Cybersecurity News


Microsoft: Most-Imitated Brand for Phishing Emails

Microsoft: Most-Imitated Brand for Phishing Emails The shift to remote working spurred Microsoft and Amazon to the top of the heap for cybercriminals to use as lures in the third quarter.
19 October 2020

This new malware uses remote overlay attacks to hijack your bank account

Vizom disguises itself as popular videoconferencing software many of us are relying on during the pandemic.
19 October 2020

Albion Online game maker discloses data breach

Game maker says intruder gained access to its forum database by exploiting a vulnerability.
19 October 2020

Discord desktop app vulnerability chain triggered remote code execution attacks

The critical security issue was reported via the chat app’s bug bounty program.
19 October 2020

Microsoft adds option to disable JScript in Internet Explorer

The option is available after applying the October 2020 Patch Tuesday security updates.
19 October 2020

QAnon/8Chan Sites Briefly Knocked Offline

A phone call to an Internet provider in Oregon on Sunday evening was all it took to briefly sideline multiple websites related to 8chan/8kun -- a controversial online image board linked to several mass shootings -- and QAnon, the far-right conspiracy theory which holds that a cabal of Satanic pedophiles is running a global child sex-trafficking ring and plotting against President Donald Trump. Following a brief disruption, the sites have come back online with the help of an Internet company based in St. Petersburg, Russia.
19 October 2020

Political campaign emails contain dark patterns to manipulate donors, voters

Princeton researchers analyzed 100,000 different campaign emails from more than 3,000 political candidates.
17 October 2020

Three npm packages found opening shells on Linux, Windows systems

NPM staff: Any computer that has this package installed or running should be considered fully compromised.
17 October 2020

Massive New Phishing Campaigns Target Microsoft, Google Cloud Users

At least three campaigns are now underway.
16 October 2020

Phishers Capitalize on Headlines with Breakneck Speed

Phishers Capitalize on Headlines with Breakneck Speed Marking a pivot from COVID-19 scams, researchers track a single threat actor through the evolution from the pandemic to PayPal, and on to more timely voter scams -- all with the same infrastructure.
16 October 2020

Microsoft Fixes RCE Flaws in Out-of-Band Windows Update

Microsoft Fixes RCE Flaws in Out-of-Band Windows Update The two important-severity flaws in Microsoft Windows Codecs Library and Visual Studio Code could enable remote code execution.
16 October 2020

Microsoft releases emergency security updates for Windows and Visual Studio

Two remote code execution (RCE) bugs patched in the Windows Codecs library and Visual Studio Code.
16 October 2020

Biden Campaign Staffers Targeted in Cyberattack Leveraging Anti-Virus Lure, Dropbox Ploy

Biden Campaign Staffers Targeted in Cyberattack Leveraging Anti-Virus Lure, Dropbox Ploy Google's Threat Analysis Group sheds more light on targeted credential phishing and malware attacks on the staff of Joe Biden's presidential campaign.
16 October 2020

US Counterintelligence Director & Fmr. Europol Leader Talk Election Security

The US counterintelligence lead joins a former Europol cyber chief to discuss modern election threats and the benefits of public-private collaboration.
16 October 2020

An Uncommon 20 Years of Commonly Enumerating Vulns

An Uncommon 20 Years of Commonly Enumerating Vulns Larry Cashdollar, a researcher with more than 300 CVEs to his credit, looks back at his favorite vulnerabilities (and being the only individual CNA on Mitre's list).
16 October 2020

An Uncommon 20 Years of Commonly Enumerating Vulns

An Uncommon 20 Years of Commonly Enumerating Vulns Larry Cashdollar, a researcher with more than 300 CVEs to his credit, looks back at his favorite vulnerabilities (and being the only individual CNA on Mitre's list).
16 October 2020

Phishing Lures Shift from COVID-19 to Job Opportunities

Phishing Lures Shift from COVID-19 to Job Opportunities Fortinet researchers are seeing a pivot in the spear-phishing and phishing lures used by cybercriminals, to entice potential job candidates as businesses open up.
16 October 2020

Google says it mitigated a 2.54 Tbps DDoS attack in 2017, largest known to date

Google discloses previously unknown DDoS attack.
16 October 2020

Week in security with Tony Anscombe

ESET joins global effort to disrupt the infamous Trickbot botnet – Criminals claim to have hijacked thousands of security cameras – Five ways to secure your home office

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

16 October 2020

Child abductors may use social media to lure victims, FBI warns

School closings and more screen time can ultimately put children at an increased risk of being kidnapped by strangers they met online

The post Child abductors may use social media to lure victims, FBI warns appeared first on WeLiveSecurity

16 October 2020