-Profile Targets for Cash A Russian-language threat group is available for hire, to steal data on journalists, political leaders, activists and from organizations in every sector.
11 November 2021

No 10 accused of failing to act against states accused of NSO spyware abuses

No 10 accused of failing to act against states accused of NSO spyware abuses

Group of 10 MPs and peers say Boris Johnson’s government has prioritised trade over national security

Boris Johnson’s government has been accused by MPs of prioritising trade agreements over national security in its handling of surveillance abuses on British soil by governments using spyware made by the Israeli company NSO Group.

A letter to the British prime minister signed by 10 MPs and peers has called on the government to end its cybersecurity programmes with countries that are known to have used NSO spyware to target dissidents, journalists and lawyers, among others, and to impose sanctions on NSO, “if they are at all serious about our national security”.

Continue reading...
11 November 2021

Congress Mulls Ban on Big Ransom Payouts

Congress Mulls Ban on Big Ransom Payouts A bill introduced this week would regulate ransomware response by the country's critical financial sector.
11 November 2021

Google debuts ClusterFuzzLite security tool for CI, CD workflows

The fuzzing solution is set to bolster software supply chain security.
11 November 2021

Tiny Font Size Fools Email Filters in BEC Phishing

Tiny Font Size Fools Email Filters in BEC Phishing The One Font BEC campaign targets Microsoft 365 users and uses sophisticated obfuscation tactics to slip past security protections to harvest credentials.
11 November 2021

BazarBackdoor now abuses Windows 10 apps feature in 'call me back' attack

AppInstaller.exe has been twisted in a new form of phishing attack.
11 November 2021

BazarBackdoor now abuses Windows 10 app feature in 'call me back' attack

AppInstaller.exe has been twisted in a new form of phishing attack.
11 November 2021

NSO Group’s CEO-designate quits after US blacklists spyware firm

NSO Group’s CEO-designate quits after US blacklists spyware firm

Move reported by Israeli media comes after Biden administration said firm acted contrary to US security interests

The chief executive officer-designate of NSO Group has resigned citing the Israeli spyware company’s blacklisting by the US Department of Commerce last week, Israeli media said on Thursday.

NSO Group declined to comment.

Continue reading...
11 November 2021

When the alarms go off: 10 key steps to take after a data breach

It’s often said that data breaches are no longer a matter of ‘if’, but ‘when’ – here’s what your organization should do, and avoid doing, in the case of a security breach

The post When the alarms go off: 10 key steps to take after a data breach appeared first on WeLiveSecurity

11 November 2021

EU pharmaceutical giants run old, vulnerable apps and fail to use encryption in login forms

New research highlights hundreds of companies that are at risk of cyberattacks.
11 November 2021

North Korean hackers target the South's think tanks through blog posts

Responsibility for new attacks has been laid at the feet of the Kimsuky threat group.
10 November 2021