Cybersecurity News
Lazarus Group Shifts Gears with Custom Ransomware
The North Korea-linked APT group has developed its own ransomware strain to better conduct financial theft, researchers report.Lazarus Group Brings APT Tactics to Ransomware
A new ransomware, VHD, was seen being delivered by the nation-state group's multiplatform malware platform, MATA.
Avon Server Leaks User Info and Administrative Data
An unprotected server has exposed more than 7GB of data from the beauty brand.Hacker gang behind Garmin attack doesn't have a history of stealing user data
There's a high probability that Garmin user data might be safe, after all.Out-of-Date and Unsupported Cloud Workloads Continue as a Common Weakness
More than 80% of companies have at least one Internet-facing cloud asset that is more than six months out of date or running software that is no longer supported, according to scan data.Researchers Foil Phishing Attempt on Netflix Customers
Hackers use two stolen domains to steal credentials from Netflix users and then send them to the real Netflix site.7.5M Banking Customers Affected in Dave Security Breach
The financial services app confirms user data was compromised in a data breach at its former third-party provider, WayDev.Autonomous IT: Less Reacting, More Securing
Keeping data secure requires a range of skills and perfect execution. AI makes that possible.FBI warns of disruptive DDoS amplification attacks
The Bureau expects cybercriminals to increasingly abuse new threat vectors for large-scale DDoS attacks
The post FBI warns of disruptive DDoS amplification attacks appeared first on WeLiveSecurity
As Businesses Move to the Cloud, Cybercriminals Follow Close Behind
In the wake of COVID-19, data theft is by far the top tactic, followed by cryptomining and ransomware.Kaspersky: North Korean hackers are behind the VHD ransomware
North Korean hackers return to actively deploying ransomware after the huge WannaCry debacle.Podcast: Security Lessons Learned In Times of Uncertainty
Derek Manky, Chief, Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, discusses the top threats and lessons learned from the first half of 2020.
Researchers Warn of High-Severity Dell PowerEdge Server Flaw
A path traversal vulnerability in the iDRAC technology can allow remote attackers to take over control of server operations.
New Linux malware uses Dogecoin API to find C&C server addresses
Security researchers discover Doki, a new backdoor malware strain targeting Docker instances.Business ID Theft Soars Amid COVID Closures
Identity thieves who specialize in running up unauthorized lines of credit in the names of small businesses are having a field day with all of the closures and economic uncertainty wrought by the COVID-19 pandemic, KrebsOnSecurity has learned. This story is about the victims of a particularly aggressive business ID theft ring that's spent years targeting small businesses across the country and is now pivoting toward using that access for pandemic assistance loans and unemployment benefits.ShinyHunters Offers Stolen Data on Dark Web
The threat actor offers more than 26 million records from a series of data breaches.Ratings for Open Source Projects Aim to Make Software More Secure
Two companies have teamed up to rate open source projects, but can adopting repository ratings help developers make better decisions regarding open source?Microsoft Revamps Windows Insider Preview Bug Bounty Program
Researchers can earn up to $100,000 for finding vulnerabilities in Microsoft's revamped Windows Insider Preview bug bounty program.
Ransomware attack on Garmin thought to be the work of 'Evil Corp'
Russian cybercrime gang is believed to be responsible for taking Garmin services offline
A ransomware attack that took the GPS and smartwatch business Garmin entirely offline for more than three days is believed to have been carried out by a Russian cybercriminal gang which calls itself “Evil Corp”.
Garmin began to restore services to customers on Monday morning, after being held hostage for a reported ransom of $10m, although some services were still operating with limited functionality.
Ransomware is the most common form of criminal malware currently in use. Targets are commonly infected through malicious emails, which may trick them into downloading and running the software, or through exploiting vulnerabilities in other software such as Adobe Flash. When the ransomware program is activated, it encrypts the user’s hard drive with a single use encryption key, before flashing up a message asking for ransom, typically in the form of a payment in the cryptocurrency Bitcoin.
Related: Garmin down: how to still get your activities on to Strava
Continue reading...Attackers Exploiting High-Severity Network Security Flaw, Cisco Warns
Attackers are exploiting a high-severity vulnerability in Cisco's network security software products, which is used by Fortune 500 companies.