Cybersecurity News
Unpatched Open Source Libraries Leave 71% of Apps Vulnerable
PHP and JavaScript developers need to pay close attention because different languages and frameworks have different rates of vulnerability, research finds.EasyJet Hackers Take Off with Travel Details for 9M Customers
The vacation-centric airline is warning victims about social-engineering attacks.
Web Application Attacks Double from 2019: Verizon DBIR
Verizon's annual data breach report shows most attackers are external, money remains their top motivator, and web applications and unsecured cloud storage are hot targets.
Bluetooth flaw exposes countless devices to BIAS attacks
As many as 30 smartphones, laptops and other devices were tested – and all were found to be vulnerable
The post Bluetooth flaw exposes countless devices to BIAS attacks appeared first on WeLiveSecurity
Long-Term Remote Work: Keeping Workers Productive & Secure
The pandemic has changed how we get work done. Now, data security must catch up.Hacker arrested in Ukraine for selling billions of stolen credentials
Hacker "Sanix" has been selling billions of hacked user credentials on hacker forums and Telegram channels.WolfRAT Android Malware Targets WhatsApp, Facebook Messenger
Researchers link the malware to Wolf Research operators with "high confidence" after it was spotted in campaigns targeting Thai users.
WolfRAT targets WhatsApp, Facebook Messenger app users on Android devices
The new malware is unstable and appears to be a slapdash effort based on leaked DenDroid code.Ukraine Nabs Suspect in 773M Password ‘Megabreach’
In January 2019, dozens of media outlets raised the alarm about a new “megabreach” involving the release of some 773 million stolen usernames and passwords that was breathlessly labeled “the largest collection of stolen data in history.” A subsequent review by KrebsOnSecurity quickly determined the data was years old and merely a compilation of credentials pilfered from mostly public data breaches. Earlier today, authorities in Ukraine said they’d apprehended a suspect in the case.EasyJet Sees 9 Million Customer Email Addresses Stolen
More than 2,000 customers also had credit card information taken in the attack.Chrome 83 released with enhanced privacy controls, tab groups feature
Chrome 83 is one of the feature-rich Chrome releases in recent years.7 Security Pros: What My Nontraditional Background Brings to the Job
Job experience and degrees outside of the cybersecurity or IT world can provide invaluable diversity of thinking and problem-solving.
Bluetooth Bugs Allow Impersonation Attacks on Legions of Devices
A host of unpatched security bugs that allow BIAS attacks affects Bluetooth chips from Apple, Intel, Qualcomm, Samsung and others.
Adobe Patches Critical RCE Flaw in Character Animator App
A critical remote code execution flaw in Adobe Character Animator was fixed in an out-of-band Tuesday patch.
2020 – 2022 Global Executive Assessor Roundtable
In 2018, PCI Security Standards Council established its first Global Executive Assessor Roundtable (GEAR) consisting of senior leadership members of payment security assessors. The vision for the roundtable was simple: encourage the exchange of information, and increase payment security, through greater coordination with this key stakeholder group.
Cybersecurity Extends Far Beyond Security Teams & Everyone Plays a Part
Security isn't about tools or technology; it's about establishing a broad, fundamental awareness and sense of responsibility among all employees.EasyJet hacking attack: are you affected and what should you do?
The airline has said the personal information of 9 million customers has been compromised
• EasyJet reveals cyber-attack exposed 9m customers’ details
EasyJet revealed on Tuesday it had suffered a “highly sophisticated” cyber-attack. It comes at a time of heightened concern about a surge in online and phone scams linked to the coronavirus pandemic.
Related: EasyJet reveals cyber-attack exposed 9m customers' details
Continue reading...Hackers Hit Food Supply Company
The attackers behind the REvil ransomware family has also threatened to release personal data on Madonna and other celebrities to the highest bidders.Clever Phishing Attack Bypasses MFA to Nab Microsoft Office 365 Credentials
The attack discovered by Cofense can steal sensitive user data stored on the cloud as well as find other victims to target.