Cybersecurity News


No “Game over” for the Winnti Group

The notorious APT group continues to play the video game industry with yet another backdoor

The post No “Game over” for the Winnti Group appeared first on WeLiveSecurity

21 May 2020

Video game developers under siege by cyberattacks seeking to plunder in-game cash

The Winnti Group is targeting gaming vendors once more with a new backdoor.
21 May 2020

BlockFi discloses failed hack attempt after SIM swapping incident

BlockFi says a hacker SIM swapped an employee to gain access to its platform, but the hacker failed in their attempt to steal BlockFi customer funds.
20 May 2020

Hacker selling 40 million user records from popular Wishbone app

Seller claims the data was obtained following a hack that took place earlier this year.
20 May 2020

60% of Insider Threats Involve Employees Planning to Leave

Researchers shows most "flight-risk" employees planning to leave an organization tend to start stealing data two to eight weeks before they go.
20 May 2020

Digital Transformation Risks in Front-end Code

Why making every front-end developer a DevSecOps expert will lead to a more holistic approach to web and native application security.
20 May 2020

NetWalker Ransomware Gang Hunts for Top-Notch Affiliates

NetWalker Ransomware Gang Hunts for Top-Notch Affiliates The operators behind the Toll Group attack are taking applications for technically advanced partners.
20 May 2020

Fraudulent Unemployment, COVID-19 Relief Claims Earn BEC Gang Millions

Fraudulent Unemployment, COVID-19 Relief Claims Earn BEC Gang Millions The business email compromise (BEC) gang Scattered Canary has filed more than 200 fraudulent claims for unemployment benefits and for COVID-19 relief funds.
20 May 2020

Offers to Sell Enterprise Network Access Surge on Dark Web

In contrast, Q1 2019 saw more interest in selling and buying access to individual servers.
20 May 2020

Bank of America blames PPP applications leak on faulty SBA test server

BofA says SBA test platform allowed others to view details for its customers' PPP loan applications.
20 May 2020

Microsoft Warns of Vulnerability Affecting Windows DNS Server

A new security advisory addresses a vulnerability that could be exploited to cause a denial-of-service attack.
20 May 2020

Coronavirus-Themed Phishing Fears Largely Overblown, Researchers Say

As COVID-19-themed spam rises, phishing-not so much. An analysis of newly registered domains finds that only 2.4% are actually phishing sites aiming to steal credentials.
20 May 2020

Verizon DBIR: Web App Attacks and Security Errors Surge

Verizon DBIR: Web App Attacks and Security Errors Surge Threatpost talks to Verizon DBIR co-author Gabriel Bassett about the top takeaways from this year's Data Breach Investigations Report.
20 May 2020

Signal to move away from using phone numbers as user IDs

Signal launches profile PINs, the first step in supporting Signal user accounts that are not tied to phone numbers.
20 May 2020

Is Zero Trust the Best Answer to the COVID-19 Lockdown?

Is Zero Trust the Best Answer to the COVID-19 Lockdown? Enterprises need to recognize that remote access and other pandemic-related security challenges cannot be fixed with buzzwords or silver-bullet security tools.
20 May 2020

Alleged Hacker Behind Massive ‘Collection 1’ Data Dump Arrested

Alleged Hacker Behind Massive ‘Collection 1’ Data Dump Arrested The threat actor known as ‘Sanix’ had terabytes of stolen credentials at his residence, authorities said.
20 May 2020

‘Flight risk’ employees involved in 60% of insider cybersecurity incidents

The majority of staff planning their exit also take sensitive information with them, research suggests.
20 May 2020

Adobe issues out-of-band patch to fix remote code execution flaw in animation software

Information leaks have also been patched up in Premiere Rush, Audition, and Premiere Pro.
20 May 2020

These things may be cool, but are they safe?

In the rush to embrace IoT devices, we shouldn’t trade in our privacy and security for the added convenience

The post These things may be cool, but are they safe? appeared first on WeLiveSecurity

20 May 2020

NXNSAttack technique can be abused for large-scale DDoS attacks

New vulnerability in DNS server software can be leveraged for DDoS attacks with an 1620x amplification factor.
19 May 2020