Cybersecurity News


What Usability Means to Security Pros

What Usability Means to Security Pros The last thing cybersecurity executives and practitioners need are even more tools that are difficult to operate. Here's what they look for when assessing new tools.
04 June 2020

ZLoader-Laced Emails Target Unemployed Victims

ZLoader-Laced Emails Target Unemployed Victims Researchers are warning of spear-phishing emails with CV lures that spread the ZLoader malware, which steals banking credentials from victims.
04 June 2020

Incognito mode detection still works in Chrome despite promise to fix

Google said last year that it would fix a bug that allowed sites to detect incognito mode, but no fix ever came.
04 June 2020

Hackers hijack one of Coincheck's domains for spear-phishing attacks

Hackers hijacked Coincheck's domain registrar account and then changed DNS settings.
03 June 2020

Romanian Skimmer Gang in Mexico Outed by KrebsOnSecurity Stole $1.2 Billion

An exhaustive inquiry published today by a consortium of investigative journalists says a three-part series KrebsOnSecurity published in 2015 on a Romanian ATM skimming gang operating in Mexico's top tourist destinations disrupted their highly profitable business, which raked in an estimated $20 million a month and enjoyed the protection of top Mexican authorities.
03 June 2020

Kaspersky IDs Sophisticated New Malware Targeted at Air-Gapped Systems

'USBCulprit' is one of several tools that suggest previously known Cycldek group is more dangerous than previous assumed, security vendor says.
03 June 2020

Sophisticated Info-Stealer Targets Air-Gapped Devices via USB

Sophisticated Info-Stealer Targets Air-Gapped Devices via USB The newly discovered USBCulprit malware is part of the arsenal of an APT known as Cycldek, which targets government entities.
03 June 2020

Attackers Target 1M+ WordPress Sites To Harvest Database Credentials

Attackers Target 1M+ WordPress Sites To Harvest Database Credentials An attack over the weekend unsuccessfully targeted 1.3 million WordPress websites, in attempts to download their configuration files and harvest database credentials.
03 June 2020

RATs 101: The Grimy Trojans That Scurry Through Remote Access Pipes

RATs 101: The Grimy Trojans That Scurry Through Remote Access Pipes Remote Access Trojans (RATs) can be the beginning of very bad things on your network or workstations.
03 June 2020

Google Faces $5B Lawsuit for Tracking Users in Incognito Mode

A proposed class-action lawsuit accuses Google of collecting browser data from people who used "private" mode.
03 June 2020

Chasing RobbinHood: Up Close with an Evolving Threat

A security researcher details how RobbinHood has changed and why it remains a threat for businesses to watch.
03 June 2020

Old Spreadsheet Macro Tech Newly Popular with Criminals

A 30-year-old macro technology for Microsoft Excel is finding new popularity as a cybersecurity attack vector.
03 June 2020

Google apps and websites get support for more security keys on iOS devices

You can now use hardware security keys to access Google apps and services running on iOS devices.
03 June 2020

What Government Contractors Need to Know About NIST, DFARS Password Reqs

Organizations that fail to comply with these rules can get hit with backbreaking fines and class-action lawsuits.
03 June 2020

TrickBot Adds BazarBackdoor to Malware Arsenal

TrickBot Adds BazarBackdoor to Malware Arsenal The stealthy backdoor is delivered via mass-market phishing emails that are well-crafted to appear convincing.
03 June 2020

Critical SAP ASE Flaws Allow Complete Control of Databases

Critical SAP ASE Flaws Allow Complete Control of Databases Researchers warn of critical flaws in SAP's Sybase Adaptive Server Enterprise software.
03 June 2020

Large-scale attack tries to steal configuration files from WordPress sites

Attackers tried to download configuration files from WordPress sites so they could steal database credentials.
03 June 2020

Many Exchange Servers Are Still Vulnerable to Remote Exploit

A privilege-escalation vulnerability patched in February by Microsoft continues to affect Exchange servers, with more than 80% of Internet-connected servers remaining vulnerable, one firm reports.
03 June 2020

Facebook now lets you delete old posts in bulk

Dealing with skeletons lurking in your Facebook closet has never been easier

The post Facebook now lets you delete old posts in bulk appeared first on WeLiveSecurity

03 June 2020

Social Distancing for Healthcare's IoT Devices

Security pros need to double down around prevention of lateral movement by attackers, especially if IoT devices are connected to the network.
03 June 2020