Cybersecurity News
Critical Citrix DDoS Bug Shuts Down Network, Cloud App Access
The distributed computing vendor patched the flaw, affecting Citrix ADC and Gateway, along with another flaw impacting availability for SD-WAN appliances.
Google scores big win as court blocks iPhone tracking lawsuit
The tech giant wins an appeal against a claim that it unlawfully collected personal data of millions of iPhone users
The post Google scores big win as court blocks iPhone tracking lawsuit appeared first on WeLiveSecurity
Massive Zero Day Hole Found in Palo Alto Security Appliances
Researchers have a working exploit for the vulnerability (now patched), which allows for unauthenticated RCE and affects an estimated 70,000+ VPN/firewalls.
New Android Spyware Poses Pegasus-Like Threat
PhoneSpy already has stolen data and tracked the activity of targets in South Korea, disguising itself as legitimate lifestyle apps.
A stalker's wishlist: PhoneSpy malware destroys Android privacy
A new surveillance campaign has revealed widespread infection on Android devices.Microsoft Nov. Patch Tuesday Fixes Six Zero-Days, 55 Bugs
Experts urged users to prioritize patches for Microsoft Exchange and Excel, those favorite platforms so frequently targeted by cybercriminals and nation-state actors.
Microsoft Patch Tuesday, November 2021 Edition
Microsoft Corp. today released updates to quash at least 55 security bugs in its Windows operating systems and other software. Two of the patches address vulnerabilities that are already being used in active attacks online, and four of the flaws were disclosed publicly before today -- potentially giving adversaries a head start in figuring out how to exploit them.Not Punny: Angling Direct Breach Cripples Retailer for Days
A U.K. fishing retailer’s site has been hijacked and redirected to Pornhub.
Robinhood data breach affects 7 million people
An attacker gained access to some of Robinhood's customer support systems and stole the personal data of around a third of the app's userbase
The post Robinhood data breach affects 7 million people appeared first on WeLiveSecurity
Robinhood data breach affects 7 million people
An attacker gained access to some of Robinhood's customer support systems and stole the personal data of around a third of the app's userbase
The post Robinhood data breach affects 7 million people appeared first on WeLiveSecurity
Paving the Way: Inspiring Women in Payments - A Q&A Featuring Amandeep Kaur
Amandeep Kaur was given a life-changing opportunity to leave her small village and move to the United Kingdom to stay with her aunt and uncle and study Information Security and Computer Forensics at a university of her choice. She followed her passion and, as a result, was able to start a new career in cybersecurity. But, for many women, opportunities like these are hard to find. In this edition of our blog, Amandeep explains that a lack of female role models in the industry, as well as a false stereotype that technology is “too hard” for women, can create negative perceptions that discourage women from this type of career.
12 New Flaws Used in Ransomware Attacks in Q3
The Q3 2021 report revealed a 4.5% increase in CVEs associated with ransomware and a 3.4% increase in ransomware families compared with Q2 2021.
The New Frontier of Enterprise Risk: Nth Parties
The average number of vulnerabilities discovered in a Cyberpion scan of external Fortune 500 networks (such as cloud systems) was 296, many critical (with the top of the scale weighing in at a staggering 7,500).
Security Tool Guts: How Much Should Customers See?
Yaron Kassner, CTO of Silverfort, delves into the pros and cons of transparency when it comes to cybersecurity tools’ algorithms.
Robinhood Trading Platform Data Breach Hits 7M Customers
The cyberattacker attempted to extort the company after socially engineering a customer service employee to gain access to email addresses and more.
Multiple BusyBox Security Bugs Threaten Embedded Linux Devices
Researchers discovered 14 vulnerabilities in the ‘Swiss Army Knife’ of the embedded OS used in many OT and IoT environments. They allow RCE, denial of service and data leaks.
Meet Lyceum: Iranian hackers targeting telecoms, ISPs
The criminals climb up communication chains with the aim of reaching executives.REvil Ransom Arrest, $6M Seizure, and $10M Reward
The U.S. Department of Justice said today it arrested a Ukrainian man who deployed ransomware on behalf of the REvil ransomware gang, a Russian cybercriminal collective that has extorted hundreds of millions from victim organizations. The DOJ also said it had seized $6.1 million in cryptocurrency sent to another REvil affiliate, and that the State Department is now offering up to $10 million for information leading to the arrest of any key leaders of REvil.REvil Affiliates Arrested; DOJ Seizes $6.1M in Ransom
The U.S. is seeking the extradition of a Ukrainian man, Yaroslav Vasinskyi, whom they suspect is behind the Kaseya supply-chain attacks and other REvil attacks.
DDoS Attacks Shatter Records in Q3, Report Finds
Q3 DDoS attacks topped thousands daily, with more growth expected.