Cybersecurity News


InfinityBlack Dismantled After Selling Millions of Credentials

InfinityBlack Dismantled After Selling Millions of Credentials In the Europol-led takedown, police shut down databases with more than 170 million entries.
06 May 2020

Almost a million WordPress websites targeted in massive campaign

An unknown threat actor is exploiting vulnerabilities in plugins for which patches have been available for months, or even years

The post Almost a million WordPress websites targeted in massive campaign appeared first on WeLiveSecurity

06 May 2020

Samsung patches 0-click vulnerability impacting all smartphones sold since 2014

Samsung patched this month a critical bug discovered by Google security researchers.
06 May 2020

The Guardian view on an NHS coronavirus app: it must do no harm | Editorial

The Guardian view on an NHS coronavirus app: it must do no harm | Editorial

Smartphones can be used to digitally trace Covid-19. But not if the public don’t download an app over privacy fears – or find it won’t work on their device

The idea of the NHS tracing app is to enable smartphones to track users and tell them whether they interacted with someone who had Covid-19. Yet this will work only if large proportions of the population download the app. No matter how smart a solution may appear, mass consent is required. That will not be easy. Ministers and officials have failed to address the trade-offs between health and privacy by being ambiguous about the app’s safeguards.

Instead of offering cast-iron guarantees about the length of time for which data would be held; who can access it; and the level of anonymity afforded, we have had opacity and obfuscation. It is true that we are dealing with uncertainties. But without absolute clarity about privacy the public is unlikely to take up the app with the appropriate gusto.

Continue reading...
06 May 2020

The Price of Fame? Celebrities Face Unique Hacking Threats

The Price of Fame? Celebrities Face Unique Hacking Threats Hackers are hitting the sports industry hard on social media and luring quarantined consumers with offers of free streaming services, a new report shows.
06 May 2020

When Achieving Deadpool Status Is a Good Thing

When Achieving Deadpool Status Is a Good Thing It means attackers have been met with sufficient resistance that it's no longer worth their trouble and have moved on
06 May 2020

The Price of Fame? Celebrities Face Unique Hacking Threats

The Price of Fame? Celebrities Face Unique Hacking Threats Hackers are hitting the sports industry hard on social media and luring quarantined consumers with offers of free streaming services, a new report shows.
06 May 2020

Microsoft Shells Out $100K for IoT Security

Microsoft Shells Out $100K for IoT Security A three-month Azure Sphere bug-bounty challenge will offer top rewards for compromising Pluton or Secure World within Microsoft's IoT security suite.
06 May 2020

Hackers hide web skimmer behind a website's favicon

Hackers created a fake image-hosting portal to hide a web skimming operation.
06 May 2020

Ransomware Attack Takes Down Toll Group Systems, Again

Ransomware Attack Takes Down Toll Group Systems, Again Australian transportation company Toll Group has been hit by the Nefilim ransomware, causing customers to experience delays.
06 May 2020

Is CVSS the Right Standard for Prioritization?

Is CVSS the Right Standard for Prioritization? More than 55% of open source vulnerabilities are rated high or critical. To truly understand a vulnerability and how it might affect an organization or product, we need much more than a number.
06 May 2020

Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware

Fresenius, Europe's largest private hospital operator and a major provider of dialysis products and services that are in such high demand thanks to the COVID-19 pandemic, has been hit in a ransomware cyber attack on its technology systems. The company said the incident has limited some of its operations, but that patient care continues.
06 May 2020

Attackers Claim Identity of Financial NGO to Steal Sharepoint, Office Credentials

Attackers Claim Identity of Financial NGO to Steal Sharepoint, Office Credentials Investment brokers are the target of a new wave of socially engineered phishing attacks, warns FINRA.
06 May 2020

Search provider Algolia discloses security incident due to Salt vulnerability

Algolia now joins the ranks of LineageOS, Ghost, Digicert, and Xen Orchestra.
06 May 2020

Facebook wipes out accounts linked to ‘fringe conspiracy’ QAnon content

The QAnon conspiracy theory movement surrounds US President Trump and bringing down the “deep state.”
06 May 2020

Logistics giant Toll Group hit by ransomware for the second time in three months

Toll says that it has no intention of bowing to blackmail.
06 May 2020

Details of 44m Pakistani mobile users leaked online, part of bigger 115m cache

The leak is already under investigation in Pakistan since last month, April 2020.
05 May 2020

SAP notifying 9% of customers about security bugs in some cloud products

SAP says an internal security review found issues with seven of its cloud products.
05 May 2020

SAP notifying 9% of customers about mysterious cloud products security holes

SAP says an internal security review found issues with seven of its cloud products.
05 May 2020

Attackers Adapt Techniques to Pandemic Reality

Over the past several months, threat actors have quickly shifted their tactics to take advantage of interest in the coronavirus, two studies find.
05 May 2020