Cybersecurity News
Ghost blogging platform servers hacked and infected with crypto-miner
Ghost platform got hacked via the same vulnerability that allowed hackers to breach LineageOS servers hours before.03 May 2020
Hackers breach LineageOS servers via unpatched vulnerability
LineageOS source code, OS builds, and signing keys were unaffected, developers said.03 May 2020
UK NCSC to stop using 'whitelist' and 'blacklist' due to racial stereotyping
UK cyber-security agency to use "allow list" and "deny list" on its website, going forward.02 May 2020
Hacker leaks 15 million records from Tokopedia, Indonesia's largest online store
The Tokopedia data has been published on a well-known hacking forum.02 May 2020
Upgraded Cerberus Spyware Spreads Rapidly via MDM
No longer a simple Android banker, Cerberus is now a full-fledged RAT that can take complete control of devices and automatically spread via mobile device management servers.
01 May 2020
Fake Microsoft Teams Emails Phish for Credentials
Employees belonging to organizations in industries such as energy, retail, and hospitality have been recipients, Abnormal Security says.01 May 2020
DHS CISA Launches Site for Teleworking Security
The new website is intended to be a one-stop source for information on securing teleworkers and their employers.01 May 2020
Trump bans acquisition of foreign power grid equipment, citing hacking threats
White House says foreign-made equipment "augments the ability of foreign adversaries to create and exploit vulnerabilities" in the US power grid.01 May 2020
Name That Toon: The Lights Are On ...
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
01 May 2020
News Wrap: Microsoft Sway Phish, Malicious GIF and Spyware Attacks
Threatpost editors discuss a phishing attack abusing Microsoft Sway, a Microsoft Teams flaw and an Android spyware campaign unearthed this week.
01 May 2020
Best Practices for Managing a Remote SOC
Experts share what it takes to get your security analysts effectively countering threats from their home offices.01 May 2020
Microsoft Teams Impersonation Attacks Flood Inboxes
Two separate attacks have targeted as many as 50,000 different Teams users, with the goal of phishing Office 365 logins.
01 May 2020
Week in security with Tony Anscombe
ESET's new Threat Report is out – Another deep dive into Latin American banking trojans – More coronavirus-themed scams
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
01 May 2020
Apple Makes It Easier to Unlock iPhone While Wearing a Mask
The beta release of iOS 13.5 brings an updated FaceID so that users wearing masks can bypass facial recognition and unlock their phone with a code.01 May 2020
New Firefox service will generate unique email aliases to enter in online forms
Firefox Private Relay add-on to help users safeguard their email addresses from spammers.01 May 2020
Industrial Networks' Newest Threat: Remote Users
We know remote working isn't going away anytime soon, so it's crucial we be extra vigilant about security for industrial networks and critical infrastructure.01 May 2020
TrickBot Attack Exploits COVID-19 Fears with DocuSign-Themed Ploy
Threat actors are spreading the tricky trojan through fake messages in another opportunistic COVID-19-related campaign, said IBM X-Force.
01 May 2020
Oracle warns of attacks against recently patched WebLogic security bug
Oracle patched the bug last month but attacks began after proof-of-concept code was published on GitHub.01 May 2020
SaltStack Salt critical bugs allow data center, cloud server hijacking as root
Researchers expect the vulnerabilities to be exploited in the wild within days.01 May 2020
Ninja Forms WordPress bug exposed over a million users to XSS attacks, website hijacking
The severe XSS vulnerability permitted site takeover and visitor browser redirection to malicious websites.01 May 2020