Cybersecurity News
FBI: Hackers stole source code from US government agencies and private companies
FBI blames intrusions on improperly configured SonarQube source code management tools.07 November 2020
WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug
The shopping cart application contains a PHP object-injection bug.
06 November 2020
New Gitpaste-12 Botnet Exploits 12 Known Vulnerabilities
Researchers discover a new worm and botnet dubbed Gitpaste-12 for its ability to spread via GitHub and Pastebin.06 November 2020
Feds Seize $1B in Bitcoin from Silk Road
The illegal marketplace was hacked prior to it's takedown -- the IRS has now tracked down those stolen funds, it said.
06 November 2020
Apple Patches 24 Vulnerabilities Across Product Lines
The vulnerabilities include three for which exploits have already been seen in the wild.06 November 2020
Campari Site Suffers Ransomware Hangover
The Ragnar Locker operators released a stolen contract between Wild Turkey and actor Matthew McConaughey, as proof of compromise.
06 November 2020
The Oracle-Walmart-TikTok Deal Is Not Enough
The social media deal raises issues involving data custodianship and trusted tech partnerships.06 November 2020
Gitpaste-12 Worm Targets Linux Servers, IoT Devices
The newly discovered malware uses GitHub and Pastebin to house component code, and harbors 12 different initial attack vectors.
06 November 2020
Name That Toon: Masks and Manners
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
06 November 2020
Linux version of RansomEXX ransomware discovered
This marks the first time a major Windows ransomware strain has been ported to Linux to aid hackers in their targeted intrusions.06 November 2020
Request for Comments: PCI Card Production v3 Draft Standard
From 2 November to 1 December 2020, PCI SSC stakeholders can participate in a Request for Comments (RFC) on PCI Card Production v3 Draft Standard. Stakeholders can review the primary changes which are summarized in the Card Production and Provisioning Security Requirements v3.0 Summary of Changes document.
06 November 2020
Week in security with Tony Anscombe
Could a career in cybersecurity be right for you? – Google discloses a zero-day bug in Windows – Video game maker Capcom suffers a breach
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
06 November 2020
Apple patches three actively exploited zero‑day flaws in iOS
The vulnerabilities, which are all being abused for targeted attacks, affect a long list of devices
The post Apple patches three actively exploited zero‑day flaws in iOS appeared first on WeLiveSecurity
06 November 2020
How COVID-19 Changed the VC Investment Landscape for Cybersecurity Companies
What trends can startups and investors expect to see going forward?06 November 2020
Apple Patches Bugs Tied to Previously Identified Zero-Days
The actively exploited vulnerabilities discovered by Project Zero exist across iPhone, iPad and iPod devices.
06 November 2020
Israeli companies targeted with new Pay2Key ransomware
Security firm Check Point reports what appears to be a targeted attack against Israeli companies.06 November 2020
Ransomware gangs that steal your data don't always delete it
Coveware: Half of the Q3 2020 ransomware investigations involved data exfiltration, with cases doubling from the previous quarter.06 November 2020
US Seizes 27 More IRGC-Controlled Domain Names
The action follows last month's seizure of 92 domain names used by Iran's Islamic Revolutionary Guard Corps to spread disinformation.05 November 2020
NSS Labs' Abrupt Shutdown Leaves Many Unanswered Questions
Former execs and employees share some insights into the testing firm's shutdown. What does it mean for the future of security product testing?05 November 2020
Bug Bounty Hunters' Pro Tips on Chasing Vulns & Money
From meditation to the right mindset, seasoned vulnerability researchers give their advice on how to maximize bug bounty profits and avoid burnout.
05 November 2020
