Cybersecurity News


Being prepared for adversarial attacks

Being prepared for adversarial attacks There is no question that the level of threats facing today’s businesses continues to change on a daily basis. So what are the trends that CISOs need to be on the lookout for? For this episode of the Threatpost podcast, I am joined by Derek Manky, Chief Security Strategist & VP Global Threat Intelligence, Fortinet’s […]
02 June 2022

Microsoft Releases Workaround for ‘One-Click’ 0Day Under Active Attack

Microsoft Releases Workaround for ‘One-Click’ 0Day Under Active Attack Threat actors already are exploiting vulnerability, dubbed ‘Follina’ and originally identified back in April, to target organizations in Russia and Tibet, researchers said.
01 June 2022

Talking to children about the internet: A kid’s perspective

A 14-year-old shares his thoughts about technology and the potential privacy and security implications of the internet

The post Talking to children about the internet: A kid’s perspective appeared first on WeLiveSecurity

01 June 2022

Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions

Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware gang — Conti. Ransomware experts say there is good reason to believe the same cybercriminals are behind both attacks, and that Hive has been helping Conti rebrand and evade international sanctions targeting extortion payouts to cybercriminals operating in Russia.
31 May 2022

EnemyBot Malware Targets Web Servers, CMS Tools and Android OS

EnemyBot Malware Targets Web Servers, CMS Tools and Android OS Malware borrows generously from code used by other botnets such as Mirai, Qbot and Zbot.
31 May 2022

ChromeLoader Browser Hijacker Provides Gateway to Bigger Threats

ChromeLoader Browser Hijacker Provides Gateway to Bigger Threats The malvertiser’s use of PowerShell could push it beyond its basic capabilities to spread ransomware, spyware or steal data from browser sessions, researchers warn.
31 May 2022

Zero-Day ‘Follina’ Bug Lays Older Microsoft Office Versions Open to Attack

Zero-Day ‘Follina’ Bug Lays Older Microsoft Office Versions Open to Attack Malware loads itself from remote servers and bypasses Microsoft's Defender AV scanner, according to reports.
30 May 2022

Keeping it real: Don’t fall for lies about the war

Falsehoods about the war in Ukraine come in all shapes and sizes – here are a few examples of what’s in the fake news

The post Keeping it real: Don’t fall for lies about the war appeared first on WeLiveSecurity

30 May 2022

Scams targeting NFT investors – Week in security with Tony Anscombe

As with everything digital, there's someone, somewhere devising a method to steal the assets away from their rightful owners

The post Scams targeting NFT investors – Week in security with Tony Anscombe appeared first on WeLiveSecurity

27 May 2022

Critical Flaws in Popular ICS Platform Can Trigger RCE

Critical Flaws in Popular ICS Platform Can Trigger RCE Cisco Talos discovered eight vulnerabilities in the Open Automation Software, two of them critical, that pose risk for critical infrastructure networks.
27 May 2022

Cybersecurity: A global problem that requires a global answer

New and exacerbated cyber-risks following Russia’s invasion of Ukraine are fueling a new urgency towards enhancing resilience

The post Cybersecurity: A global problem that requires a global answer appeared first on WeLiveSecurity

27 May 2022

Some QCT servers vulnerable to 'Pantsdown' flaw say security researchers

The vulnerability, now patched, was issued a critical severity score of 9.8.
26 May 2022

ESET Research Podcast: UEFI in crosshairs of ESPecter bootkit

Listen to Aryeh Goretsky, Martin Smolár, and Jean-Ian Boutin discuss what UEFI threats are capable of and what the ESPecter bootkit tells us about their evolution

The post ESET Research Podcast: UEFI in crosshairs of ESPecter bootkit appeared first on WeLiveSecurity

26 May 2022

Cybergang Claims REvil is Back, Executes DDoS Attacks

Cybergang Claims REvil is Back, Executes DDoS Attacks Actors claiming to be the defunct ransomware group are targeting one of Akami’s customers with a Layer 7 attack, demanding an extortion payment in Bitcoin.
26 May 2022

PCI DSS v4.0: A Regional Perspective from Brazil

 

After nearly six years with the PCI Security Standards Council (PCI SSC), Carlos Caetano, Associate Director for the LA Region of Brazil, has decided to take on a new challenge with another company. The Council would like to take this opportunity to thank Carlos for his outstanding service to our organization. Under his leadership, PCI SSC held successful Latin American Forums, created the Brazil Regional Engagement Board, and established relationships with new Participating Organizations in Brazil. Carlos has served as Chair of the PCI SSC Translations Committee and has been a terrific spokesperson for the Council. PCI SSC wishes him all the very best in his future endeavors.

25 May 2022

Link Found Connecting Chaos, Onyx and Yashma Ransomware

Link Found Connecting Chaos, Onyx and Yashma Ransomware A slip-up by a malware author has allowed researchers to taxonomize three ransomware variations going by different names.
25 May 2022

Zoom Patches ‘Zero-Click’ RCE Bug

Zoom Patches ‘Zero-Click’ RCE Bug The Google Project Zero researcher found a bug in XML parsing on the Zoom client and server.
25 May 2022

Verizon Report: Ransomware, Human Error Among Top Security Risks

Verizon Report: Ransomware, Human Error Among Top Security Risks 2022’s DBIR also highlighted the far-reaching impact of supply-chain breaches and how organizations and their employees are the reasons why incidents occur.
25 May 2022

5 reasons why GDPR was a milestone for data protection

The landmark regulation changed everyone’s mindset on how companies worldwide collect and use the personal data of EU citizens

The post 5 reasons why GDPR was a milestone for data protection appeared first on WeLiveSecurity

25 May 2022

Fronton IOT Botnet Packs Disinformation Punch

Fronton IOT Botnet Packs Disinformation Punch Fronton botnet has far more ability than launching DDOS attack, can track social media trends and launch suitable propaganda.
24 May 2022