Cybersecurity News
Malicious Joker App Scores Half-Million Downloads on Google Play

Week in security with Tony Anscombe
Why the vulnerability in Log4j poses a grave threat – What businesses should know about Log4Shell – ESET wraps up a series of deep-dives into Latin American banking trojans
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Brand-New Log4Shell Attack Vector Threatens Local Hosts

Security firm Blumira discovers major new Log4j attack vector
A basic Javascript WebSocket connection can trigger a local Log4j remote code attack via a drive-by compromise. Wonderful. Truly wonderful.Convergence Ahoy: Get Ready for Cloud-Based Ransomware

Conti Gang Suspected of Ransomware Attack on McMenamins

‘Tropic Trooper’ Reemerges to Target Transportation Outfits

‘PseudoManuscrypt’ Mass Spyware Campaign Targets 35K Systems

NY Man Pleads Guilty in $20 Million SIM Swap Theft
A 24-year-old New York man who bragged about helping to steal more than $20 million worth of cryptocurrency from a technology executive has pleaded guilty to conspiracy to commit wire fraud. Nicholas Truglia was part of a group alleged to have stolen more than $100 million from cryptocurrency investors using fraudulent "SIM swaps," scams in which identity thieves hijack a target’s mobile phone number and use that to wrest control over the victim’s online identities.‘DarkWatchman’ RAT Shows Evolution in Fileless Malware

Suspected Iranian hackers target airline with new backdoor
The attack was performed by abusing the Slack workspace application.Victims awarded $18 million in GirlsDoPorn online video case, boss on the run
The sex trafficking case impacts hundreds of victims, including young women seeking modeling work.Relentless Log4j Attacks Include State Actors, Possible Worm

Malicious Exchange Server Module Hoovers Up Outlook Credentials

SAP Kicks Log4Shell Vulnerability Out of 20 Apps

What every business leader needs to know about Log4Shell
Hundreds of thousands of attempts to exploit the vulnerability are under way
The post What every business leader needs to know about Log4Shell appeared first on WeLiveSecurity
Meta targets user information, database scraping in bug bounty expansion
Meta's Facebook came under fire for a scraping incident earlier this year.Ransomware in 2022: We're all screwed
Security experts tell us what to expect in the cybercriminal landscape as we head into the new year. It's not good.Payment Security: A Perspective from Europe
In the eighteen months plus since the outbreak of the COVID-19 global pandemic many businesses have had to reinvent themselves and adapt not only how they manage their business, but more importantly how they accept payments. Europe like most of the rest of the world saw a major switch to remote transactions and the world of e-commerce. On top of these significant changes, many organizations have also had to confront the practical and security challenges of employees first having to, and then wanting to, work from home.
Apache’s Fix for Log4Shell Can Lead to DoS Attacks
