Cybersecurity News
Smart IoT home hubs vulnerable to remote code execution attacks
IoT hubs used in homes and offices were found to be susceptible to exploit due to critical bugs in their firmware.22 April 2020
Serious flaws found in multiple smart home hubs: Is your device among them?
In worst-case scenarios, some vulnerabilities could even allow attackers to take control over the central units and all peripheral devices connected to them
The post Serious flaws found in multiple smart home hubs: Is your device among them? appeared first on WeLiveSecurity
22 April 2020
Automated Bots Are Increasingly Scraping Data & Attempting Logins
The share of bot traffic to online sites declines, but businesses are seeing an overall increase in automated scraping of data, login attempts, and other detrimental activity.21 April 2020
Banking.BR Android Trojan Emerges in Credential-Stealing Attacks
A new Android trojan targets banking customers with overlay attacks to steal their bank credentials and ultimately take over their accounts.
21 April 2020
Researchers Use Microsoft Terminal Services Client in New Attack Method
The technique would enable attackers to run malicious code via Remote Desktop Protocol using DLL side-loading to bypass security controls.21 April 2020
NFL Tackles Cybersecurity Concerns Ahead of 2020 Draft Day
Researchers weigh in on potential security concerns surrounding the 2020 NFL Draft.
21 April 2020
New iOS exploit discovered being used to spy on China's Uyghur minority
New "Insomnia" exploit works on iOS versions 12.3, 12.3.1, and 12.3.2; was patched in iOS 12.4 last year.21 April 2020
8 Tips for Small Merchants: Protecting Payment Data During COVID-19
The COVID-19 pandemic is quickly changing how many small merchants accept payments. Merchants that previously only had brick-and-mortar locations are moving to accept e-commerce and over-the-phone transactions.
21 April 2020
RCE Exploit Released for IBM Data Risk Manager, No Patch Available
Three separate flaws can be chained to achieve full system compromise.
21 April 2020
Viral WhatsApp Scam Promises Free Streaming Services
Cybercriminals capitalize on the popularity of media and entertainment to target consumers looking for at-home activities.21 April 2020
Is COVID-19 Intensifying the Need for Security Staffing?
Overall, security practitioners should find themselves in a better working situation than many other professionals. However, we are not immune.21 April 2020
Attackers Aim at Software Supply Chain with Package Typosquatting
Attackers seed Ruby Gems repository with more than 760 malicious packages using names just a bit different than the standard code libraries.21 April 2020
Here's a list of all the ransomware gangs who will steal and leak your data if you don't pay
Ransomware gangs are getting more aggressive these days about pursuing payments and have begun stealing and threatening to leak sensitive documents if victims don't pay the requested ransom demand.21 April 2020
Terahash Buys L0phtCrack in Password Merger
The acquisition brings password cracking and password auditing capabilities together in a single company.21 April 2020
7 Steps to Avoid the Top Cloud Access Risks
Securing identities and data in the cloud is challenging, but a least-privilege access approach helps.21 April 2020
Oil and Gas Firms Targeted With Agent Tesla Spyware
Highly targeted spearphishing emails are being sent to oil and gas companies in hopes of infecting them with the Agent Tesla spyware.
21 April 2020
Microsoft Proposes Privacy Controls for COVID-19 Contact Tracking, Tracing
As governments broaden use of digital technologies to stem pandemic, sensitive health and location data need to be protected, company says.21 April 2020
Deepfakes and AI: Fighting Cybersecurity Fire with Fire
To successfully mitigate evolving attacks, security teams must use the exact same AI tools that create those attacks in the first place.
21 April 2020
Work-from-Home Exposes Already-Infected Machines in 50K US Organizations
Researchers find massive spike in infected enterprises worldwide.21 April 2020
Cyberattackers Ramp Up to 1.5M COVID-19 Emails Per Day
Research analyzing three months of coronavirus-themed attacks show cybercriminals adjusting threat levels to evolve with pandemic and typical employment trends.
21 April 2020