Cybersecurity News


Proof-of-concept exploit code published for new Kerberos Bronze Bit attack

The Kerberos Bronze Bit attack can allow intruders to bypass authentication and access sensitive network services.
10 December 2020

Critical Steam Flaws Could Let Gamers to Crash Opponents’ Computers

Critical Steam Flaws Could Let Gamers to Crash Opponents’ Computers Valve fixed critical bugs in its Steam gaming client, which is a platform for popular video games like Counter Strike: Global Offensive, Dota2 and Half Life.
10 December 2020

Cybersecurity Advent calendar: Tips for buying gifts and not receiving coal

While shopping for the perfect presents, be on the lookout for naughty cybercriminals trying to ruin your Christmas cheer by tricking you out of both gifts and money

The post Cybersecurity Advent calendar: Tips for buying gifts and not receiving coal appeared first on WeLiveSecurity

10 December 2020

Operation StealthyTrident: corporate software under attack

LuckyMouse, TA428, HyperBro, Tmanger and ShadowPad linked in Mongolian supply-chain attack

The post Operation StealthyTrident: corporate software under attack appeared first on WeLiveSecurity

10 December 2020

njRAT Trojan operators are now using Pastebin as alternative to central command server

Avoiding C2 infrastructure could help hackers avoid detection.
10 December 2020

Remote code execution vulnerability uncovered in Starbucks mobile platform

The researcher’s report revealed multiple endpoints vulnerable to the same flaw.
10 December 2020

Hackers are selling more than 85,000 SQL databases on a dark web portal

Hackers break into databases, steal their content, hold it for ransom for 9 days, and then sell to the highest bidder if the DB owner doesn't want to pay the ransom demand.
09 December 2020

Researcher Developed New Kernel-Level Exploits for Old Vulns in Windows

Problem has to do with a print driver component found in all versions of Windows going back to Windows 7, security researcher from Singular Security Lab says at Black Hat Europe 2020.
09 December 2020

Adobe to block Flash content from running on January 12, 2021

Adobe releases final Flash update with stronger language asking users to uninstall the app before its EOL.
09 December 2020

Ransomware Makes Up Half of All Major Incidents

Misconfigurations and lack of visibility allow attackers to compromise networks and monetize their intrusions, according to CrowdStrike's analysis of about 200 incidents.
09 December 2020

Security Incidents Are 'Tip of the Iceberg,' Says UK Security Official

Pete Cooper, deputy director of cyber defense for the UK Cabinet Office, emphasized the importance of security fundamentals, collaboration, and diversity in his Black Hat Europe keynote talk.
09 December 2020

10 Ways Device Identifiers Can Spot a Cybercriminal

10 Ways Device Identifiers Can Spot a Cybercriminal Device IDs, which are assigned to mobile devices to distinguish one from another, can help organizations flag fraud, cyberattacks, and other suspicious activities.
09 December 2020

Record Levels of Software Bugs Plague Short-Staffed IT Teams in 2020

Record Levels of Software Bugs Plague Short-Staffed IT Teams in 2020 As just one symptom, 83 percent of the Top 30 U.S. retailers have vulnerabilities which pose an “imminent” cyber-threat, including Amazon, Costco, Kroger and Walmart.
09 December 2020

Vulnerabilities Continue Around 2019 Pace

After lagging 2019 numbers in the first quarter, vulnerabilities have surged in the rest of 2020, leading researchers to predict that final numbers for this year will meet or exceed those of last year, report says.
09 December 2020

Google open-sources Atheris, a tool for finding security bugs in Python code

Atheris helps developers find bugs in Python-based codebases using a technique called fuzzing.
09 December 2020

SideWinder APT Targets Nepal, Afghanistan in Wide-Ranging Spy Campaign

SideWinder APT Targets Nepal, Afghanistan in Wide-Ranging Spy Campaign Convincing email-credentials phishing, emailed backdoors and mobile apps are all part of the groups latest effort against military and government targets.
09 December 2020

Former Microsoft Cloud Security Leads Unveil New Startup

Wiz has raised $100 million since its January launch and plans to help businesses with visibility into cloud security threats.
09 December 2020

The Holiday Shopping Season: A Prime Opportunity for Triangulation Fraud

As e-commerce sales increase, so does the risk of hard-to-detect online fraud.
09 December 2020

Microsoft Patch Tuesday fixes 58 flaws

The last Patch Tuesday of the year brings another fresh batch of fixes for Microsoft products and while the number may be lower the patches are no less important.

The post Microsoft Patch Tuesday fixes 58 flaws appeared first on WeLiveSecurity

09 December 2020

EU agency in charge of COVID-19 vaccine approval says it was hacked

The European Medicines Agency (EMA) says it's investigating a recent cyber-attack.
09 December 2020