Cybersecurity News
Cayman Islands Bank Records Exposed in Open Azure Blob
An offshore Cayman Islands bank’s backups, covering a $500 million investment portfolio, were left unsecured and leaking personal banking information, passport data and even online banking PINs.
01 December 2020
Malicious npm packages caught installing remote access trojans
JavaScript and Node.js developers who installed the jdb.js and db-json.js packages were infected with the njRAT malware.01 December 2020
The Cybersecurity Skills Gap: It Doesn't Have to Be This Way
Once it becomes clear that off-the-shelf experts aren't realistic at scale, cultivating entry-level talent emerges as the only long-term solution -- not just for a hiring organization but for the field as a whole.01 December 2020
Cyberattackers could trick scientists into producing dangerous substances
Without ever setting foot in the lab, a threat actor could dupe DNA researchers into creating pathogens, according to a study describing "an end-to-end cyber-biological attack"
The post Cyberattackers could trick scientists into producing dangerous substances appeared first on WeLiveSecurity
01 December 2020
Call Fraud Operator Ordered to Pay $9M to Victims
Indian national will serve 20 years in prison for running a large call center fraud operation.01 December 2020
FBI warns of email forwarding rules being abused in recent hacks
FBI: "The web-based client's forwarding rules often do not sync with the desktop client, limiting the rules' visibility to cyber security administrators."01 December 2020
Zoom Impersonation Attacks Aim to Steal Credentials
The Better Business Bureau warns of phishing messages with the Zoom logo that tell recipients they have a missed meeting or suspended account.
01 December 2020
Electronic Medical Records Cracked Open by OpenClinic Bugs
Four security vulnerabilities in an open-source medical records management platform allow remote code execution, patient data theft and more.
01 December 2020
Ivanti Acquires MobileIron & Pulse Secure
The company plans to use these acquisitions to strengthen and secure IT connections across remote devices and infrastructure.01 December 2020
Sophos 2021 Threat Report: Navigating Cybersecurity in an Uncertain World
SPONSORED: As most of the world shifted to remote work in 2020, cybercriminals upped their game, devising ways to use the fears and anxieties of organizations and end users against them. Sophos Principal Research Scientist Chester Wisniewski discusses the fast-changing attacker behaviors outlined in the Sophos 2021 Threat Report, and how IT professionals need to update their approach to protect against more sophisticated threats.01 December 2020
Microsoft removes 18 malicious Edge extensions for injecting ads into web pages
Some extensions mimicked official apps while others copied popular Chrome extensions.01 December 2020
Can't Afford a Full-time CISO? Try the Virtual Version
A vCISO can align a company's information security program to business strategy and budgeting guidance to senior management.01 December 2020
Former NSS Labs CEO Launches New Security Testing Organization
Member-based CyberRatings.org to offer free to tiered paid access to tested security product and services ratings.01 December 2020
Bomb Threat, DDoS Purveyor Gets Eight Years
A 22-year-old North Carolina man has been sentenced to nearly eight years in prison for conducting bomb threats against thousands of schools in the U.S. and United Kingdom, launching distributed denial-of-service (DDoS) attacks, and for possessing sexually explicit images of minors.01 December 2020
Magecart Attack Convincingly Hijacks PayPal Transactions at Checkout
New credit-card skimmer uses postMessage to make malicious process look authentic to victims to steal payment data.
01 December 2020
2020 Cybersecurity Holiday Gift Guide for Kids
Grab some wrapping paper: These STEM toys and games are sure to spark creativity and hone coding and logic skills among a future generation of cybersecurity pros.
01 December 2020
'Hacker_R_US' gets eight years in prison for bomb threats and DDoS extortion
'Hacker_R_US' was one of the two members of the Apophis Squad hacker group.01 December 2020
2020's worst cryptocurrency breaches, thefts, and exit scams
Cryptocurrency exchanges have felt the impact of everything from vulnerability exploit to social engineering scams over this year.01 December 2020
The biggest hacks, data breaches of 2020
A pandemic is no reason for hackers to hold off cyberattacks against everything from government bodies to healthcare providers.01 December 2020
Microsoft links Vietnamese state hackers to crypto-mining malware campaign
Vietnamese state hackers imitate Chinese groups and start making money on the side while spying for their government.30 November 2020