Cybersecurity News
Domain Registrars Under Pressure to Combat COVID-19-Related Scams
A huge increase in malicious website registrations has prompted concern from US lawmakers.Using Big Tech to tackle coronavirus risks swapping one lockdown for another | Adam Smith
An app that logs movements and contacts might seem like a fair trade now but we risk giving away our privacy for good
Even when the lockdown is lifted, there is no guarantee that life will ever return to normal. To prevent a future outbreak of coronavirus, the UK will need to roll out mass testing, maintain some social distancing measures and closely monitor communities to curb future flare-ups.
In pursuing that last aim, governments across the world are developing technology to track our movements. When lockdown ends, technology could be a valuable means of controlling future outbreaks, alerting people to cases of Covid-19 in their area and hopefully preventing future shutdowns.
Related: The expansion of mass surveillance to stop coronavirus should worry us all | Veena Dubal
Adam Smith is a technology reporter at the Independent
Continue reading...Buying a secondhand device? Here’s what to keep in mind
If you’re trying to be responsible towards the planet, also be responsible to yourself and take these steps so that the device doesn’t end up costing you more than you’ve saved
The post Buying a secondhand device? Here’s what to keep in mind appeared first on WeLiveSecurity
Smart IoT home hubs vulnerable to remote code execution attacks
IoT hubs used in homes and offices were found to be susceptible to exploit due to critical bugs in their firmware.Serious flaws found in multiple smart home hubs: Is your device among them?
In worst-case scenarios, some vulnerabilities could even allow attackers to take control over the central units and all peripheral devices connected to them
The post Serious flaws found in multiple smart home hubs: Is your device among them? appeared first on WeLiveSecurity
Automated Bots Are Increasingly Scraping Data & Attempting Logins
The share of bot traffic to online sites declines, but businesses are seeing an overall increase in automated scraping of data, login attempts, and other detrimental activity.Banking.BR Android Trojan Emerges in Credential-Stealing Attacks
A new Android trojan targets banking customers with overlay attacks to steal their bank credentials and ultimately take over their accounts.
Researchers Use Microsoft Terminal Services Client in New Attack Method
The technique would enable attackers to run malicious code via Remote Desktop Protocol using DLL side-loading to bypass security controls.NFL Tackles Cybersecurity Concerns Ahead of 2020 Draft Day
Researchers weigh in on potential security concerns surrounding the 2020 NFL Draft.
New iOS exploit discovered being used to spy on China's Uyghur minority
New "Insomnia" exploit works on iOS versions 12.3, 12.3.1, and 12.3.2; was patched in iOS 12.4 last year.8 Tips for Small Merchants: Protecting Payment Data During COVID-19
The COVID-19 pandemic is quickly changing how many small merchants accept payments. Merchants that previously only had brick-and-mortar locations are moving to accept e-commerce and over-the-phone transactions.
RCE Exploit Released for IBM Data Risk Manager, No Patch Available
Three separate flaws can be chained to achieve full system compromise.
Viral WhatsApp Scam Promises Free Streaming Services
Cybercriminals capitalize on the popularity of media and entertainment to target consumers looking for at-home activities.Is COVID-19 Intensifying the Need for Security Staffing?
Overall, security practitioners should find themselves in a better working situation than many other professionals. However, we are not immune.Attackers Aim at Software Supply Chain with Package Typosquatting
Attackers seed Ruby Gems repository with more than 760 malicious packages using names just a bit different than the standard code libraries.Here's a list of all the ransomware gangs who will steal and leak your data if you don't pay
Ransomware gangs are getting more aggressive these days about pursuing payments and have begun stealing and threatening to leak sensitive documents if victims don't pay the requested ransom demand.Terahash Buys L0phtCrack in Password Merger
The acquisition brings password cracking and password auditing capabilities together in a single company.7 Steps to Avoid the Top Cloud Access Risks
Securing identities and data in the cloud is challenging, but a least-privilege access approach helps.Oil and Gas Firms Targeted With Agent Tesla Spyware
Highly targeted spearphishing emails are being sent to oil and gas companies in hopes of infecting them with the Agent Tesla spyware.