Cybersecurity News


Multichain token hack losses reach $3 million: report

Multichain messaging seems confusing, at best.
20 January 2022

'Serial' romance fraudster jailed for trying to scam 670 people in the UK

Victims were conned out of thousands of pounds, including one woman who was terminally ill.
20 January 2022

Destructive Wiper Targeting Ukraine Aimed at Eroding Trust, Experts Say

Destructive Wiper Targeting Ukraine Aimed at Eroding Trust, Experts Say Disruptive malware attacks on Ukrainian organizations (posing as ransomware attacks) are very likely part of Russia’s wider effort to undermine Ukraine’s sovereignty, according to analysts.
19 January 2022

Box 2FA Bypass Opens User Accounts to Attack

Box 2FA Bypass Opens User Accounts to Attack A security bug in the file-sharing cloud app could have allowed attackers using stolen credentials to skate by one-time SMS code verification requirements.
19 January 2022

IRS Will Soon Require Selfies for Online Access

If you created an online account to manage your tax records with the U.S. Internal Revenue Service (IRS), those login credentials will cease to work later this year. The agency says that by the summer of 2022, the only way to log in to irs.gov will be through ID.me, an online identity verification service that requires applicants to submit copies of bills and identity documents, as well as a live video feed of their faces via a mobile device.
19 January 2022

Deloitte launches new SaaS cyber threat detection and response platform

AWS, CrowdStrike, Exabeam, and Google Cloud Chronicle are operationalizing the new platform.
19 January 2022

Beijing Olympics App Flaws Allow Man-in-the-Middle Attacks

Beijing Olympics App Flaws Allow Man-in-the-Middle Attacks Attackers can access audio and files uploaded to the MY2022 mobile app required for use by all winter games attendees – including personal health details.
19 January 2022

Zoom vulnerabilities impact clients, MMR servers

Vulnerabilities in the videoconferencing software have been analyzed by Google researchers.
19 January 2022

Cloned Dept. of Labor Site Hawks Fake Government Contracts

Cloned Dept. of Labor Site Hawks Fake Government Contracts A well-crafted but fake government procurement portal offers the opportunity to submit a bid for lucrative government projects -- but harvests credentials instead.
19 January 2022

Donot Team APT will strike gov't, military targets for years - until they succeed

The group has been described as "remarkably persistent" in cyberattacks.
19 January 2022

Will 2022 Be the Year of the Software Bill of Materials?

Will 2022 Be the Year of the Software Bill of Materials? Praise be & pass the recipe for the software soup: There's too much scrambling to untangle vulnerabilities and dependencies, say a security experts roundtable.
18 January 2022

The Log4j Vulnerability Puts Pressure on the Security World

The Log4j Vulnerability Puts Pressure on the Security World It's time to sound the alarm for Log4Shell. Saryu Nayyar, CEO at Gurucul, discusses what actions you should be taking.
18 January 2022

Cybercriminals Actively Target VMware vSphere with Cryptominers

Cybercriminals Actively Target VMware vSphere with Cryptominers VMware's container-based application development environment has become attractive to cyberattackers.
18 January 2022

How tech is a weapon in modern domestic abuse -- and how to protect yourself

From Apple AirTags to stalkerware, everyday tech can be used against you.
18 January 2022

‘White Rabbit’ Ransomware May Be FIN8 Tool

‘White Rabbit’ Ransomware May Be FIN8 Tool It's a double-extortion play that uses the command-line password ‘KissMe’ to hide its nasty acts and adorns its ransom note with cutesy ASCII bunny art.
18 January 2022

Critical ManageEngine Desktop Server Bug Opens Orgs to Malware

Critical ManageEngine Desktop Server Bug Opens Orgs to Malware Zoho's comprehensive endpoint-management platform suffers from an authentication-bypass bug (CVE-2021-44757) that could lead to remote code execution.
18 January 2022

Organizations Face a ‘Losing Battle’ Against Vulnerabilities

Organizations Face a ‘Losing Battle’ Against Vulnerabilities Companies must take more ‘innovative and proactive’ approaches to security in 2022 to combat threats that emerged last year, researchers said.
18 January 2022

UK government announces crackdown on cryptocurrency adverts

Officials want to ensure ads are "fair and clear".
18 January 2022

DoNot Go! Do not respawn!

ESET researchers take a deep look into recent attacks carried out by Donot Team throughout 2020 and 2021, targeting government and military entities in several South Asian countries

The post DoNot Go! Do not respawn! appeared first on WeLiveSecurity

18 January 2022

Social media in the workplace: Cybersecurity dos and don’ts for employees

Do you often take to social media to broadcast details about your job, employer or coworkers? Think before you share – less may be more.

The post Social media in the workplace: Cybersecurity dos and don’ts for employees appeared first on WeLiveSecurity

17 January 2022