Cybersecurity News
Cisco warns of actively exploited IOS XR zero-day
Cisco said it discovered the attacks last week during a support case the company's support team was called in to investigate.31 August 2020
Google Play apps promised free shoes, but users got ad fraud malware instead
White Ops discovers a collection of Android apps that installed a hidden browser to load ad-heavy pages and commit ad fraud.30 August 2020
Malicious npm package caught trying to steal sensitive Discord and browser files
Malicious code was hidden inside a JavaScript library for working with the "Fall Guys: Ultimate Knockout" game API.28 August 2020
Data Privacy Concerns, Lack of Trust Foil Automated Contact Tracing
Efforts to create a technology framework for alerting people to whether they have been exposed to an infectious disease have been hindered by a number of key issues.28 August 2020
Instagram ‘Help Center’ Phishing Scam Pilfers Credentials
Researchers warn that a phishing scam is targeting Instagram users via direct messages on the app.
28 August 2020
DNC Warns Campaign Staffers of Dating App Dangers
The Democratic National Committee advises against sharing too much work and personal information on popular dating apps.28 August 2020
Aruba Enhances Its Edge Services Platform
Enhancements unify IoT, IT, and OT networks so customers to help customers adapt to changing environments and user requirements.28 August 2020
TA542 Returns With Emotet: What's Different Now
Researchers report the TA542 threat group has made code changes to its malware and started targeting new locations with Emotet.28 August 2020
Elon Musk Confirms, Tesla Factory a Target of Foiled Cyberattack
A Tesla employee was reportedly approached by a Russian national and asked to install malware on the company's systems.
28 August 2020
Ransomware Red Flags: 7 Signs You're About to Get Hit
Caught off guard by a ransomware attack? Security experts say the warning signs were there all along.
28 August 2020
Week in security with Tony Anscombe
Canada's government services hit by cyberattacks – Vishing attacks surge amid COVID-19 pandemic – DDoS extortionists strike again
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
28 August 2020
Redefining What CISO Success Looks Like
Key to this new definition is the principle that security programs are designed to minimize business risk, not to achieve 100% no-risk.28 August 2020
Sendgrid Under Siege from Hacked Accounts
Email service provider Sendgrid is grappling with an unusually large number of customer accounts whose passwords have been cracked, sold to spammers, and abused for sending phishing and email malware attacks. Sendgrid's parent company Twilio says it is working on a plan to require multi-factor authentication for all of its customers, but that solution may not come fast enough for organizations having trouble dealing with the fallout in the meantime.28 August 2020
DoJ Aims to Seize 280 Cryptocurrency Accounts Used by Hackers
Complaint details collaboration with China to funnel $250m in stolen funds as part of state-sponsored attacks.
28 August 2020
Former engineer pleads guilty to Cisco network damage, causing Webex Teams account chaos
The engineer was responsible for damage that cost Cisco $2.4 million to rectify.28 August 2020
Academics bypass PINs for Visa contactless payments
Researchers: "In other words, the PIN is useless in Visa contactless transactions."27 August 2020
Elon Musk confirms Russian hacking plot targeted Tesla factory
A Russian hacker tried to recruit a Tesla employee working for the company's factory in Sparks, Nevada.27 August 2020
Is China the World's Greatest Cyber Power?
While the US, Russia, Israel, and several European nations all have sophisticated cyber capabilities, one threat intelligence firm argues that China's aggressive approach to cyber operations has made it "perhaps the world's greatest cyber power."27 August 2020
DDoS Attacks Halt NZ Exchange Trading for Third Day
New Zealand Exchange officials say the motive for the attacks is unclear.27 August 2020
Vulnerability Volume Poised to Overwhelm Infosec Teams
The collision of Microsoft and Oracle patches on the same day has contributed to risk and stress for organizations.27 August 2020
