Cybersecurity News


ExtraReplica: Microsoft patches cross-tenant bug in Azure PostgreSQL

The flaw was exploitable to conduct privilege escalation and code execution.
28 April 2022

Emotet is Back From ‘Spring Break’ With New Nasty Tricks

Emotet is Back From ‘Spring Break’ With New Nasty Tricks The Botnet appears to use a new delivery method for compromising Windows systems after Microsoft disables VBA macros by default.
27 April 2022

Fighting Fake EDRs With ‘Credit Ratings’ for Police

When KrebsOnSecurity last month explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media and technology providers, many security experts called it a fundamentally unfixable problem. But don't tell that to Matt Donahue, a former FBI agent who recently quit the agency to launch a startup that aims to help tech companies do a better job screening out phony law enforcement data requests -- in part by assigning trustworthiness or "credit ratings" to law enforcement authorities worldwide.
27 April 2022

A lookback under the TA410 umbrella: Its cyberespionage TTPs and activity

ESET researchers reveal a detailed profile of TA410: we believe this cyberespionage umbrella group consists of three different teams using different toolsets, including a new version of the FlowCloud espionage backdoor discovered by ESET.

The post A lookback under the TA410 umbrella: Its cyberespionage TTPs and activity appeared first on WeLiveSecurity

27 April 2022

Millions of Java Apps Remain Vulnerable to Log4Shell

Millions of Java Apps Remain Vulnerable to Log4Shell Four months after the critical flaw was discovered, attackers have a massive attack surface from which they can exploit the flaw and take over systems, researchers found.
27 April 2022

Bronze President spies on Russian targets as Ukraine invasion continues

It's not necessarily because Russia is considered hostile, however.
27 April 2022

PCI DSS v4.0 is Now Available: Resources and Engagement Events

 

Welcome to our podcast series, Coffee with The Council. I'm Alicia Malone, senior manager of public relations for the PCI Security Standards Council. Today we'll be talking about resources and upcoming engagement events pertaining to the recent release of version four of the PCI Data Security Standard, or PCI DSS. My guests for this episode are Elizabeth Terry, senior manager of community engagement at PCI SSC and Lindsay Goodspeed, senior manager of corporate communications at PCI SSC. Welcome to both of you!

26 April 2022

Firms Push for CVE-Like Cloud Bug System

Firms Push for CVE-Like Cloud Bug System Researchers propose fresh approaches to cloud-security bugs and mitigating exposure, impact and risk.
26 April 2022

Nation-state Hackers Target Journalists with Goldbackdoor Malware

Nation-state Hackers Target Journalists with Goldbackdoor Malware A campaign by APT37 used a sophisticated malware to steal information about sources , which appears to be a successor to Bluelight.
26 April 2022

The trouble with BEC: How to stop the costliest internet scam

BEC fraud generated more losses for victims than any other type of cybercrime in 2021. It’s long past time that organizations got a handle on these scams.

The post The trouble with BEC: How to stop the costliest internet scam appeared first on WeLiveSecurity

26 April 2022

Lapsus$ Hackers Target T-Mobile

Lapsus$ Hackers Target T-Mobile No government and customer data was accessed.
25 April 2022

Webcam hacking: How to know if someone may be spying on you through your webcam

Camfecting doesn’t ‘just’ invade your privacy – it could seriously impact your mental health and wellbeing. Here’s how to keep an eye on your laptop camera.

The post Webcam hacking: How to know if someone may be spying on you through your webcam appeared first on WeLiveSecurity

25 April 2022

Cybersecurity threats to critical infrastructure – Week in security with Tony Anscombe

As the Five Eyes nations warn of attacks against critical infrastructure, we look at the potentially cascading effects of such attacks and how essential systems and services can ramp up their defense

The post Cybersecurity threats to critical infrastructure – Week in security with Tony Anscombe appeared first on WeLiveSecurity

22 April 2022

Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code

KrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. The logs show LAPSUS$ breached T-Mobile multiple times in March, stealing source code for a range of company projects. T-Mobile says no customer or government information was stolen in the intrusion. LAPSUS$ is known for stealing data and then demanding a ransom not to publish or sell it. But the leaked chats indicate this mercenary activity was of little interest to the tyrannical teenage leader of LAPSUS$, whose obsession with stealing and leaking proprietary computer source code from the world’s largest tech companies ultimately led to the group’s undoing.
22 April 2022

Zero-Trust For All: A Practical Guide

Zero-Trust For All: A Practical Guide How to use zero-trust architecture effectively in today's modern cloud-dependent infrastructures.
22 April 2022

Skeletons in the Closet: Security 101 Takes a Backseat to 0-days

Skeletons in the Closet: Security 101 Takes a Backseat to 0-days Nate Warfield, CTO at Prevailion, discusses the dangers of focusing on zero-day security vulnerabilities, and how security teams are being distracted from the day-to-day work that prevents most breaches.
22 April 2022

LemonDuck botnet plunders Docker cloud instances in cryptocurrency crime wave

For as long as crypto is lucrative, cyberattackers will try to cash in.
22 April 2022

Beanstalk DeFi project robbed of $182 million in flash loan attack

Reserves were drained after the attacker awarded themselves voting rights.
21 April 2022

Hive hackers are exploiting Microsoft Exchange Servers in ransomware spree

In one case, it took them less than 72 hours to infiltrate and hold a company to ransom.
21 April 2022

Warrior Trading forced to pay $3 million for 'misleading' day trading scheme

The FTC says the firm's owner made "bogus money-making claims."
21 April 2022