Cybersecurity News


Alleged Gaming Software Supply-Chain Attack Installs Spyware

Alleged Gaming Software Supply-Chain Attack Installs Spyware Researchers allege that software used for downloading Android apps onto PCs and Macs has been compromised to install malware onto victim devices.
01 February 2021

Rapid7 Acquires Alcide, Strengthens Focus on Cloud

Its $50 million purchase of Alcide, a Kubernetes security provider, follows its 2020 acquisition of cloud security vendor DivvyCloud.
01 February 2021

U.K. Arrest in ‘SMS Bandits’ Phishing Service

Authorities in the United Kingdom have arrested a 20-year-old man for allegedly operating an online service for sending high-volume phishing campaigns via mobile text messages. The service, marketed in the underground under the name "SMS Bandits," has been responsible for blasting out huge volumes of phishing lures spoofing everything from COVID-19 pandemic relief efforts to PayPal, telecommunications providers and tax revenue agencies.
01 February 2021

Strengthening Zero-Trust Architecture

Organizations that want to stay ahead of cybercriminals will find that going beyond user trust and device trust is critical for outwitting their adversaries.
01 February 2021

6 Cybersecurity Start-Up Trends to Track

6 Cybersecurity Start-Up Trends to Track The pandemic took a bite out of funding deals, but cybersecurity start-ups fared better than many other industries.
01 February 2021

Operation NightScout: Supply‑chain attack targets online gaming in Asia

ESET researchers uncover a supply-chain attack used in a cyberespionage operation targeting online‑gaming communities in Asia

The post Operation NightScout: Supply‑chain attack targets online gaming in Asia appeared first on WeLiveSecurity

01 February 2021

Hacker group inserted malware in NoxPlayer Android emulator

Attackers targeted only a handful of victims. Only five detected until now, in countries such as Taiwan, Hong Kong, and Sri Lanka.
01 February 2021

Libgcrypt developers release urgent update to tackle severe vulnerability

A severe heap buffer issue was found by Google Project Zero’s Tavis Ormandy.
01 February 2021

UK Research and Innovation suffers ransomware attack

The agency has suspended some services while an investigation takes place.
01 February 2021

SonicWall zero-day exploited in the wild

Security firm NCC Group said it detected "indiscriminate" exploitation of a mysterious SonicWall zero-day.
01 February 2021

FonixCrypter ransomware gang releases master decryption key

FonixCrypter gang claimed it shut down and deleted their ransomware's source code.
29 January 2021

WordPress Pop-Up Builder Plugin Flaw Plagues 200K Sites

WordPress Pop-Up Builder Plugin Flaw Plagues 200K Sites The flaw could have let attackers send out custom newsletters and delete newsletter subscribers from 200,000 affected websites.
29 January 2021

Microsoft 365 Becomes Haven for BEC Innovation

Microsoft 365 Becomes Haven for BEC Innovation Two new phishing tactics use the platform's automated responses to evade email filters.
29 January 2021

Cloud Security Startup Armo Emerges from Stealth with $4.5M

Armo's platform was developed to protect cloud-native workloads and provide DevOps teams with greater visibility and control.
29 January 2021

Google deploys Chrome mitigations against new NAT Slipstreaming attack

After the discovery of NAT Slipstreaming 2.0 attack this week, Google says it will block Chrome traffic on ports 69, 137, 161, 1719, 1720, 1723, 6566, and 10080.
29 January 2021

FBI Encounters: Reporting an Insider Security Incident to the Feds

FBI Encounters: Reporting an Insider Security Incident to the Feds Most insider incidents don't get reported to the FBI due to fear of debilitating business disruptions, public embarrassment, and screeching vans skidding into the parking lot to confiscate servers. But is that reality?
29 January 2021

Ransomware Payoffs Surge by 311% to Nearly $350 Million

Payments to ransomware gangs using cryptocurrency more than quadrupled in 2020, with less than 200 cryptocurrency wallets receiving 80% of funds.
29 January 2021

The Taxman Cometh for ID Theft Victims

The unprecedented volume of unemployment insurance fraud witnessed in 2020 hasn't abated, although news coverage of the issue has largely been pushed off the front pages by other events. But the ID theft problem is coming to the fore once again: Countless Americans will soon be receiving notices from state regulators saying they owe thousands of dollars in taxes on benefits they never received last year.
29 January 2021

Industrial Gear at Risk from Fuji Code-Execution Bugs

Industrial Gear at Risk from Fuji Code-Execution Bugs Fuji Electric’s Tellus Lite V-Simulator and V-Server Lite can allow attackers to take advantage of operational technology (OT)-IT convergence on factory floors, at utility plants and more.
29 January 2021

Apple iOS 14 Thwarts iMessage Attacks With BlastDoor System

Apple iOS 14 Thwarts iMessage Attacks With BlastDoor System Apple has made structural improvements in iOS 14 to block message-based, zero-click exploits.
29 January 2021