Cybersecurity News
Microsoft: Most-Imitated Brand for Phishing Emails
The shift to remote working spurred Microsoft and Amazon to the top of the heap for cybercriminals to use as lures in the third quarter.
19 October 2020
This new malware uses remote overlay attacks to hijack your bank account
Vizom disguises itself as popular videoconferencing software many of us are relying on during the pandemic.19 October 2020
Albion Online game maker discloses data breach
Game maker says intruder gained access to its forum database by exploiting a vulnerability.19 October 2020
Discord desktop app vulnerability chain triggered remote code execution attacks
The critical security issue was reported via the chat app’s bug bounty program.19 October 2020
Microsoft adds option to disable JScript in Internet Explorer
The option is available after applying the October 2020 Patch Tuesday security updates.19 October 2020
QAnon/8Chan Sites Briefly Knocked Offline
A phone call to an Internet provider in Oregon on Sunday evening was all it took to briefly sideline multiple websites related to 8chan/8kun -- a controversial online image board linked to several mass shootings -- and QAnon, the far-right conspiracy theory which holds that a cabal of Satanic pedophiles is running a global child sex-trafficking ring and plotting against President Donald Trump. Following a brief disruption, the sites have come back online with the help of an Internet company based in St. Petersburg, Russia.19 October 2020
Political campaign emails contain dark patterns to manipulate donors, voters
Princeton researchers analyzed 100,000 different campaign emails from more than 3,000 political candidates.17 October 2020
Three npm packages found opening shells on Linux, Windows systems
NPM staff: Any computer that has this package installed or running should be considered fully compromised.17 October 2020
Massive New Phishing Campaigns Target Microsoft, Google Cloud Users
At least three campaigns are now underway.16 October 2020
Phishers Capitalize on Headlines with Breakneck Speed
Marking a pivot from COVID-19 scams, researchers track a single threat actor through the evolution from the pandemic to PayPal, and on to more timely voter scams -- all with the same infrastructure.
16 October 2020
Microsoft Fixes RCE Flaws in Out-of-Band Windows Update
The two important-severity flaws in Microsoft Windows Codecs Library and Visual Studio Code could enable remote code execution.
16 October 2020
Microsoft releases emergency security updates for Windows and Visual Studio
Two remote code execution (RCE) bugs patched in the Windows Codecs library and Visual Studio Code.16 October 2020
Biden Campaign Staffers Targeted in Cyberattack Leveraging Anti-Virus Lure, Dropbox Ploy
Google's Threat Analysis Group sheds more light on targeted credential phishing and malware attacks on the staff of Joe Biden's presidential campaign.
16 October 2020
US Counterintelligence Director & Fmr. Europol Leader Talk Election Security
The US counterintelligence lead joins a former Europol cyber chief to discuss modern election threats and the benefits of public-private collaboration.16 October 2020
An Uncommon 20 Years of Commonly Enumerating Vulns
Larry Cashdollar, a researcher with more than 300 CVEs to his credit, looks back at his favorite vulnerabilities (and being the only individual CNA on Mitre's list).
16 October 2020
An Uncommon 20 Years of Commonly Enumerating Vulns
Larry Cashdollar, a researcher with more than 300 CVEs to his credit, looks back at his favorite vulnerabilities (and being the only individual CNA on Mitre's list).
16 October 2020
Phishing Lures Shift from COVID-19 to Job Opportunities
Fortinet researchers are seeing a pivot in the spear-phishing and phishing lures used by cybercriminals, to entice potential job candidates as businesses open up.
16 October 2020
Google says it mitigated a 2.54 Tbps DDoS attack in 2017, largest known to date
Google discloses previously unknown DDoS attack.16 October 2020
Week in security with Tony Anscombe
ESET joins global effort to disrupt the infamous Trickbot botnet – Criminals claim to have hijacked thousands of security cameras – Five ways to secure your home office
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
16 October 2020
Child abductors may use social media to lure victims, FBI warns
School closings and more screen time can ultimately put children at an increased risk of being kidnapped by strangers they met online
The post Child abductors may use social media to lure victims, FBI warns appeared first on WeLiveSecurity
16 October 2020