Cybersecurity News


Facebook sues two Chrome extension devs for scraping user data

Facebook filed a lawsuit today in Portugal against browser extension maker Oink and Stuff.
14 January 2021

SolarWinds defense: How to stop similar attacks

The Linux Foundation, which knows a thing or two about building secure software, has suggestions on how we can avoid SolarWinds type attacks in the future. It won't be easy. But it must be done.
14 January 2021

Florida Ethics Officer Charged with Cyberstalking

Florida Ethics Officer Charged with Cyberstalking Judge bars former Tallahassee city ethics officer from internet-connected devices after her arrest for cyberstalking.
14 January 2021

Telegram Bots at Heart of Classiscam Scam-as-a-Service

Telegram Bots at Heart of Classiscam Scam-as-a-Service The cybercriminal service has scammed victims out of $6.5 million and continues to spread on Telegram.
14 January 2021

Cloud Attacks Are Bypassing MFA, Feds Warn

Cloud Attacks Are Bypassing MFA, Feds Warn CISA has issued an alert warning that cloud services at U.S. organizations are being actively and successfully targeted.
14 January 2021

Cisco says it won't patch 74 security bugs in older RV routers that reached EOL

Cisco advises RV110W, RV130, RV130W, and RV215W device owners to migrate to newer gear.
14 January 2021

CES 2021: Car spying – your insurance company is watching you

Your ‘networked computer on wheels’ has a privacy problem – and you may not be in the driver’s seat when it comes to your data

The post CES 2021: Car spying – your insurance company is watching you appeared first on WeLiveSecurity

14 January 2021

Who Is Responsible for Protecting Physical Security Systems From Cyberattacks?

Who Is Responsible for Protecting Physical Security Systems From Cyberattacks? It's a question that continues to engage debate, as the majority of new physical security devices being installed are now connected to a network. While this offers myriad benefits, it also raises the question: Who is responsible for their cybersecurity?
14 January 2021

Vulnerability Management Has a Data Problem

Security teams have an abundance of data, but most of it lacks the context necessary to improve remediation outcomes.
14 January 2021

Apple removes feature that allowed its apps to bypass macOS firewalls and VPNs

The ContentFilterExclusionList has been removed in macOS 11.2 beta 2.
14 January 2021

Trump ban: No ‘moment for celebration’ in the eyes of Twitter chief

Analysis: Twitter CEO Jack Dorsey has highlighted how enmeshed private companies, politics, and public safety have become.
14 January 2021

Ring Adds End-to-End Encryption to Quell Security Uproar

Ring Adds End-to-End Encryption to Quell Security Uproar The optional feature was released free to users in a technical preview this week, adding a new layer of security to service, which has been plagued by privacy concerns.
14 January 2021

Scam-as-a-Service operation made more than $6.5 million in 2020

"Classiscam" operation is made up of around 40 groups operating in the US and across several European countries.
14 January 2021

Ring trials customer video end-to-end encryption for smart doorbells

The security feature will be opt-in for users that want to encrypt their video feeds.
14 January 2021

Hackers leak stolen COVID‑19 vaccine documents

The documents related to COVID-19 vaccine and medications were stolen from the EU's medicines agency last month

The post Hackers leak stolen COVID‑19 vaccine documents appeared first on WeLiveSecurity

13 January 2021

TikTok Takes Teen Accounts Private

TikTok Takes Teen Accounts Private The company announced accounts for ages 13-15 will default to privacy setting, among other safety measures.
13 January 2021

SolarWinds Attackers May Have Hit Mimecast, Driving New Concerns

Mimecast no longer uses the SolarWinds Orion network management software that served as an attack vector for thousands of organizations.
13 January 2021

High-Severity Cisco Flaw Found in CMX Software For Retailers

High-Severity Cisco Flaw Found in CMX Software For Retailers Cisco fixed high-severity flaws tied to 67 CVEs overall, including ones found inits AnyConnect Secure Mobility Client and in its RV110W, RV130, RV130W, and RV215W small business routers.
13 January 2021

Critical WordPress-Plugin Bug Found in ‘Orbit Fox’ Allows Site Takeover

Critical WordPress-Plugin Bug Found in ‘Orbit Fox’ Allows Site Takeover Two security vulnerabilities -- one a privilege-escalation problem and the other a stored XSS bug -- afflict a WordPress plugin with 40,000 installs.
13 January 2021

Iranian cyberspies behind major Christmas SMS spear-phishing campaign

Iranian hackers managed to successfully hide URLs to phishing sites behind legitimate google.com links.
13 January 2021