Cybersecurity News


Alina Point-of-Sale Malware Spotted in Ongoing Campaign

Alina Point-of-Sale Malware Spotted in Ongoing Campaign The malware is using DNS tunneling to exfiltrate payment-card data.
01 July 2020

New MacOS Ransomware Hides in Pirated Program

A bogus installer for Little Snitch carries a ransomware hitchhiker.
01 July 2020

Microsoft Issues Out-of-Band Patches for RCE Flaws

Vulnerabilities had not been exploited or publicly disclosed before fixes were released, Microsoft reports.
01 July 2020

EvilQuest: Inside A ‘New Class’ of Mac Malware

EvilQuest: Inside A ‘New Class’ of Mac Malware Mac expert Thomas Reed discusses how EvilQuest is ushering in a new class of Mac malware.
01 July 2020

4 Steps to a More Mature Identity Program

Security has evolved to evaluate an identity's attributes, access, and behavior to determine appropriate access.
01 July 2020

One out of every 142 passwords is '123456'

The '123456' password was spotted 7 million times across a data trove of one billion leaked credentials, on one of the biggest password re-use studies of its kind.
01 July 2020

New Android Spyware Tools Emerge in Widespread Surveillance Campaign

New Android Spyware Tools Emerge in Widespread Surveillance Campaign Never-before-seen Android spyware tools have been used in a widespread APT campaign to spy on the Uyghur ethnic minority group - since 2013.
01 July 2020

Another COVID-19 Side Effect: Rising Nation-State Cyber Activity

While financial institutions and government remain popular targets, COVID-19 research organizations are now also in the crosshairs.
01 July 2020

Email Sender Identity is Key to Solving the Phishing Crisis

Email Sender Identity is Key to Solving the Phishing Crisis Almost 90% of email attacks manipulate sender identity to fool recipients and initiate social engineering attacks.
01 July 2020

Microsoft Releases Emergency Security Updates for Windows 10, Server

Microsoft Releases Emergency Security Updates for Windows 10, Server The patches fix two separate RCE bugs in Windows Codecs that allow hackers to exploit playback of multimedia files.
01 July 2020

AT&T dragged to court, again, over SIM hijacking and cryptocurrency theft

A customer allegedly lost $1.9 million due to AT&T’s handling of a number transfer request.
01 July 2020

Microsoft releases emergency update to fix two serious Windows flaws

The out-of-band update plugs two remote code execution bugs in the Windows Codecs library, including one rated as critical

The post Microsoft releases emergency update to fix two serious Windows flaws appeared first on WeLiveSecurity

01 July 2020

UK court shuts down scam cryptocurrency platform GPay Ltd, £1.5 million in client funds lost

GPay used fake celebrity endorsements and ads to lure traders to invest.
01 July 2020

CEO of exam monitoring software Proctorio apologises for posting student's chat logs on Reddit

CEO of exam monitoring software Proctorio apologises for posting student's chat logs on Reddit

Australian students who have raised privacy concerns describe the incident involving a Canadian student as ‘freakishly disrespectful’

The chief executive of an exam monitoring software firm that has raised privacy concerns in Australia has apologised for publicly posting a student’s chat logs during an argument on the website Reddit.

Mike Olsen, who is the CEO of the US-based Proctorio, has since deleted the posts and apologised, saying that he and Proctorio “take privacy very seriously”.

Related: Coalition's university fee overhaul accused of being an 'attack on women'

Related: Dan Tehan’s threat to police university enrolments can’t plug the holes in the Coalition’s logic

Continue reading...
01 July 2020

Microsoft releases emergency security update to fix two bugs in Windows codecs

Security updates have been silently deployed to customers on Tuesday through the Windows Store app.
30 June 2020

Apple tells app devs to use IPv6 as it's 1.4 times faster than IPv4

Company also urges app devs to start using newer web tech like HTTP/2 and TLS 1.3, citing similar performance and speed improvements.
30 June 2020

Ripple20 Threatens Increasingly Connected Medical Devices

A series of IoT vulnerabilities could put hospital networks, medical data, and patient safety at risk.
30 June 2020

COVID-19 Puts ICS Security Initiatives 'On Pause'

Security pros concerned that increased remote access to vulnerable operational technology and stalled efforts to harden OT environments puts critical infrastructure at greater risk.
30 June 2020

FCC Designates Huawei & ZTE as National Security Threats

Backdoors in 5G network equipment from these vendors could enable espionage and malicious activity, agency says.
30 June 2020

Attackers Will Target Critical PAN-OS Flaw, Security Experts Warn

After Palo Alto Networks alerted users to a simple-to-exploit vulnerability in its network security gear, security agencies quickly warn that attackers won't wait to jump on it.
30 June 2020