Cybersecurity News
Ursnif Trojan has targeted over 100 Italian banks
1,700 credentials were stolen from a single payment processor.03 March 2021
Microsoft account hijack vulnerability earns bug bounty hunter $50,000
The researcher says he could have abused the bug to hijack Microsoft accounts.03 March 2021
Google patches actively exploited Chrome browser zero-day vulnerability
Upgrading your Chrome build as quickly as possible is recommended.03 March 2021
Not all cybercriminals are sophisticated
Some perpetrators of online crime and fraud don’t use advanced methods to profit at the expense of unsuspecting victims and to avoid getting caught
The post Not all cybercriminals are sophisticated appeared first on WeLiveSecurity
03 March 2021
SEC charges group for alleged pump-and-dump Airborne Wireless stock scam
SEC claims investors were defrauded out of $45 million.03 March 2021
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.03 March 2021
Policy Group Calls for Public-Private Cyber-Defense Program
The proposed National Cyber Response Network would link federal agencies, companies, and local governments, allowing collaboration during a cyberattack.02 March 2021
Microsoft Ignite Brings Security & Compliance Updates
Microsoft announces support for data loss prevention in Google Chrome, co-authoring of protected files, and more at Ignite 2021.02 March 2021
'ObliqueRAT' Now Hides Behind Images on Compromised Websites
'Transparent Tribe' has switched its tactics for distributing the remote access Trojan, researchers found.02 March 2021
Post-Cyberattack, Universal Health Services Faces $67M in Losses
The Fortune-500 hospital network owner is facing steep costs in damages after a cyberattack impacted patient care and billing in September and October.02 March 2021
Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails
Microsoft Corp. today released software updates to plug four critical security holes that attackers have been using to plunder email communications at companies that use its Exchange Server products. The company says all four flaws are being actively exploited as part of a complex attack chain deployed by a previously unidentified Chinese cyber espionage group.02 March 2021
Microsoft Fixes Exchange Server Zero-Days Exploited in Active Attacks
Microsoft fixes multiple Exchange Server vulnerabilities being weaponized in attacks from a group it believes operates out of China.02 March 2021
Thycotic and Centrify to Merge In $1.4B Deal
TPG Capital will combine privileged access management providers into one company.02 March 2021
Payroll/HR Giant PrismHR Hit by Ransomware?
PrismHR, a company that sells software and services used by other firms to help more than 80,000 small businesses manage payroll, benefits, and human resources, has suffered what appears to be an ongoing ransomware attack.02 March 2021
Google Partners With Insurers to Create Risk Protection Program
Google Cloud, Allianz, and Munich Re teamed up to build a program that aims to reduce risk and potentially cut costs for customers.02 March 2021
4 Ways Health Centers Can Stop the Spread of Cyberattacks
Health centers must shift the perception of cyberattacks from potential risk to real threat in order to take the first step toward a safer, healthier security posture.02 March 2021
Jailbreak Tool Works on iPhones Up to iOS 14.3
The UnC0ver team took advantage of an iOS flaw patched in January in its latest tool allowing developers and other enthusiasts to hack into their own devices.02 March 2021
Compromised Website Images Camouflage ObliqueRAT Malware
Emails spreading the ObliqueRAT malware now make use of steganography, disguising their payloads on compromised websites.02 March 2021
Ryuk Ransomware: Now with Worming Self-Propagation
The Ryuk scourge has a new trick in its arsenal: Self-replication via SMB shares and port scanning.02 March 2021
Why Cloud Security Risks Have Shifted to Identities and Entitlements
Traditional security tools focus on the network perimeter, leaving user and service accounts vulnerable to hackers.02 March 2021