Cybersecurity News


Almost 100,000 new mobile banking Trojan strains detected in 2021

Mobile malware used to be relatively rare. Now, the focus has pivoted from PCs to our handsets.
22 February 2022

NFT Investors Lose $1.7M in OpenSea Phishing Attack

NFT Investors Lose $1.7M in OpenSea Phishing Attack Attackers took advantage of a smart-contract migration to swindle 17 users.
21 February 2022

NIST proposes model to assess cybersecurity investment strategies in network security

The larger the network, the larger the attack surface. Computational models may pinpoint the best places for investment.
21 February 2022

CISA publishes guide with free cybersecurity tools, resources for incident response

The resources can provide a foundation for dealing with the aftermath of cyberattacks.
21 February 2022

Scam artists swindle NFTs worth 'millions' in OpenSea phishing attack

The NFT platform is "working around the clock" to investigate.
21 February 2022

Integer overflow: How does it occur and how can it be prevented?

Make no mistake, counting on a computer is not as easy as it may seem. Here’s what happens when a number gets “too big”.

The post Integer overflow: How does it occur and how can it be prevented? appeared first on WeLiveSecurity

21 February 2022

Week in security with Tony Anscombe

What does progress in technology mean? – IRS makes a U-turn on facial recognition but questions remain – What retailers need to know about cyberthreats

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

18 February 2022

New Critical RCE Bug Found in Adobe Commerce, Magento

New Critical RCE Bug Found in Adobe Commerce, Magento Adobe updated its recent out-of-band security advisory to add another critical bug, while researchers put out a PoC for the one it emergency-fixed last weekend.
18 February 2022

Severe WordPress Plug-In UpdraftPlus Bug Threatens Backups

Severe WordPress Plug-In UpdraftPlus Bug Threatens Backups An oversight in a WordPress plug-in exposes PII and authentication data to malicious insiders.
18 February 2022

Iranian State Broadcaster Clobbered by ‘Clumsy, Buggy’ Code

Iranian State Broadcaster Clobbered by ‘Clumsy, Buggy’ Code Researchers said a Jan. 27 attack that aired footage of opposition leaders calling for assassination of Iran’s Supreme Leader was a clumsy and unsophisticated wiper attack.
18 February 2022

Thanks, dad: jammer used to stop kids going online, wipes out a town's internet by mistake

The -interesting- control method could lead to a hefty fine and jail time.
18 February 2022

New RCE flaw added to Adobe Commerce, Magento security advisory

Researchers have also been able to replicate the original security flaw.
18 February 2022

Baby Golang-Based Botnet Already Pulling in $3K/Month for Operators

Baby Golang-Based Botnet Already Pulling in $3K/Month for Operators Kraken has already spread like wildfire, but in the past few months, the malware's author has been tinkering away, adding more infostealers and backdoors.
17 February 2022

Ukrainian DDoS Attacks Should Put US on Notice–Researchers

Ukrainian DDoS Attacks Should Put US on Notice–Researchers On Tuesday, institutions central to Ukraine’s military and economy were hit with denial-of-service (DoS) attacks. Impact was limited, but the ramifications are not.
17 February 2022

Microsoft Teams Targeted With Takeover Trojans

Microsoft Teams Targeted With Takeover Trojans Threat actors are infiltrating the increasingly popular collaboration app to attach malicious files to chat threads that drop system-hijacking malware.
17 February 2022

Kill Cloud Risk: Get Everybody to Stop Fighting Over App Security – Podcast

Kill Cloud Risk: Get Everybody to Stop Fighting Over App Security – Podcast When it comes to ensuring safe cloud app rollouts, there’s flat-out animosity between business shareholders. HackerOne’s Alex Rice and GitLab’s Johnathan Hunt share tips on quashing all the squabbling.
17 February 2022

Microsoft warns of emerging 'ice phishing' threat on blockchain, DeFi networks

The firm says that the introduction of web3 may also bring with it unique forms of phishing.
17 February 2022

Trickbot abuses top brands including Bank of America, Wells Fargo in attacks against customers

The malware is said to pose a "great danger" to the customers of 60 finance and tech giants.
17 February 2022

Businessman admits to working as spyware broker in US and Mexico

He pleaded guilty to brokering spyware and surveillance tools.
17 February 2022

Missouri will not prosecute 'hacker' reporter for daring to view state website HTML

Missouri's governor was both criticized and mocked for saying the journalist "decoded HTML source code" for malicious purposes.
17 February 2022