Cybersecurity News


Chinese Software Company Aisino Uninstalls GoldenSpy Malware

Follow-up sandbox research confirms Aisino knew about the malware in its tax software, though it's still unclear whether it was culpable.
01 July 2020

Businesses Invest in Cloud Security Tools Despite Concerns

A majority of organizations say the acceleration was driven by a need to support more remote employees.
01 July 2020

DHS Shares Data on Top Cyber Threats to Federal Agencies

Backdoors, cryptominers, and ransomware were the most widely detected threats by the DHS Cybersecurity and Infrastructure Security Agency (CISA)'s intrusion prevention system EINSTEIN.
01 July 2020

DHS Shares Data on Top Cyberthreats to Federal Agencies

Backdoors, cryptominers, and ransomware were the most widely detected threats by the DHS Cybersecurity and Infrastructure Security Agency (CISA)'s intrusion prevention system EINSTEIN.
01 July 2020

Hacker ransoms 23k MongoDB databases and threatens to contact GDPR authorities

The hacker has attempted to ransom nearly 47% of all MongoDB databases left exposed online.
01 July 2020

Cisco Warns of High-Severity Bug in Small Business Switch Lineup

Cisco Warns of High-Severity Bug in Small Business Switch Lineup A high-severity flaw allows remote, unauthenticated attackers to potentially gain administrative privileges for Cisco small business switches.
01 July 2020

Alina Point-of-Sale Malware Spotted in Ongoing Campaign

Alina Point-of-Sale Malware Spotted in Ongoing Campaign The malware is using DNS tunneling to exfiltrate payment-card data.
01 July 2020

New MacOS Ransomware Hides in Pirated Program

A bogus installer for Little Snitch carries a ransomware hitchhiker.
01 July 2020

Microsoft Issues Out-of-Band Patches for RCE Flaws

Vulnerabilities had not been exploited or publicly disclosed before fixes were released, Microsoft reports.
01 July 2020

EvilQuest: Inside A ‘New Class’ of Mac Malware

EvilQuest: Inside A ‘New Class’ of Mac Malware Mac expert Thomas Reed discusses how EvilQuest is ushering in a new class of Mac malware.
01 July 2020

4 Steps to a More Mature Identity Program

Security has evolved to evaluate an identity's attributes, access, and behavior to determine appropriate access.
01 July 2020

One out of every 142 passwords is '123456'

The '123456' password was spotted 7 million times across a data trove of one billion leaked credentials, on one of the biggest password re-use studies of its kind.
01 July 2020

New Android Spyware Tools Emerge in Widespread Surveillance Campaign

New Android Spyware Tools Emerge in Widespread Surveillance Campaign Never-before-seen Android spyware tools have been used in a widespread APT campaign to spy on the Uyghur ethnic minority group - since 2013.
01 July 2020

Another COVID-19 Side Effect: Rising Nation-State Cyber Activity

While financial institutions and government remain popular targets, COVID-19 research organizations are now also in the crosshairs.
01 July 2020

Email Sender Identity is Key to Solving the Phishing Crisis

Email Sender Identity is Key to Solving the Phishing Crisis Almost 90% of email attacks manipulate sender identity to fool recipients and initiate social engineering attacks.
01 July 2020

Microsoft Releases Emergency Security Updates for Windows 10, Server

Microsoft Releases Emergency Security Updates for Windows 10, Server The patches fix two separate RCE bugs in Windows Codecs that allow hackers to exploit playback of multimedia files.
01 July 2020

AT&T dragged to court, again, over SIM hijacking and cryptocurrency theft

A customer allegedly lost $1.9 million due to AT&T’s handling of a number transfer request.
01 July 2020

Microsoft releases emergency update to fix two serious Windows flaws

The out-of-band update plugs two remote code execution bugs in the Windows Codecs library, including one rated as critical

The post Microsoft releases emergency update to fix two serious Windows flaws appeared first on WeLiveSecurity

01 July 2020

UK court shuts down scam cryptocurrency platform GPay Ltd, £1.5 million in client funds lost

GPay used fake celebrity endorsements and ads to lure traders to invest.
01 July 2020

CEO of exam monitoring software Proctorio apologises for posting student's chat logs on Reddit

CEO of exam monitoring software Proctorio apologises for posting student's chat logs on Reddit

Australian students who have raised privacy concerns describe the incident involving a Canadian student as ‘freakishly disrespectful’

The chief executive of an exam monitoring software firm that has raised privacy concerns in Australia has apologised for publicly posting a student’s chat logs during an argument on the website Reddit.

Mike Olsen, who is the CEO of the US-based Proctorio, has since deleted the posts and apologised, saying that he and Proctorio “take privacy very seriously”.

Related: Coalition's university fee overhaul accused of being an 'attack on women'

Related: Dan Tehan’s threat to police university enrolments can’t plug the holes in the Coalition’s logic

Continue reading...
01 July 2020