Cybersecurity News


Social media in the workplace: Cybersecurity dos and don’ts for employees

Do you often take to social media to broadcast details about your job, employer or coworkers? Think before you share – less may be more.

The post Social media in the workplace: Cybersecurity dos and don’ts for employees appeared first on WeLiveSecurity

17 January 2022

At Request of U.S., Russia Rounds Up 14 REvil Ransomware Affiliates

The Russian government said today it arrested 14 people accused of working for "REvil," a particularly aggressive ransomware group that has extorted hundreds of millions of dollars from victim organizations. The Russian Federal Security Service (FSB) said the actions were taken in response to a request from U.S. officials, but many experts believe the crackdown is part of an effort to reduce tensions over Russian President Vladimir Putin's decision to station 100,000 troops along the nation's border with Ukraine.
14 January 2022

Top Illicit Carding Marketplace UniCC Abruptly Shuts Down  

Top Illicit Carding Marketplace UniCC Abruptly Shuts Down   UniCC controlled 30 percent of the stolen payment-card data market; leaving analysts eyeing what’s next.
14 January 2022

Real Big Phish: Mobile Phishing & Managing User Fallibility

Real Big Phish: Mobile Phishing & Managing User Fallibility Phishing is more successful than ever. Daniel Spicer, CSO of Ivanti, discusses emerging trends in phishing, and using zero-trust security to patch the human vulnerabilities underpinning the spike.
14 January 2022

Critical Cisco Contact Center Bug Threatens Customer-Service Havoc

Critical Cisco Contact Center Bug Threatens Customer-Service Havoc Attackers could access and modify agent resources, telephone queues and other customer-service systems – and access personal information on companies’ customers.
14 January 2022

‘Be Afraid:’ Massive Cyberattack Downs Ukrainian Gov’t Sites

‘Be Afraid:’ Massive Cyberattack Downs Ukrainian Gov’t Sites As Moscow moves troops and threatens military action, about 70 Ukrainian government sites were hit. “Be afraid” was scrawled on the Foreign Ministry site.
14 January 2022

Russian Security Takes Down REvil Ransomware Gang

Russian Security Takes Down REvil Ransomware Gang The country's FSB said that it raided gang hideouts; seized currency, cars and personnel; and neutralized REvil's infrastructure.
14 January 2022

Three Plugins with Same Bug Put 84K WordPress Sites at Risk

Three Plugins with Same Bug Put 84K WordPress Sites at Risk Researchers discovered vulnerabilities that can allow for full site takeover in login and e-commerce add-ons for the popular website-building platform.
14 January 2022

Week in security with Tony Anscombe

How malware exploits security flaws in kernel drivers – Watch out for cryptocurrency scams – Why loyalty accounts are a target for criminals

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

14 January 2022

Cold calling 02 scam artists are offering 40% plan discounts, free phone contracts for your security code

They don't seem to like it when you call them out, though.
14 January 2022

Dark web carding platform UniCC shuts up shop after making millions

The operators have apparently made enough to keep them happy in retirement.
14 January 2022

SnatchCrypto campaign plants backdoors in crypto startups, DeFi, blockchain networks

Malware is used to find and empty cryptocurrency wallets at victim organizations.
14 January 2022

Microsoft Yanks Buggy Windows Server Updates

Microsoft Yanks Buggy Windows Server Updates Since their release on Patch Tuesday, the updates have been breaking Windows, causing spontaneous boot loops on Windows domain controller servers, breaking Hyper-V and making ReFS volume systems unavailable.
13 January 2022

North Korean APTs Stole ~$400M in Crypto in 2021

North Korean APTs Stole ~$400M in Crypto in 2021 Meanwhile, EtherumMax got sued over an alleged pump-and-dump scam after using celebs like Floyd Mayweather Jr. & Kim Kardashian to promote EMAX Tokens.
13 January 2022

US Military Ties Prolific MuddyWater Cyberespionage APT to Iran

US Military Ties Prolific MuddyWater Cyberespionage APT to Iran US Cyber Command linked the group to Iranian intelligence and detailed its multi-pronged, increasingly sophisticated suite of malware tools.
13 January 2022

New GootLoader Campaign Targets Accounting, Law Firms

New GootLoader Campaign Targets Accounting, Law Firms GootLoader hijacks WordPress sites to lure professionals to download malicious sample contract templates.
13 January 2022

Adobe Cloud Abused to Steal Office 365, Gmail Credentials

Adobe Cloud Abused to Steal Office 365, Gmail Credentials Threat actors are creating accounts within the Adobe Cloud suite and sending images and PDFs that appear legitimate to target Office 365 and Gmail users, researchers from Avanan discovered.
13 January 2022

Ransomware locks down prison, knocks systems offline

Inmates were confined to their cells as a result of the cyberattack.
13 January 2022

UK jails man for spying on kids, adults with Remote Access Trojans

Malware was used to take explicit photos and videos.
13 January 2022

Making loyalty pay: How to keep your loyalty rewards safe from scammers

Is loyalty fraud on your radar? Here's why your hard-earned reward points and air miles may be easy pickings for cybercriminals.

The post Making loyalty pay: How to keep your loyalty rewards safe from scammers appeared first on WeLiveSecurity

13 January 2022