Cybersecurity News
Tether faces 500 Bitcoin ransom: We are ‘not paying’
The cryptocurrency firm says “forged” documents attempting to undermine the ecosystem as a whole are also circulating.Judge approves $650m settlement for Facebook users in privacy, biometrics lawsuit
Facebook users represented in the lawsuit may soon receive hundreds of dollars each.Minion privilege escalation exploit patched in SaltStack Salt project
The bug permitted attackers to perform privilege escalation attacks in the automation software.Businessman charged with intent to steal General Electric’s secret silicon technology
Trade secrets worth millions on the market were the goal of the conspiracy.Amazon Dismisses Claims Alexa ‘Skills’ Can Bypass Security Vetting Process
Researchers found a number of privacy and security issues in Amazon's Alexa skill vetting process, which could lead to attackers stealing data or launching phishing attacks.
Stalkerware Volumes Remain Concerningly High, Despite Bans
COVID-19 impacted volumes for the year, but the U.S. moved into third place on the list of countries most infected by stalkerware.
NSA Releases Guidance on Zero-Trust Architecture
A new document provides guidance for businesses planning to implement a zero-trust system management strategy.Lazarus Targets Defense Companies with ThreatNeedle Malware
A spear-phishing campaigned linked to a North Korean APT uses “NukeSped” malware in cyberespionage attacks against defense companies.
The Edge Pro Tip: Fasten Your Seatbelts
An unprecedented 2020 has shaken up security leaders' usual list of must-have technologies for 2021. Where do they plan to spend next?
Chrome will soon try HTTPS first when you type an incomplete URL
If users type an URL and they forget to add the HTTP or HTTPS prefix, Chrome will soon use HTTPS by default.Securing Super Bowl LV
A peek at open XDR technology, and defense that held up better than the Kansas City Chiefs.
Yeezy Fans Face Sneaker-Bot Armies for Boost ‘Sun’ Release
Sneaker bots ready to scoop up the new Yeezy Boost 700 “Sun” shoes to resell at a huge markup.
Attackers Turn Struggling Software Projects Into Trojan Horses
While access to compromised systems has become an increasingly common service, some cybercriminals are going straight to the source: buying code bases and then updating the application with malicious code.Malware Gangs Partner Up in Double-Punch Security Threat
From TrickBot to Ryuk, more malware cybercriminal groups are putting their heads together when attacking businesses.
Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid
The bomb threats escalated over the course of six weeks to include Black Lives Matter protests and threats on UK politicians.Week in security with Tony Anscombe
Privacy bug in Brave browser – Clubhouse audio streamed to external website – Protecting children from cyberbullying in COVID-19 era
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Oxford University COVID‑19 lab hacked
Neither clinical research into the coronavirus nor any patient data were affected by the incident
The post Oxford University COVID‑19 lab hacked appeared first on WeLiveSecurity
PCI DSS v4.0 Timeline Updated to Support an Additional RFC
Industry feedback is fundamental to the evolution of the PCI Data Security Standard (PCI DSS). Because of the broad impact PCI DSS has on the payment community, the Council is seeking additional feedback into the PCI DSS v4.0 validation documents. As a result of expanding stakeholder feedback opportunities to include these supporting documents, the Council is now targeting a Q4 2021 completion date for PCI DSS v4.0. The publication and availability of PCI DSS v4.0 is still being determined. The Council will communicate the targeted publication date in the coming months.