Cybersecurity News


These are the flaws that let hackers attack blockchain and DeFi projects

Most losses were due to 'unsophisticated' attacks.
24 May 2022

IBM is helping these schools build up their ransomware defenses

The goal is to improve cybersecurity defenses in public sector schools.
24 May 2022

Zero Trust for Data Helps Enterprises Detect, Respond and Recover from Breaches

Zero Trust for Data Helps Enterprises Detect, Respond and Recover from Breaches Mohit Tiwari, CEO of Symmetry Systems, explores Zero Trust, data objects and the NIST framework for cloud and on-prem environments.
23 May 2022

Snake Keylogger Spreads Through Malicious PDFs

Snake Keylogger Spreads Through Malicious PDFs Microsoft Word also leveraged in the email campaign, which uses a 22-year-old Office RCE bug.
23 May 2022

Common NFT scams and how to avoid them

As NFTs exploded in popularity, scammers also jumped on the hype. Watch out for counterfeit NFTs, rug pulls, pump-and-dumps and other common scams plaguing the industry.

The post Common NFT scams and how to avoid them appeared first on WeLiveSecurity

23 May 2022

Cryptocurrency: secure or not? – Week in security with Tony Anscombe

When you hear the term ‘cryptocurrency’, does ‘secure’ also spring to mind? Here are some implications of the lack of sound security practices in the world of crypto.

The post Cryptocurrency: secure or not? – Week in security with Tony Anscombe appeared first on WeLiveSecurity

20 May 2022

Sandworm uses a new version of ArguePatch to attack targets in Ukraine

ESET researchers spot an updated version of the malware loader used in the Industroyer2 and CaddyWiper attacks

The post Sandworm uses a new version of ArguePatch to attack targets in Ukraine appeared first on WeLiveSecurity

20 May 2022

Closing the Gap Between Application Security and Observability

Closing the Gap Between Application Security and Observability Daniel Kaar, global director application security engineering at Dynatrace, highlights the newfound respect for AppSec-enabled observability in the wake of Log4Shell. 
20 May 2022

380K Kubernetes API Servers Exposed to Public Internet

380K Kubernetes API Servers Exposed to Public Internet More than 380,000 of the 450,000-plus servers hosting the open-source container-orchestration engine for managing cloud deployments allow some form of access.
20 May 2022

Fake domains offer Windows 11 installers - but deliver malware instead

Be careful what you are downloading - these files deliver the Vidar infostealer.
20 May 2022

Cyberattacks and misinformation activity against Ukraine continues say security researchers

Malware and fake news continues, says Mandiant.
19 May 2022

Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover

Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover Privilege escalation flaw discovered in the Jupiter and JupiterX Core Plugin affects more than 90,000 sites.
19 May 2022

This Russian botnet does far more than DDoS attacks - and on a massive scale

Operators can track social media trends and tailor their propaganda to suit.
19 May 2022

The flip side of the coin: Why crypto is catnip for criminals

Cybercriminals continue to mine for opportunities in the crypto space – here's what you should know about coin-mining hacks and crypto theft

The post The flip side of the coin: Why crypto is catnip for criminals appeared first on WeLiveSecurity

19 May 2022

Senators Urge FTC to Probe ID.me Over Selfie Data

Some of more tech-savvy Democrats in the U.S. Senate are asking the Federal Trade Commission (FTC) to investigate identity-proofing company ID.me for "deceptive statements" the company and its founder allegedly made over how they handle facial recognition data collected on behalf of the Internal Revenue Service, which until recently required anyone seeking a new IRS account online to provide a live video selfie to ID.me.
18 May 2022

DOJ Says Doctor is Malware Mastermind

DOJ Says Doctor is Malware Mastermind The U.S. Department of Justice indites middle-aged doctor, accusing him of being a malware mastermind.
18 May 2022

APTs Overwhelmingly Share Known Vulnerabilities Rather Than Attack O-Days

APTs Overwhelmingly Share Known Vulnerabilities Rather Than Attack O-Days Research indicates that organizations should make patching existing flaws a priority to mitigate risk of compromise.
18 May 2022

April VMware Bugs Abused to Deliver Mirai Malware, Exploit Log4Shell

April VMware Bugs Abused to Deliver Mirai Malware, Exploit Log4Shell Researchers say a GitHub proof-of-concept exploitation of recently announced VMware bugs is being abused by hackers in the wild.
18 May 2022

Fake news – why do people believe it?

In the age of the perpetual news cycle and digital media, the risks that stem from the fake news problem are all too real

The post Fake news – why do people believe it? appeared first on WeLiveSecurity

18 May 2022

Wizard Spider hackers hire cold callers to scare ransomware victims into paying up

Researchers believe the group has millions of dollars in assets.
18 May 2022