Cybersecurity News


Cybercriminals troll Iran's leader, cause railway network 'chaos'

Train services were disrupted and the help desk number given was that of Iran's Supreme Leader.
12 July 2021

Kaseya issues patch for on-premise customers, SaaS rollout underway

Support teams are working with clients to apply critical security fixes.
12 July 2021

Cyber Polygon 2021: Towards Secure Development of Digital Ecosystems

Cyber Polygon 2021: Towards Secure Development of Digital Ecosystems Cybersecurity is one of the most important topics on the global agenda, boosted by the pandemic. As the global digitalisation is further accelerating, the world is becoming ever more interconnected. Digital ecosystems are being created all around us: countries, corporations and individuals are taking advantage of the rapid spread of the Internet and smart devices. In this context, a single vulnerable link is enough to bring down the entire system, just like the domino effect.
10 July 2021

How Dangerous is Malware? New Report Finds It's Tough to Tell

Determining which malware is most damaging, and worthy of immediate attention, has become difficult in environments filled with alerts and noise.
09 July 2021

Spike in “Chain Gang” Destructive Attacks on ATMs

Last summer, financial institutions throughout Texas started reporting a sudden increase in attacks involving well-orchestrated teams that would show up at night, use stolen trucks and heavy chains to rip Automated Teller Machines (ATMs) out of their foundations, and make off with the cash boxes inside. Now it appears the crime -- known variously as "ATM smash-and-grab" and "chain gang" attacks -- is rapidly increasing in other states.
09 July 2021

CISA Analysis Reveals Successful Attack Techniques of FY 2020

The analysis shows potential attack paths and the most effective techniques for each tactic documented in CISA's Risk and Vulnerability Assessments.
09 July 2021

New Framework Aims to Describe & Address Complex Social Engineering Attacks

As attackers use more synthetic media in social engineering campaigns, a new framework is built to describe threats and provide countermeasures.
09 July 2021

Microsoft Office Users Warned on New Malware-Protection Bypass

Microsoft Office Users Warned on New Malware-Protection Bypass Word and Excel documents are enlisted to disable Office macro warnings, so the Zloader banking malware can be downloaded onto systems without security tools flagging it.
09 July 2021

Cisco BPA, WSA Bugs Allow Remote Cyberattacks

Cisco BPA, WSA Bugs Allow Remote Cyberattacks The high-severity security vulnerabilities allow elevation of privileges, leading to data theft and more.
09 July 2021

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry The ElectroRAT Trojan attacker's success highlights the increasingly sophisticated nature of threats to cryptocurrency exchanges, wallets, brokerages, investing, and other services.
09 July 2021

It's in the Game (but It Shouldn't Be)

Five ways that game developers (and others) can avoid falling victim to an attack like the one that hit EA.
09 July 2021

Cartoon Caption Winner: Sight Unseen

Cartoon Caption Winner: Sight Unseen And the winner of Dark Reading's June contest is ...
09 July 2021

Week in security with Tony Anscombe

The Kaseya VST supply-chain attack impacts hundreds of companies – ESET discovers a new version of Bandook malware – How the ransomware business model works

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

09 July 2021

Lazarus Targets Job-Seeking Engineers with Malicious Documents

Lazarus Targets Job-Seeking Engineers with Malicious Documents Notorious North Korean APT impersonates Airbus, General Motors and Rheinmetall to lure potential victims into downloading malware.
09 July 2021

Scam artists exploit Kaseya security woes to deploy malware

The company is being impersonated in the fallout of a recent ransomware attack.
09 July 2021

Texas resident jailed for role in $2.2 million romance, business email scams

The Nigerian national will spend over seven years behind bars.
09 July 2021

Morgan Stanley Discloses Data Breach

Attackers were able to compromise customers' personal data by targeting the Accellion FTA server of a third-party vendor.
08 July 2021

Oil & Gas Targeted in Year-Long Cyber-Espionage Campaign

Oil & Gas Targeted in Year-Long Cyber-Espionage Campaign A global effort to steal information from energy companies is using sophisticated social engineering to deliver Agent Tesla and other RATs.
08 July 2021

New WildPressure Malware Capable of Targeting Windows and MacOS

The Trojan sends information back to the attackers' servers about the programming language of a target device.
08 July 2021

Coursera Flunks API Security Test in Researchers’ Exam

Coursera Flunks API Security Test in Researchers’ Exam The problem APIs included numero uno on the OWASP API Security Top 10: a Broken Object Level Authorization (BOLA) issue that could have exposed personal data.
08 July 2021