Cybersecurity News


Crypto-mining worm steal AWS credentials

TeamTNT has become the first crypto-minining botnet to include a feature that scans and steal AWS credentials.
17 August 2020

Cyberattacks Hit Thousands of Canadian Tax, Benefit Accounts

Cyberattacks Hit Thousands of Canadian Tax, Benefit Accounts The Canada Revenue Agency (CRA) suspended online services after accounts were hit in a third wave of credential stuffing attacks this weekend - giving bad actors access to various government services.
17 August 2020

The IT Backbone of Cybercrime

Like their counterparts who run legitimate businesses, cybercriminals need hosting and cybersecurity protection, too.
17 August 2020

Ritz London suspects data breach, fraudsters pose as staff in credit card data scam

Scammers phoned guests to “confirm” their credit card details for reservations.
17 August 2020

Attack of the Instagram clones

Could your social media account be spoofed, why would anybody do it, and what can you do to avoid having a doppelgänger?

The post Attack of the Instagram clones appeared first on WeLiveSecurity

17 August 2020

Controversial facial recognition tech firm Clearview AI inks deal with ICE

$224,000 has been spent on Clearview licenses by the US immigration and customs department.
17 August 2020

US regulators settle with CenturyLink over anti-competition violations

CenturyLink allegedly flouted court orders designed to stop anti-competitive behavior linked to the merger with Level 3.
17 August 2020

Microsoft Put Off Fixing Zero Day for 2 Years

A security flaw in the way Microsoft Windows guards users against malicious files was actively exploited in malware attacks for two years before last week, when Microsoft finally issued a software update to correct the problem.
17 August 2020

PoC Exploit Targeting Apache Struts Surfaces on GitHub

PoC Exploit Targeting Apache Struts Surfaces on GitHub Researchers have discovered freely available PoC code and exploit that can be used to attack unpatched security holes in Apache Struts 2.
14 August 2020

For six months, security researchers have secretly distributed an Emotet vaccine across the world

Binary Defense researchers have identified a bug in the Emotet malware and have been using it to prevent the malware from making new victims.
14 August 2020

Research Casts Doubt on Value of Threat Intel Feeds

Two commercial threat intelligence services and four open source feeds rarely provide the same information, raising questions about how security teams should gauge their utility.
14 August 2020

IcedID Shows Obfuscation Sophistication in New Campaign

The malware's developers have turned to dynamic link libraries (DLLs) to hide their work.
14 August 2020

DHS CISA Warns of Phishing Emails Rigged with KONNI Malware

Konni is a remote administration tool cyberattackers use to steal files, capture keystrokes, take screenshots, and execute malicious code.
14 August 2020

Mac Users Targeted by Spyware Spreading via Xcode Projects

Mac Users Targeted by Spyware Spreading via Xcode Projects The XCSSET suite of malware also hijacks browsers, has a ransomware module and more -- and uses a pair of zero-day exploits.
14 August 2020

Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack

R1 RCM Inc. [NASDAQ:RCM], one of the nation's largest medical debt collection companies, has been hit in a ransomware attack. 
14 August 2020

Critical Flaws in WordPress Quiz Plugin Allow Site Takeover

Critical Flaws in WordPress Quiz Plugin Allow Site Takeover The recently patched flaws could be abused by an unauthenticated, remote attackers to take over vulnerable websites.
14 August 2020

Week in security with Tony Anscombe

A deep dive into Mekotio – The financial fallout from data breaches – Fixing election security issues

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

14 August 2020

7 Ways to Keep Your Remote Workforce Safe

7 Ways to Keep Your Remote Workforce Safe These tips will help you chart a course for a security strategy that just may become part of the normal way organizations will function over the next several years.
14 August 2020

Google will test new feature in Chrome to curb phishing

The web browser will only display domain names as a way to help people recognize impostor websites

The post Google will test new feature in Chrome to curb phishing appeared first on WeLiveSecurity

14 August 2020

WFH Summer 2020 Caption Contest Winners

WFH Summer 2020 Caption Contest Winners Clever wordplay on sandcastles, sandboxes, zero trust. and granular controls. And the winners are ...
14 August 2020