Cybersecurity News
Details Emerge on How Gaming Giant EA Was Hacked
Hacking group stole source code to FIFA 21 and the company's Frostbite engine.11 June 2021
Many Mobile Apps Intentionally Using Insecure Connections for Sending Data
A new analysis of iOS and Android apps released to Apple's and Google's app stores over the past five years found many to be deliberately breaking HTTPS protections.11 June 2021
Monumental Supply-Chain Attack on Airlines Traced to State Actor
Airlines are warned to scour networks for traces of the campaign, likely the work of APT41, lurking in networks.
11 June 2021
Secure Access Trade-offs for DevSecOps Teams
Thanks to recent advancements in access technologies, everyone can apply identity-based authentication and authorization and zero-trust principles for their computing resources.11 June 2021
Lax security around URL shortener exposed PII of US retailer Carter’s customer base
Hundreds of thousands of customers may have been impacted.11 June 2021
Week in security with Tony Anscombe
ESET Research dissects campaigns by the Gelsemium and BackdoorDiplomacy APT groups – Hacking an orbiting satellite isn't necessarily the stuff of Hollywood
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
11 June 2021
Police Grab Slilpp, Biggest Stolen-Logins Market
There were more than 80 million login credentials for sale, used to inflict over $200 million in losses in the U.S. alone.
11 June 2021
Hackers Steal FIFA 21 Source Code, Tools in EA Breach
Raft of other proprietary game data and related software and developer kits also pilfered in the unspecified attack, which the company is investigating.
11 June 2021
Tracking ransomware cryptocurrency payments: What now for Bitcoin?
Should we expect cybercriminals to ditch the pseudonymous cryptocurrency for other forms of payment that may be better at throwing law enforcement off the scent?
The post Tracking ransomware cryptocurrency payments: What now for Bitcoin? appeared first on WeLiveSecurity
11 June 2021
Card Broken: 1000 arrests made in Chinese crackdown on fraud, cryptocurrency laundering
Criminals involved in telecom scams allegedly funneled their profits through cryptocurrency platforms.11 June 2021
Feds strike Slilpp, a marketplace for flogging initial access credentials
The marketplace was one of the largest sellers of stolen login information.11 June 2021
New Ransomware Group Claiming Connection to REvil Gang Surfaces
'Prometheus' is the latest example of how the ransomware-as-a-service model is letting new gangs scale up operations quickly.10 June 2021
'Fancy Lazarus' Criminal Group Launches DDoS Extortion Campaign
The group has re-emerged after a brief hiatus with a new email campaign threatening a DDoS attack against businesses that don't pay ransom.10 June 2021
Healthcare Device Security Firm COO Charged with Hacking Medical Center
Vikas Singla, chief operating officer of security firm that provides products and services to the healthcare industry, faces charges surrounding a cyberattack he allegedly conducted against Duluth, Ga.-based Gwinnett Medial Center.10 June 2021
‘Fancy Lazarus’ Cyberattackers Ramp up Ransom DDoS Efforts
The group, known for masquerading as various APT groups, is back with a spate of attacks on U.S. companies.
10 June 2021
JBS CEO Says Company Paid $11M in Ransom
The decision to pay attackers was a difficult one, CEO Andre Nogueira said in a statement.10 June 2021
'Beware the Lady Named Katie'
A semester-long course boiled down to two minutes and 45 seconds.10 June 2021
Critical Chrome Browser Bug Under Active Attack
Google has patched its Chrome browser, fixing one critical cache issue and a second bug being actively exploited in the wild.
10 June 2021
The Workforce Shortage in Cybersecurity Is a Myth
What we really have is an automation-in-the-wrong-place problem.10 June 2021
STEM Audio Table Rife with Business-Threatening Bugs
The desktop conferencing IoT gadget allows remote attackers to install all kinds of malware and move laterally to other parts of enterprise networks.
10 June 2021