Cybersecurity News
Investment Scammers Prey on Dating App Users, Interpol Warns
Users of dating apps - like Tinder, Match and Bumble - should be on the lookout for investment-fraud scammers.20 January 2021
Paving the way: Inspiring Women in Payments - A podcast featuring Nicole Braun
At times, Nicole Braun was the only female Qualified Security Assessor (QSA) in the entire country of New Zealand. In our 2021 podcast series debut, Nicole explains how she found success in the payments industry, against all odds, and why she thinks there are encouraging signs that a gender shift is coming.
20 January 2021
Google Research Pinpoints Security Soft Spot in Multiple Chat Platforms
Mystery of spying using popular chat apps uncovered by Google Project Zero researcher.20 January 2021
Tips for a Bulletproof War Room Strategy
The techniques used in real-world combat apply in cybersecurity operations, except that instead of bullets flying downrange, it's packets.20 January 2021
Interpol warns of romance scam artists using dating apps to promote fake investments
Matches lead victims not to love, but to fake money-making apps, instead.20 January 2021
A Chinese hacking group is stealing airline passenger details
Chinese hackers are gathering passenger details from airlines across the world to track high-value targets' movements.20 January 2021
Vulnerabilities in Popular DNS Software Allow Poisoning
Seven flaws in DNSMasq have limited impact, but in combination they could be chained to create a multistaged attack.19 January 2021
Microsoft to Launch 'Enforcement Mode' for Zerologon Flaw
Enforcement mode for the Netlogon Domain Controller will be enabled by default with the Feb. 9 security update.19 January 2021
SolarWinds Attack Underscores 'New Dimension' in Cyber-Espionage Tactics
Meanwhile, Malwarebytes is the latest victim, Symantec discovers a fourth piece of malware used in the massive attack campaign, and FireEye Mandiant releases a free tool to help spot signs of the attack.19 January 2021
DNSpooq Flaws Allow DNS Hijacking of Millions of Devices
Seven flaws in open-source software Dnsmasq could allow DNS cache poisoning attacks and remote code execution.19 January 2021
4 Intriguing Email Attacks Detected by AI in 2020
Here's to the sneakiest of the sneaky. These clever phishing messages -- that standard validation measures often missed -- deserve proper dishonor. (Sponsored)19 January 2021
4 Intriguing Email Attacks Detected by AI in 2020
Here's to the sneakiest of the sneaky. These clever phishing messages -- that standard validation measures often missed -- deserve proper dishonor.19 January 2021
Rob Joyce to Take Over as NSA Cybersecurity Director
Joyce will replace Anne Neuberger, who is now deputy national security advisor for the incoming Biden administration.19 January 2021
FBI warns of voice phishing attacks stealing corporate credentials
Criminals coax employees into handing over their access credentials and use the login data to burrow deep into corporate networks
The post FBI warns of voice phishing attacks stealing corporate credentials appeared first on WeLiveSecurity
19 January 2021
Malwarebytes said it was hacked by the same group who breached SolarWinds
Malwarebytes becomes fourth major security firm targeted by attackers after Microsoft, FireEye, and CrowdStrike.19 January 2021
New Charges Derail COVID Release for Hacker Who Aided ISIS
A hacker serving a 20-year sentence for stealing personal data on 1,300 U.S. military and government employees and giving it to an Islamic State hacker group in 2015 has been charged once again with fraud and identity theft. The new charges have derailed plans to deport him under compassionate release because of the COVID-19 pandemic.19 January 2021
The Most Pressing Concerns Facing CISOs Today
Building security into the software development life cycle creates more visibility, but CISOs still need stay on top of any serious threats on the horizon, even if they are largely unknown.19 January 2021
Google Chrome 88 released with no Flash support, bringing an end to an era
Besides removing Flash, Google has also removed support for FTP links (ftp://) as well.19 January 2021
SolarWinds Malware Arsenal Widens with Raindrop
The post-compromise backdoor installs Cobalt Strike to help attackers more laterally through victim networks.19 January 2021
Linux Devices Under Attack by New FreakOut Malware
The FreakOut malware is adding infected Linux devices to a botnet, in order to launch DDoS and cryptomining attacks.19 January 2021