Cybersecurity News


DarkHotel APT Targets Wynn, Macao Hotels to Rip Off Guest Data

DarkHotel APT Targets Wynn, Macao Hotels to Rip Off Guest Data A DarkHotel phishing campaign breached luxe hotel networks, including Wynn Palace and the Grand Coloane Resort in Macao, a new report says.
18 March 2022

Sandworm APT Hunts for ASUS Routers with Cyclops Blink Botnet

Sandworm APT Hunts for ASUS Routers with Cyclops Blink Botnet The Russian-speaking APT behind the NotPetya attacks and the Ukrainian power grid takedown could be setting up for additional sinister attacks, researchers said.
18 March 2022

Week in security with Tony Anscombe

ESET Research finds another data wiper in Ukraine – Securing data centers against threats – A cultural divide between the military and Silicon Valley

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

18 March 2022

Google Blows Lid Off Conti, Diavol Ransomware Access-Broker Ops

Google Blows Lid Off Conti, Diavol Ransomware Access-Broker Ops Researchers have exposed the work of Exotic Lily, a full-time cybercriminal initial-access group that uses phishing to infiltrate organizations’ networks for further malicious activity.
18 March 2022

Franchises, partnerships emerge in Ransomware-as-a-Service operations

Researchers detail the movers and shakers in the space over 2021.
18 March 2022

Defending the data center: The time to act is now

Cyberattacks against data centers may ultimately be everyone's problem – how prepared are their operators for the heightened risk of cyber-assaults?

The post Defending the data center: The time to act is now appeared first on WeLiveSecurity

18 March 2022

Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware

Researchers are tracking a number of open-source "protestware" projects on GitHub that have recently altered their code to display "Stand with Ukraine" messages for users, or basic facts about the carnage in Ukraine. The group also is tracking several code packages that were recently modified to erase files on computers that appear to be coming from Russian or Belarusian Internet addresses.
17 March 2022

Dev Sabotages Popular NPM Package to Protest Russian Invasion

Dev Sabotages Popular NPM Package to Protest Russian Invasion In the latest software supply-chain attack, the code maintainer added malicious code to the hugely popular node-ipc library to replace files with a heart emoji and a peacenotwar module.
17 March 2022

Misconfigured Firebase Databases Exposing Data in Mobile Apps

Misconfigured Firebase Databases Exposing Data in Mobile Apps Five percent of the databases are vulnerable to threat actors: It's a gold mine of exploit opportunity in thousands of mobile apps, researchers say.
17 March 2022

Reporting Mandates to Clear Up Feds’ Hazy Look into Threat Landscape – Podcast

Reporting Mandates to Clear Up Feds’ Hazy Look into Threat Landscape – Podcast It’s about time, AttackIQ’s Jonathan Reiber said about 24H/72H report deadlines mandated in the new spending bill. As it is, visibility into adversary behavior has been muck.
17 March 2022

Russian Cyclops Blink botnet launches assault against Asus routers

The only option available might be a return to factory settings for infected routers.
17 March 2022

Cloudflare debuts Friendly Bot validation service

Machine learning is already used to "spot your bot."
17 March 2022

Ex CafePress owner fined $500,000 for 'shoddy' security, covering up data breach

When victim accounts were closed after being hacked in one incident, CafePress went so far as to charge them a $25 fee.
17 March 2022

‘CryptoRom’ Crypto-Scam is Back via Side-Loaded Apps

‘CryptoRom’ Crypto-Scam is Back via Side-Loaded Apps Scammers are bypassing Apple's App Store security, stealing thousands of dollars’ worth of cryptocurrency from the unwitting, using the TestFlight and WebClips programs.
16 March 2022

Another Destructive Wiper Targets Organizations in Ukraine

Another Destructive Wiper Targets Organizations in Ukraine CaddyWiper is one in a barrage of data-wiping cyber-attacks to hit the country since January as the war on the ground with Russia marches on.
16 March 2022

iPhone, Android users lose life savings to romance fraud, cryptocurrency operation

Attackers now 'double dip' to clear out victim bank accounts.
16 March 2022

US military vs. Silicon Valley – a cultural divide

The US military knows it needs to speed up technology adoption through optimization, something at the heart of Silicon Valley culture

The post US military vs. Silicon Valley – a cultural divide appeared first on WeLiveSecurity

16 March 2022

Phony Instagram ‘Support Staff’ Emails Hit Insurance Company

Phony Instagram ‘Support Staff’ Emails Hit Insurance Company The phishing scam tried to steal login credentials by threatening account shutdown, due to users having purportedly shared “fake content.”
16 March 2022

Cyberattacks Against Israeli Government Sites: ‘Largest in the Country’s History’

Cyberattacks Against Israeli Government Sites: ‘Largest in the Country’s History’ DDoS attacks against Israel telecom companies took down government sites, sparking a temporary state of emergency.
15 March 2022

Paving the Way: Inspiring Women in Payments - A Q&A featuring Helena Shi

 

Inspired by the Global Chief Information Officer at one of the world’s largest global investment management companies – who was also a mother of three – Helena Shi realized that it was possible to balance motherhood and have a successful career. In fact, a week after giving birth to her baby, Helena completed her PCI QSA requalification and negotiated a work-from-home environment because her career was equally as important to her. In this edition of our blog, Helena describes the barriers for women in technology professions – particularly for those that have children – and how women can overcome to have both a career and a family.

15 March 2022