Cybersecurity News
The Double-Edged Sword of Cybersecurity Insurance
With ransomware on the rise, more organizations are opting to purchase cyber insurance -- tipping off criminals about how much to demand for access back to pilfered systems and data.
10 November 2020
Ghimob Android Banking Trojan Targets 153 Mobile Apps
A banking trojan is targeting mobile app users in Brazil - and researchers warn that its operator has big plans to expand abroad.
10 November 2020
How Hackers Blend Attack Methods to Bypass MFA
Protecting mobile apps requires a multilayered approach with a mix of cybersecurity measures to counter various attacks at different layers.10 November 2020
Microsoft Teams Users Under Attack in ‘FakeUpdates’ Malware Campaign
Microsoft warns that cybercriminals are using Cobalt Strike to infect entire networks beyond the infection point, according to a report.
10 November 2020
Critical privilege escalation bugs squashed in WordPress Ultimate Member plugin
The vulnerabilities impacted roughly 100,000 websites.10 November 2020
Chrome to block tab-nabbing attacks
Firefox and Safari are already blocking these types of web attacks10 November 2020
New 'Ghimob' malware can spy on 153 Android mobile applications
New Ghimob Android trojan rises and evolves from Brazil to spread internationally.10 November 2020
Npm package caught stealing sensitive Discord and browser files
Malicious code was found hidden inside a JavaScript library named Discord.dll.09 November 2020
New Brazilian Banking Trojan Targets Mobile Users in Multiple Countries
Ghimob is a full-fledged spy in your pocket, Kaspersky says.09 November 2020
FTC Announces Consent Agreement With Zoom
The agreement covers Zoom's misleading statements on security for its audio and video calling.09 November 2020
Hotels.com & Expedia Provider Exposes Millions of Guests' Data
Hotel reservation platform Prestige Software compromised personal data belonging to millions of travelers through a misconfigured AWS S3 bucket.09 November 2020
Bug hunter wins 'Researcher of the Month' award for DOD account takeover bug
Severe bug would have allowed hackers to hijack DOD accounts just by modifying a few parameters in web requests sent to DOD servers.09 November 2020
Trump Site Alleging AZ Election Fraud Exposes Voter Data
Slapdash setup of Trump website collecting reports of Maricopa County in-person vote irregularities exposed 163,000 voter data records to fraud, via SQL injection.
09 November 2020
Data Privacy Gets Solid Upgrade With Early Adopters
The United Kingdom and the regional government of Flanders kick off four pilots of the Solid data-privacy technology from World Wide Web inventor Tim Berners-Lee, which gives users more control of their data.09 November 2020
Cyberattack on UVM Health Network Impedes Chemotherapy Appointments
The cyberattack has halted chemotherapy, mammogram and screening appointments, and led to 300 staff being furloughed or reassigned.
09 November 2020
Zoom settles FTC charges for misleading users about security features
The FTC accused Zoom of misrepresenting how its call encryption features worked.09 November 2020
Ultimate Member Plugin for WordPress Allows Site Takeover
Three critical security bugs allow for easy privilege escalation to an administrator role.
09 November 2020
Insecure APIs a Growing Risk for Organizations
Security models for application programming interfaces haven't kept pace with requirements of a non-perimeter world, Forrester says.09 November 2020
Microsoft Exchange Attack Exposes New xHunt Backdoors
An attack on the Microsoft Exchange server of an organization in Kuwait revealed two never-before-seen Powershell backdoors.
09 November 2020
Millions of Hotel Guests Worldwide Caught Up in Mass Data Leak
A cloud misconfiguration affecting users of a popular reservation platform threatens travelers with identity theft, scams, credit-card fraud and vacation-stealing.
09 November 2020