1. Nmap Online
  2. Cybersecurity News

Cybersecurity News

Security flaws in smart doorbells may open the door to hackers

The peace of mind that comes with connected home security gadgets may be false – your smart doorbell may make an inviting target for unwanted visitors

The post Security flaws in smart doorbells may open the door to hackers appeared first on WeLiveSecurity

23 November 2020

Manchester United Suffers Cyberattack

Premier League soccer club says the attack didn't affect its website and app, and it doesn't appears to have exposed any fan or customer data either.
23 November 2020

TA416 APT Rebounds With New PlugX Malware Variant

TA416 APT Rebounds With New PlugX Malware Variant The TA416 APT has returned in spear phishing attacks against a range of victims - from the Vatican to diplomats in Africa - with a new Golang version of its PlugX malware loader.
23 November 2020

Chinese APT Group Returns to Target Catholic Church & Diplomatic Groups

APT group TA416 reemerges with new changes to its documented tool sets so it can continue launching espionage campaigns.
23 November 2020

Spotify Users Hit with Rash of Account Takeovers

Spotify Users Hit with Rash of Account Takeovers Users of the music streaming service were targeted by attackers using credential-stuffing approaches.
23 November 2020

Tesla Model X hacked and stolen in minutes using new key fob hack

Tesla is rolling out over-the-air software updates this week to prevent the attack from hijacking owner key fobs.
23 November 2020

Manchester United: IT Systems Disrupted in Cyberattack

Manchester United: IT Systems Disrupted in Cyberattack The popular U.K. soccer club confirmed an attack but said personal fan data remains secure.
23 November 2020

Joe Biden Campaign Subdomain Down After Hacktivist Defacement

Joe Biden Campaign Subdomain Down After Hacktivist Defacement A Turkish hacktivist defaced a subdomain of the president-elect's campaign website.
23 November 2020

Vote Now for 2020 Special Interest Group Projects

Vote Now for 2020 Special Interest Group Projects

 

From now through 21 December 2020, PCI SSC Participating Organizations are invited to vote on proposals for 2021 Special Interest Group (SIG) projects.  

23 November 2020

Malware creates scam online stores on top of hacked WordPress sites

The malware gang also poisoned the victims' XML sitemaps with thousands of scammy entries, lowering the sites' SERP ranking.
23 November 2020

3 Steps CISOs Can Take to Convey Strategy for Budget Presentations

Answering these questions will help CISOs define a plan and take the organization in a positive direction.
23 November 2020

How Retailers Can Fight Fraud and Abuse This Holiday Season

Online shopping will be more popular than ever with consumers... and with malicious actors too.
23 November 2020

GoDaddy staff fall prey to social engineering scam in cryptocurrency exchange attack wave

The domain registrar has confirmed that employees became embroiled in wider attacks.
23 November 2020

10 Undergraduate Security Degree Programs to Explore

10 Undergraduate Security Degree Programs to Explore Colleges and universities are ramping up cybersecurity education with a wider range of degree programs and more resources for students to build their infosec careers.
23 November 2020

TikTok patches reflected XSS bug, one-click account takeover exploit

The vulnerabilities impacted the video platform’s website.
23 November 2020

Manchester United football club discloses security breach

Football club said it's not "currently aware of any breach of personal data associated with our fans or customers."
21 November 2020

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. The attacks were facilitated by scams targeting employees at GoDaddy, the world's largest domain name registrar, KrebsOnSecurity has learned.
21 November 2020

Botnets have been silently mass-scanning the internet for unsecured ENV files

Threat actors are looking for API tokens, passwords, and database logins usually stored in ENV files.
21 November 2020

Google Services Weaponized to Bypass Security in Phishing, BEC Campaigns

Google Services Weaponized to Bypass Security in Phishing, BEC Campaigns Attackers exploiting an array of Google Services, including Forms, Firebase, Docs and more to boost phishing and BEC campaigns.
20 November 2020

VMware Fixes Critical Flaw in ESXi Hypervisor

VMware Fixes Critical Flaw in ESXi Hypervisor The critical and important-severity flaws were found by a team at the China-based Tiunfu Cup hacking challenge.
20 November 2020