Cybersecurity News


Lazarus Affiliate ‘ZINC’ Blamed for Campaign Against Security Researcher

Lazarus Affiliate ‘ZINC’ Blamed for Campaign Against Security Researcher New details emerge of how North Korean-linked APT won trust of experts and exploited Visual Studio to infect systems with ‘Comebacker’ malware.
29 January 2021

2020 Marked a Renaissance in DDoS Attacks

Amid the global pandemic, cybercriminals ramped up use of one of the oldest attack techniques around.
29 January 2021

Electronic health records provider Athena to pay $18m settlement in kickback lawsuit

Athena was accused of paying under the table to push athenaClinicals software.
29 January 2021

Google bans another misbehaving CA from Chrome

Digital certificates issued by Spanish certificate authority Camerfirma will stop working in Chrome 90, in April.
29 January 2021

Google researcher discovers new iOS security system

iOS 14 shipped with BlastDoor, a new sandbox system for processing iMessages data.
28 January 2021

Law Enforcement Aims to Take Down Netwalker Ransomware

The Department of Justice has so far charged one Canadian national and seized nearly $500,000 in relation to Netwalker ransomware.
28 January 2021

Rocke Group’s Malware Now Has Worm Capabilities

Rocke Group’s Malware Now Has Worm Capabilities The Pro-Ocean cryptojacking malware now comes with the ability to spread like a worm, as well as harboring new detection-evasion tactics.
28 January 2021

Utah Ponders Making Online ‘Catfishing’ a Crime

Utah Ponders Making Online ‘Catfishing’ a Crime Pretending to be someone else online could become a criminal offense, setting a precedent for other states to follow.
28 January 2021

PCI SSC Executive Director Discusses New Board and 2021 Priorities


With the start of a new year, PCI SSC Executive Director Lance Johnson welcomes the new 2021-2022 Board of Advisors, provides an update on the Council’s top priorities, and offers insight into what stakeholders can expect in 2021.

28 January 2021

LogoKit Simplifies Office 365, SharePoint ‘Login’ Phishing Pages

LogoKit Simplifies Office 365, SharePoint ‘Login’ Phishing Pages A phishing kit has been found running on at least 700 domains - and mimicking services via false SharePoint, OneDrive and Office 365 login portals.
28 January 2021

Hezbollah's cyber unit hacked into telecoms and ISPs

Security firm Clearsky said they identified at least 250 servers hacked by Lebanese Cedar, a hacking group linked to the Hezbollah militant group.
28 January 2021

Breach Data Highlights a Pivot to Orgs Over Individuals

In 2020, breaches were down by 19%, while the impact of those compromises -- measured in people affected -- fell by nearly two-thirds.
28 January 2021

Mimecast Confirms SolarWinds Hack as List of Security Vendor Victims Snowball

Mimecast Confirms SolarWinds Hack as List of Security Vendor Victims Snowball A growing number of cybersecurity vendors like CrowdStrike, Fidelis, FireEye, Malwarebytes, Palo Alto Networks and Qualys are confirming being targeted in the espionage attack.
28 January 2021

Digital Identity Is the New Security Control Plane

Simplifying the management of security systems helps provide consistent protection for the new normal.
28 January 2021

Building Your Personal Privacy Risk Tolerance Profile

Building Your Personal Privacy Risk Tolerance Profile Even today, on Data Privacy Day, privacy professionals give you permission to admit you actually love targeted ads.
28 January 2021

Pirated themes and plugins are the most widespread threat to WordPress sites

Wordfence says it found malware originating from a pirated WordPress theme or plugin on 206,000 sites, accounting for over 17% of all infected sites.
28 January 2021

App Variety -- and Security Innovation -- Surged in 2020

The shift to remote work pushed businesses to reimagine the fabric of apps and cloud services they needed to support their workforces.
28 January 2021

Emotet botnet disrupted in global operation

The law enforcement action is one of the most significant operations against cybercriminal enterprises ever

The post Emotet botnet disrupted in global operation appeared first on WeLiveSecurity

28 January 2021

Utah tests the waters in turning online catfishing into a criminal act

Pretending to be someone you’re not online could, one day, land you in hot water.
28 January 2021

Data Privacy Day: Top tips for safe remote learning

As schools and students continue to contend with the very real cyber-risks of virtual classrooms, we share some advice for protecting children’s data and privacy

The post Data Privacy Day: Top tips for safe remote learning appeared first on WeLiveSecurity

28 January 2021