Cybersecurity News
Zoom Addresses Vanity URL Zero-Day
An attacker could pose as a company employee, invite customers or partners to meetings, then use socially engineered conversation to extract sensitive information.
Spanish deputy PM urges investigation into Catalan spyware claims
Exclusive: Pablo Iglesias calls alleged targeting of independence movement figures unacceptable
The Spanish deputy prime minister Pablo Iglesias has become the most senior political figure to call for a parliamentary investigation into the use of spyware to target prominent members of the Catalan independence movement, saying such practices are “unacceptable in a democracy”.
A joint investigation this week by the Guardian and El País has revealed that Roger Torrent, the speaker of the Catalan parliament, and former regional foreign minister Ernest Maragall are among at least four pro-independence activists who have been targeted using Israeli spyware that its makers said is sold only to governments.
Continue reading...High‑profile Twitter accounts hacked to promote Bitcoin scam
Tech titans and prominent politicians among victims of a sprawling hack that Twitter says leveraged its internal tools
The post High‑profile Twitter accounts hacked to promote Bitcoin scam appeared first on WeLiveSecurity
US actor casting company leaked private data of over 260,000 individuals
Exclusive: The site has been used to cast members in Pitch Perfect and Terminator Genisys, among other shows.Third-Party IoT Vulnerabilities: We Need a Cybersecurity Paradigm Shift
The only entities equipped to safeguard Internet of Things devices against risks are the IoT device manufacturers themselves.Amazon-Themed Phishing Campaigns Swim Past Security Checks
A pair of recent campaigns aim to lift credentials and other personal information under the guise of Amazon package-delivery notices.
Level Up Your Kubernetes Security Skills at Black Hat USA
Gain access to a broad spectrum of in-depth cybersecurity Briefings and Trainings.European court strikes down EU-US Privacy Shield user data exchange agreement as invalid
The decision could have immediate ramifications for the transfer of user data between the US and Europe.Threat Actors Introduce Unique ‘Newbie’ Hacker Forum
CryptBB becomes more inclusive by inviting less experienced hackers to learn from expert cybercriminals and one another.
Iranian cyberspies leave training videos exposed online
Cyber-security firm IBM X-Force finds video recordings used to train Iranian state hackers.Mac cryptocurrency trading application rebranded, bundled with malware
ESET researchers lure GMERA malware operators to remotely control their Mac honeypots
The post Mac cryptocurrency trading application rebranded, bundled with malware appeared first on WeLiveSecurity
Mac users trying to trade cryptocurrencies targeted by Gmera Trojan operators
Wallets are being plundered by apps infected with Gmera malware.LokiBot Redux Attacks Massive List of Common Android Apps
BlackRock, based on the Xerxes source code, can steal info not only from financial apps but also TikTok, Tinder, Instagram, Uber and many others.
New BlackRock Android malware can steal passwords and card data from 337 apps
Android apps targeted by this new trojan include banking, dating, social media, and instant messaging apps.Bazar backdoor linked to Trickbot banking Trojan campaigns
Cybercriminals are taking advantage of the coronavirus pandemic to spread the new malware.Twitter Elite Accounts Are Hijacked in Unprecedented Cryptocurrency Scam
The Twitter accounts of Gates, Musk, Biden, Apple and Uber have each been hijacked at the same time to push a cryptocurrency scam in an unprecedented breach of Twitter accounts.