Cybersecurity News
Hacker ransoms 23k MongoDB databases and threatens to contact GDPR authorities
The hacker has attempted to ransom nearly 47% of all MongoDB databases left exposed online.Cisco Warns of High-Severity Bug in Small Business Switch Lineup
A high-severity flaw allows remote, unauthenticated attackers to potentially gain administrative privileges for Cisco small business switches.
Alina Point-of-Sale Malware Spotted in Ongoing Campaign
The malware is using DNS tunneling to exfiltrate payment-card data.
New MacOS Ransomware Hides in Pirated Program
A bogus installer for Little Snitch carries a ransomware hitchhiker.Microsoft Issues Out-of-Band Patches for RCE Flaws
Vulnerabilities had not been exploited or publicly disclosed before fixes were released, Microsoft reports.EvilQuest: Inside A ‘New Class’ of Mac Malware
Mac expert Thomas Reed discusses how EvilQuest is ushering in a new class of Mac malware.
4 Steps to a More Mature Identity Program
Security has evolved to evaluate an identity's attributes, access, and behavior to determine appropriate access.One out of every 142 passwords is '123456'
The '123456' password was spotted 7 million times across a data trove of one billion leaked credentials, on one of the biggest password re-use studies of its kind.New Android Spyware Tools Emerge in Widespread Surveillance Campaign
Never-before-seen Android spyware tools have been used in a widespread APT campaign to spy on the Uyghur ethnic minority group - since 2013.
Another COVID-19 Side Effect: Rising Nation-State Cyber Activity
While financial institutions and government remain popular targets, COVID-19 research organizations are now also in the crosshairs.Email Sender Identity is Key to Solving the Phishing Crisis
Almost 90% of email attacks manipulate sender identity to fool recipients and initiate social engineering attacks.
Microsoft Releases Emergency Security Updates for Windows 10, Server
The patches fix two separate RCE bugs in Windows Codecs that allow hackers to exploit playback of multimedia files.
AT&T dragged to court, again, over SIM hijacking and cryptocurrency theft
A customer allegedly lost $1.9 million due to AT&T’s handling of a number transfer request.Microsoft releases emergency update to fix two serious Windows flaws
The out-of-band update plugs two remote code execution bugs in the Windows Codecs library, including one rated as critical
The post Microsoft releases emergency update to fix two serious Windows flaws appeared first on WeLiveSecurity
UK court shuts down scam cryptocurrency platform GPay Ltd, £1.5 million in client funds lost
GPay used fake celebrity endorsements and ads to lure traders to invest.CEO of exam monitoring software Proctorio apologises for posting student's chat logs on Reddit
Australian students who have raised privacy concerns describe the incident involving a Canadian student as ‘freakishly disrespectful’
The chief executive of an exam monitoring software firm that has raised privacy concerns in Australia has apologised for publicly posting a student’s chat logs during an argument on the website Reddit.
Mike Olsen, who is the CEO of the US-based Proctorio, has since deleted the posts and apologised, saying that he and Proctorio “take privacy very seriously”.
Related: Coalition's university fee overhaul accused of being an 'attack on women'
Related: Dan Tehan’s threat to police university enrolments can’t plug the holes in the Coalition’s logic
Continue reading...