Cybersecurity News


Ransomware Deals Deathblow to 157-year-old College

Ransomware Deals Deathblow to 157-year-old College Why a private college that stayed in business for 157 years had to close after the combo of COVID-19 and ransomware proved too much.
11 May 2022

Opportunity out of crisis: Tapping the Great Resignation to close the cybersecurity skills gap

What can organizations do to capitalize on the current fluidity in the job market and bring fresh cybersecurity talent into the fold?

The post Opportunity out of crisis: Tapping the Great Resignation to close the cybersecurity skills gap appeared first on WeLiveSecurity

11 May 2022

Microsoft Patch Tuesday, May 2022 Edition

Microsoft today released updates to fix at least 74 separate security problems in its Windows operating systems and related software. This month's patch batch includes fixes for seven "critical" flaws, as well as a zero-day vulnerability that affects all supported versions of Windows.
10 May 2022

Hackers Actively Exploit F5 BIG-IP Bug

Hackers Actively Exploit F5 BIG-IP Bug The bug has a severe rating of 9.8, public exploits are released.
10 May 2022

Conti Ransomware Attack Spurs State of Emergency in Costa Rica

Conti Ransomware Attack Spurs State of Emergency in Costa Rica The threat group has leaked data that it claims was stolen in the breach and is promising more government-targeted attacks.
10 May 2022

Low-rent RAT Worries Researchers

Low-rent RAT Worries Researchers Researchers say a hacker is selling access to quality malware for chump change.
09 May 2022

FBI: Rise in Business Email-based Attacks is a $43B Headache

FBI: Rise in Business Email-based Attacks is a $43B Headache A huge spike in fraudulent activities related to attacks leveraging business email accounts is a billion-dollar-problem.
09 May 2022

Podcast: The State of the Secret Sprawl

Podcast: The State of the Secret Sprawl In this podcast with Mackenzie Jackson, developer advocate at GitGuardian, we dive into the report and also the issues that corporations face with public leaks from groups like Lapsus and more, as well as ways that developers can keep their code safe.
09 May 2022

Common LinkedIn scams: Beware of phishing attacks and fake job offers

LinkedIn scammers attack when we may be at our most vulnerable – here’s what to look out for and how to avoid falling victim to fraud when using the platform

The post Common LinkedIn scams: Beware of phishing attacks and fake job offers appeared first on WeLiveSecurity

09 May 2022

Your Phone May Soon Replace Many of Your Passwords

Apple, Google and Microsoft announced this week they will soon support an approach to authentication that avoids passwords altogether, and instead requires users to merely unlock their smartphones to sign in to websites or online services. Experts say the changes should help defeat many types of phishing attacks and ease the overall password burden on Internet users, but caution that a true passwordless future may still be years away for most websites.
07 May 2022

Defending against APT attacks – Week in security with Tony Anscombe

The conflict in Ukraine has highlighted the risks of cyberespionage attacks that typically involve Advanced Persistent Threat groups and often target organizations' most valuable data

The post Defending against APT attacks – Week in security with Tony Anscombe appeared first on WeLiveSecurity

06 May 2022

USB-based Wormable Malware Targets Windows Installer

USB-based Wormable Malware Targets Windows Installer Activity dubbed ‘Raspberry Robin’ uses Microsoft Standard Installer and other legitimate processes to communicate with threat actors and execute nefarious commands.
06 May 2022

CANs Reinvent LANs for an All-Local World

CANs Reinvent LANs for an All-Local World A close look at a new type of network, known as a Cloud Area Network.
05 May 2022

F5 Warns of Critical Bug Allowing Remote Code Execution in BIG-IP Systems

F5 Warns of Critical Bug Allowing Remote Code Execution in BIG-IP Systems The vulnerability is 'critical' with a CVSS severity rating of 9.8 out of 10.
05 May 2022

VHD Ransomware Linked to North Korea’s Lazarus Group

VHD Ransomware Linked to North Korea’s Lazarus Group Source code and Bitcoin transactions point to the malware, which emerged in March 2020, being the work of APT38, researchers at Trellix said.
05 May 2022

Decade-old bugs discovered in Avast, AVG antivirus software

Researchers say exploitation could have had "far-reaching and significant" consequences.
05 May 2022

There’s no sugarcoating it: That online sugar daddy may be a scammer

The bitter truth about how fraudsters dupe online daters in this new twist on romance fraud

The post There’s no sugarcoating it: That online sugar daddy may be a scammer appeared first on WeLiveSecurity

05 May 2022

China-linked APT Caught Pilfering Treasure Trove of IP

China-linked APT Caught Pilfering Treasure Trove of IP A state-sponsored threat actor designed a house-of-cards style infection chain to exfiltrate massive troves of highly sensitive data.
04 May 2022

GitHub launches new 2FA mandates for code developers, contributors

New rules surrounding authentication will come in by the end of 2023.
04 May 2022

Attackers Use Event Logs to Hide Fileless Malware

Attackers Use Event Logs to Hide Fileless Malware A sophisticated campaign utilizes a novel anti-detection method.
04 May 2022