Cybersecurity News
Tor launches membership program to secure finance, boost integration
Members include Avast, DuckDuckGo, and Insurgo.01 September 2020
Iranian hackers are selling access to compromised companies on an underground forum
The Iranian hacker group who's been attacking corporate VPNs for months is now trying to monetize some of the hacked systems by selling access to some networks to other hackers.31 August 2020
Average BEC attempts are now $80k, but one group is aiming for $1.27m per attack
A Russian cyber-crime group named Cosmic Lynx has been focused on tricking companies into sending over huge wire transfers.31 August 2020
Testing & Automation Pay Off for NSA's DevSecOps Project
Communication with stakeholders, extensive testing, and robust automation pays dividends for military intelligence agency, one of several presenters at GitLab's virtual Commit conference.31 August 2020
Slack Patches Critical Desktop Vulnerability
The remote code execution flaw could allow a successful attacker to fully control the Slack desktop app on a target machine.31 August 2020
Malicious Android Apps Slip Through Google Play Protection
Multiple Android apps were found spying on users and recruiting victims' devices into ad-fraud botnets.31 August 2020
Apple Accidentally Notarizes Shlayer Malware Used in Adware Campaign
The notarized malware payloads were discovered in a recent MacOS adware campaign, disguised as Adobe Flash Player updates.
31 August 2020
Charming Kitten Returns with WhatsApp, LinkedIn Effort
The Iran-linked APT is targeting Israeli scholars and U.S. government employees in a credential-stealing effort.
31 August 2020
Mozilla research: Browsing histories are unique enough to reliably identify users
Online advertisers don't need huge lists of the sites we access. Just 50-150 of our favorite sites are enough.31 August 2020
UVA Researcher Charged with Computer Intrusion & Trade Secret Theft
Chinese national Haizhou Hu was researching bio-mimics and fluid dynamics at the University of Virginia.31 August 2020
Security flaw allows bypassing PIN verification on Visa contactless payments
The vulnerability could allow criminals to rack up fraudulent charges on the cards without needing to know the PINs
The post Security flaw allows bypassing PIN verification on Visa contactless payments appeared first on WeLiveSecurity
31 August 2020
Stolen Fortnite Accounts Earn Hackers Millions Per Year
More than 2 billion breached Fortnite accounts have gone up for sale in underground forums so far in 2020 alone.
31 August 2020
Critical Slack Bug Allows Access to Private Channels, Conversations
The RCE bug affects versions below 4.4 of the Slack desktop app.
31 August 2020
From Defense to Offense: Giving CISOs Their Due
In today's unparalleled era of disruption, forward-thinking CISOs can become key to company transformation -- but this means resetting relationships with the board and C-suite.31 August 2020
Cisco warns of actively exploited IOS XR zero-days
Cisco said it discovered the attacks last week during a support case the company's support team was called in to investigate.31 August 2020
Cisco warns of actively exploited IOS XR zero-day
Cisco said it discovered the attacks last week during a support case the company's support team was called in to investigate.31 August 2020
Google Play apps promised free shoes, but users got ad fraud malware instead
White Ops discovers a collection of Android apps that installed a hidden browser to load ad-heavy pages and commit ad fraud.30 August 2020
Malicious npm package caught trying to steal sensitive Discord and browser files
Malicious code was hidden inside a JavaScript library for working with the "Fall Guys: Ultimate Knockout" game API.28 August 2020
Data Privacy Concerns, Lack of Trust Foil Automated Contact Tracing
Efforts to create a technology framework for alerting people to whether they have been exposed to an infectious disease have been hindered by a number of key issues.28 August 2020
Instagram ‘Help Center’ Phishing Scam Pilfers Credentials
Researchers warn that a phishing scam is targeting Instagram users via direct messages on the app.
28 August 2020