Cybersecurity News
Proof-of-concept exploit code published for new Kerberos Bronze Bit attack
The Kerberos Bronze Bit attack can allow intruders to bypass authentication and access sensitive network services.10 December 2020
Critical Steam Flaws Could Let Gamers to Crash Opponents’ Computers
Valve fixed critical bugs in its Steam gaming client, which is a platform for popular video games like Counter Strike: Global Offensive, Dota2 and Half Life.
10 December 2020
Cybersecurity Advent calendar: Tips for buying gifts and not receiving coal
While shopping for the perfect presents, be on the lookout for naughty cybercriminals trying to ruin your Christmas cheer by tricking you out of both gifts and money
The post Cybersecurity Advent calendar: Tips for buying gifts and not receiving coal appeared first on WeLiveSecurity
10 December 2020
Operation StealthyTrident: corporate software under attack
LuckyMouse, TA428, HyperBro, Tmanger and ShadowPad linked in Mongolian supply-chain attack
The post Operation StealthyTrident: corporate software under attack appeared first on WeLiveSecurity
10 December 2020
njRAT Trojan operators are now using Pastebin as alternative to central command server
Avoiding C2 infrastructure could help hackers avoid detection.10 December 2020
Remote code execution vulnerability uncovered in Starbucks mobile platform
The researcher’s report revealed multiple endpoints vulnerable to the same flaw.10 December 2020
Hackers are selling more than 85,000 SQL databases on a dark web portal
Hackers break into databases, steal their content, hold it for ransom for 9 days, and then sell to the highest bidder if the DB owner doesn't want to pay the ransom demand.09 December 2020
Researcher Developed New Kernel-Level Exploits for Old Vulns in Windows
Problem has to do with a print driver component found in all versions of Windows going back to Windows 7, security researcher from Singular Security Lab says at Black Hat Europe 2020.09 December 2020
Adobe to block Flash content from running on January 12, 2021
Adobe releases final Flash update with stronger language asking users to uninstall the app before its EOL.09 December 2020
Ransomware Makes Up Half of All Major Incidents
Misconfigurations and lack of visibility allow attackers to compromise networks and monetize their intrusions, according to CrowdStrike's analysis of about 200 incidents.09 December 2020
Security Incidents Are 'Tip of the Iceberg,' Says UK Security Official
Pete Cooper, deputy director of cyber defense for the UK Cabinet Office, emphasized the importance of security fundamentals, collaboration, and diversity in his Black Hat Europe keynote talk.09 December 2020
10 Ways Device Identifiers Can Spot a Cybercriminal
Device IDs, which are assigned to mobile devices to distinguish one from another, can help organizations flag fraud, cyberattacks, and other suspicious activities.
09 December 2020
Record Levels of Software Bugs Plague Short-Staffed IT Teams in 2020
As just one symptom, 83 percent of the Top 30 U.S. retailers have vulnerabilities which pose an “imminent” cyber-threat, including Amazon, Costco, Kroger and Walmart.
09 December 2020
Vulnerabilities Continue Around 2019 Pace
After lagging 2019 numbers in the first quarter, vulnerabilities have surged in the rest of 2020, leading researchers to predict that final numbers for this year will meet or exceed those of last year, report says.09 December 2020
Google open-sources Atheris, a tool for finding security bugs in Python code
Atheris helps developers find bugs in Python-based codebases using a technique called fuzzing.09 December 2020
SideWinder APT Targets Nepal, Afghanistan in Wide-Ranging Spy Campaign
Convincing email-credentials phishing, emailed backdoors and mobile apps are all part of the groups latest effort against military and government targets.
09 December 2020
Former Microsoft Cloud Security Leads Unveil New Startup
Wiz has raised $100 million since its January launch and plans to help businesses with visibility into cloud security threats.09 December 2020
The Holiday Shopping Season: A Prime Opportunity for Triangulation Fraud
As e-commerce sales increase, so does the risk of hard-to-detect online fraud.09 December 2020
Microsoft Patch Tuesday fixes 58 flaws
The last Patch Tuesday of the year brings another fresh batch of fixes for Microsoft products and while the number may be lower the patches are no less important.
The post Microsoft Patch Tuesday fixes 58 flaws appeared first on WeLiveSecurity
09 December 2020
EU agency in charge of COVID-19 vaccine approval says it was hacked
The European Medicines Agency (EMA) says it's investigating a recent cyber-attack.09 December 2020