Cybersecurity News
Automotive giant Denso confirms hack, Pandora ransomware group takes credit
Denso supplies Toyota, General Motors, and Honda, to name but a few.Ukraine reportedly adopts Clearview AI to track Russian invaders
The facial recognition technology has not been made available to Russia.Ubisoft reveals 'security incident' forcing company-wide password refresh
The gaming giant remains tight-lipped on the particulars of the assumed hack.A first look at threat intelligence and threat hunting tools
An overview of some of the most popular open-source tools for threat intelligence and threat hunting
The post A first look at threat intelligence and threat hunting tools appeared first on WeLiveSecurity
Russia Issues Its Own TLS Certs
The country’s citizens are being blocked from the internet because foreign certificate authorities can't accept payments due to Ukraine-related sanctions, so it created its own CA.
Week in security with Tony Anscombe
Gray zone conflicts in cyberspace – Can you identify fake news? – Top cybersecurity threats for the healthcare sector
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Report: Recent 10x Increase in Cyberattacks on Ukraine
As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians.ESET Research webinar: How APT groups have turned Ukraine into a cyber‑battlefield
Ukraine has been under cyber-fire for years now – here’s what you should know about various disruptive cyberattacks that have hit the country since 2014
The post ESET Research webinar: How APT groups have turned Ukraine into a cyber‑battlefield appeared first on WeLiveSecurity
Raccoon Stealer Crawls Into Telegram
The credential-stealing trash panda is using the chat app to store and update C2 addresses as crooks find creative new ways to distribute the malware.
Malware Posing as Russia DDoS Tool Bites Pro-Ukraine Hackers
Be careful when downloading a tool to cyber-target Russia: It could be an infostealer wolf dressed in sheep's clothing that grabs your cryptocurrency info instead.
True or false? How to spot – and stop – fake news
How can you tell fact from fiction and avoid falling for and spreading falsehoods about the war in Ukraine?
The post True or false? How to spot – and stop – fake news appeared first on WeLiveSecurity
Most Orgs Would Take Security Bugs Over Ethical Hacking Help
A new survey suggests that security is becoming more important for enterprises, but they’re still falling back on old "security by obscurity" ways.
Russia May Use Ransomware Payouts to Avoid Sanctions
FinCEN warns financial institutions to beware of unusual cryptocurrency payments or illegal transactions Russia may use to evade restrictions imposed due to its invasion of Ukraine.
Multi-Ransomwared Victims Have It Coming–Podcast
Let's blame the victim. IT decision makers' confidence about security doesn't jibe with their concession that repeated incidents are their own fault, says ExtraHop's Jamie Moles.
Qakbot Botnet Sprouts Fangs, Injects Malware into Email Threads
The ever-shifting, ever-more-powerful malware is now hijacking email threads to download malicious DLLs that inject password-stealing code into webpages, among other foul things.
APT41 Spies Broke Into 6 US State Networks via a Livestock App
The China-affiliated state-sponsored threat actor used Log4j and zero-day bugs in the USAHerds animal-tracking software to hack into multiple government networks.
Microsoft Patch Tuesday, March 2022 Edition
Microsoft on Tuesday released software updates to plug at least 70 security holes in its Windows operating systems and related software. For the second month running, there are no scary zero-day threats looming for Windows users (that we know of), and relatively few "critical" fixes. And yet we know from experience that attackers are already trying to work out how to turn these patches into a roadmap for exploiting the flaws they fix. Here's a look at the security weaknesses Microsoft says are most likely to be targeted first.Most ServiceNow Instances Misconfigured, Exposed
Customers aren't locking down access correctly, leading to ~70 percent of ServiceNow implementations being vulnerable to malicious data extraction.
Russian APTs Furiously Phish Ukraine – Google
Also on the rise: DDoS attacks against Ukrainian sites and phishing activity capitalizing on the conflict, with China's Mustang Panda targeting Europe.
Securing healthcare: An IT health check on the state of the sector
No sector or organization is immune to rapidly escalating cyberthreats, but when it comes to healthcare, the stakes couldn’t be higher
The post Securing healthcare: An IT health check on the state of the sector appeared first on WeLiveSecurity