Cybersecurity News


Tech Vendors' Lack of Security Transparency Worries Firms

A majority of firms say they're more likely to buy from suppliers that are open about security issues -- yet that sentiment isn't necessarily reflected in the technology providers they're currently working with.
18 March 2021

Facebook Expands Security Key Support to iOS & Android

Facebook's announcement arrives the same week Twitter enabled support for multiple security keys on user accounts.
18 March 2021

Fiserv Forgets to Buy Domain It Used as System Default

Fiserv Forgets to Buy Domain It Used as System Default Fintech security provider Fiserv acknowledges it used unregistered domain as default email.
18 March 2021

Trojanized Xcode Project Slips MacOS Malware to Apple Developers

Trojanized Xcode Project Slips MacOS Malware to Apple Developers In a new campaign, threat actors are bundling macOS malware in trojanized Apple Xcode developer projects.
18 March 2021

Women's History Month: Making Mentorship Meaningful

This month is a perfect opportunity for us to take a step back and think about what role we want to play as women in the technology sector.
18 March 2021

New CopperStealer Malware Hijacks Social Media Accounts

Proofpoint researchers say it steals logins and spreads more malware.
18 March 2021

FBI: Business Email Compromise Cost $1.8B in 2020

The Internet Crime Complaint Center received a record 791,790 complaints last year, with reported losses exceeding $4.1 billion.
18 March 2021

Beware the Package Typosquatting Supply Chain Attack

Attackers are mimicking the names of existing packages on public registries in hopes that users or developers will accidentally download these malicious packages instead of legitimate ones.
18 March 2021

FBI: Cybercrime losses topped US$4.2 billion in 2020

The Bureau received over 28,000 reports of COVID-19-themed scams last year

The post FBI: Cybercrime losses topped US$4.2 billion in 2020 appeared first on WeLiveSecurity

18 March 2021

SolarWinds-linked hacking group SilverFish abuses enterprise victims for sandbox tests

Existing victim networks are used to test out payloads as a novel form of sandbox.
18 March 2021

Zoom Screen-Sharing Glitch ‘Briefly’ Leaks Sensitive Data

Zoom Screen-Sharing Glitch ‘Briefly’ Leaks Sensitive Data A glitch in Zoom's screen-sharing feature shows parts of presenters' screens that they did not intend to share - potentially leaking emails or passwords.
18 March 2021

Security Researcher Hides ZIP, MP3 Files Inside PNG Files on Twitter

Security Researcher Hides ZIP, MP3 Files Inside PNG Files on Twitter The newly discovered steganography method could be exploited by threat actors to obscure nefarious activity inside photos hosted on the social-media platform.
18 March 2021

Beware Android trojan posing as Clubhouse app

The malware can grab login credentials for more than 450 apps and bypass SMS-based two-factor authentication

The post Beware Android trojan posing as Clubhouse app appeared first on WeLiveSecurity

18 March 2021

What CISOs Can Learn From Big Breaches: Focus on the Root Causes

Address these six technical root causes of breaches in order to keep your company safer.
18 March 2021

Edge Poll: XDR Plans

How likely is your organization to adopt XDR technology?
18 March 2021

Apple developers targeted by new malware, EggShell backdoor

macOS malware is being spread via compromised Xcode projects.
18 March 2021

US taxpayers targeted in NetWire, Remcos Trojan attack wave

Cyberattackers are looking to cash in on this year’s tax season.
18 March 2021

Ransom Payments Have Nearly Tripled

In 2020, ransomware targeted the manufacturing sector, healthcare organizations, and construction companies, with the average ransom reaching $312,000, a report finds.
18 March 2021

Tutor LMS for WordPress Open to Info-Stealing Security Holes

Tutor LMS for WordPress Open to Info-Stealing Security Holes The popular learning-management system for teacher-student communication is rife with SQL-injection vulnerabilities.
18 March 2021

Mimecast reveals source code theft in SolarWinds hack

Some customer records were also compromised in the breach.
18 March 2021