Cybersecurity News
Chrome 86 released with password-related security improvements
The new Native File System API now also lets websites to interact with any file or folder stored on the user's local disk.06 October 2020
Microsoft Zerologon Flaw Under Attack By Iranian Nation-State Actors
Microsoft warns that the MERCURY APT has been actively exploiting CVE-2020-1472 in campaigns for the past two weeks.
06 October 2020
COVID-19 Clinical Trials Slowed After Ransomware Attack
The attack on eResearchTechnology potentially slowed down coronavirus research worldwide, and researchers suggest a nation-state actor could be behind the incident.
06 October 2020
APT Attack Injects Malware into Windows Error Reporting
The fileless attack uses a phishing campaign that lures victims with information about a worker’s compensation claim.
06 October 2020
Unpatched Apple T2 Chip Flaw Plagues Macs
A researcher claims that the issue can be exploited by attackers in order to gain root access.
06 October 2020
Had your face stolen lately?
It’s easy to reset your password or PIN after a data breach. But reset your face? Not so much.
The post Had your face stolen lately? appeared first on WeLiveSecurity
06 October 2020
Post Grid WordPress Plugin Flaws Allow Site Takeovers
Team Showcase, a sister plugin, is also vulnerable to the XSS and PHP object-injection bugs -- together they have 66,000 installs.
05 October 2020
Black-T Malware Emerges From Cryptojacker Group TeamTNT
The cryptojacking malware variant builds on the TeamTNT group’s typical approach, with a few new — and sophisticated — extras.
05 October 2020
Malware Families Turn to Legit Pastebin-Like Service
AgentTesla, LimeRAT, W3Cryptolocker and Redline Stealer are now using Paste.nrecom in spear-phishing attacks.
05 October 2020
Rare Bootkit Malware Targets North Korea-Linked Diplomats
The MosaicRegressor espionage framework is newly discovered and appears to be the work of Chinese-speaking actors.
05 October 2020
Tenda Router Zero-Days Emerge in Spyware Botnet Campaign
A variant of the Mirai botnet, called Ttint, has added espionage capabilities to complement its denial-of-service functions.
05 October 2020
Video-Game Piracy Group ‘Team Xecuter’ Leaders in Custody
The two alleged leaders of Team Xecuter targeted popular consoles like the Nintendo Switch, the Sony PlayStation Classic and Microsoft Xbox.
05 October 2020
Four npm packages found uploading user details on a GitHub page
Collected information included IP address, country, city, computer username, home directory path, and CPU model.05 October 2020
5 steps to secure your connected devices
As we steadily adopt smart devices into our lives, we shouldn’t forget about keeping them secured and our data protected
The post 5 steps to secure your connected devices appeared first on WeLiveSecurity
05 October 2020
Microsoft releases tool to update Defender inside Windows install images
The new tool supports installation images for Windows 10 (Enterprise, Pro, and Home editions), Windows Server 2019, and Windows Server 2016.05 October 2020
Leaders of ‘notorious’ Team Xecuter game piracy, homebrew group arrested
US prosecutors allege the team spearheaded the sale of devices for hacking popular consoles.05 October 2020
test chunk server
Until all domain controllers are updated, the entire infrastructure remains vulnerable, the DHS' CISA warns.04 October 2020
New Ttint IoT botnet caught exploiting two zero-days in Tenda routers
Ttint is a new form of IoT botnet that also includes remote access tools-like (RAT) features, rarely seen in these types of botnets before.04 October 2020
Two North American hospitality merchants hacked in May and June
Visa did not share the name of the two victims but said that one company had three different strains of point-of-sale (POS) malware on its network.03 October 2020
Egregor Ransomware Threatens ‘Mass-Media’ Release of Corporate Data
The newly discovered ransomware is hitting companies worldwide, including the GEFCO global logistics company.
02 October 2020