Cybersecurity News


Chinese hackers cloned attack tool belonging to NSA’s Equation Group

The Jian tool was used to exploit a Windows zero-day vulnerability years before a patch was issued.
22 February 2021

30,000 Macs infected with new Silver Sparrow malware

Silver Sparrow can even run on systems with Apple's new M1 chip.
22 February 2021

Kia Denies Ransomware Attack as IT Outage Continues

Kia Motors America states there is no evidence its recent systems outage was caused by a ransomware attack.
19 February 2021

Malformed URL Prefix Phishing Attacks Spike 6,000%

Malformed URL Prefix Phishing Attacks Spike 6,000% Sneaky attackers are flipping backslashes in phishing email URLs to evade protections, researchers said.
19 February 2021

Mysterious Silver Sparrow Malware Found Nesting on 30K Macs

Mysterious Silver Sparrow Malware Found Nesting on 30K Macs A second malware that targets Macs with Apple's in-house M1 chip is infecting machines worldwide -- but it's unclear why.
19 February 2021

Credential-Stuffing Attack Targets Regional Internet Registry

Credential-Stuffing Attack Targets Regional Internet Registry RIPE NCC, the regional Internet registry for Europe, West Asia, and the former Soviet Union, said attackers attempted a credential-stuffing attack against its single-sign on service.
19 February 2021

Attackers Already Targeting Apple's M1 Chip with Custom Malware

A proof-of-concept program infects systems with ARM64-compiled binaries and then reaches out to download additional functionality.
19 February 2021

Mexican Politician Removed Over Alleged Ties to Romanian ATM Skimmer Gang

The leader of Mexico's Green Party has been removed from office following allegations that he received money from a Romanian ATM skimmer gang that stole hundreds of millions of dollars from tourists visiting Mexico's top tourist destinations over the past five years. The scandal is the latest fallout stemming from a three-part investigation into the organized crime group by KrebsOnSecurity in 2015.
19 February 2021

Week in security with Tony Anscombe

Avoid COVID-19 vaccine fraud and hoaxes – Romance scams cause record-high losses – Exaramel in the spotlight after attacks in France

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

19 February 2021

Brave browser leaks onion addresses in DNS traffic

DNS leak leaves footprints in DNS server logs for a Brave user's Tor traffic.
19 February 2021

TDoS attacks could cost lives, warns FBI

Both hacktivists and extortionists have used telephony denial-of-service attacks as a way to further their goals

The post TDoS attacks could cost lives, warns FBI appeared first on WeLiveSecurity

19 February 2021

How to Fine-Tune Vendor Risk Management in a Virtual World

Without on-site audits, many organizations lack their usual visibility to assess risk factors and validate contracts and SLA with providers.
19 February 2021

Microsoft: SolarWinds Attackers Downloaded Azure, Exchange Code

Microsoft: SolarWinds Attackers Downloaded Azure, Exchange Code However, internal products and systems were not leveraged to attack others during the massive supply-chain incident, the tech giant said upon completion of its Solorigate investigation.
19 February 2021

Myanmar arrests 11 suspects for hacking government sites during protests

Hacktivists operated via a Facebook group and called themselves the "Myanmar Hackers."
19 February 2021

Malaysia arrests 11 suspects for hacking government sites

A similar government website defacement campaign is also taking place this week in Myanmar, in support of the country's jailed elected leader.
19 February 2021

Microsoft Concludes Internal Investigation into Solorigate Breach

The software giant found no evidence that attackers gained extensive access to services or customer data.
18 February 2021

CrowdStrike Buys Log Management Startup Humio for $400M

CrowdStrike plans to use Humio's technology to continue building out its extended detection and response platform.
18 February 2021

Cybercriminal Enterprise ‘Ringleaders’ Stole $55M Via COVID-19 Fraud, Romance Scams

Cybercriminal Enterprise ‘Ringleaders’ Stole $55M Via COVID-19 Fraud, Romance Scams The Department of Justice (DoJ) cracked down on a Ghana-based cybercriminal enterprise behind a slew of romance scams, COVID-19 fraud attacks and business email compromise schemes since 2013.
18 February 2021

Apple Outlines 2021 Security, Privacy Roadmap

Apple Outlines 2021 Security, Privacy Roadmap Latest Apple Platform Security update folds iOS, macOS and hardware into security 2021 roadmap.
18 February 2021

Apple Offers Closer Look at Its Platform Security Technologies, Features

In a nearly 200-page document, company offers a detailed overview of Secure Enclave and multiple other security controls in Apple silicon-based Macs and other platforms.
18 February 2021