Cybersecurity News


Women in tech: Unique insights from a lifelong pursuit of innovation

Leading Slovak computer scientist Mária Bieliková shares her experience working as a woman driving technological innovation and reflects on how to inspire the next generation of talent in tech

The post Women in tech: Unique insights from a lifelong pursuit of innovation appeared first on WeLiveSecurity

30 March 2022

Log4JShell Used to Swarm VMware Servers with Miners, Backdoors

Log4JShell Used to Swarm VMware Servers with Miners, Backdoors Researchers have found three backdoors and four miners in attacks exploiting the Log4Shell vulnerability, some of which are still ongoing.
29 March 2022

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

There is a terrifying and highly effective "method" that criminal hackers are now using to harvest sensitive customer data from Internet service providers, phone companies and social media firms. It involves compromising email accounts and websites tied to police departments and government agencies, and then sending unauthorized demands for subscriber data while claiming the information being requested can't wait for a court order because it relates to an urgent matter of life and death.
29 March 2022

Exchange Servers Speared in IcedID Phishing Campaign

Exchange Servers Speared in IcedID Phishing Campaign The ever-evolving malware shows off new tactics that use email thread hijacking and other obfuscation techniques to provide advanced evasion techniques.
29 March 2022

Transparent Tribe APT returns to strike India's government and military

The development of custom malware indicates the group is trying to "compromise even more victims."
29 March 2022

Ukraine destroys five bot farms that were spreading 'panic' among citizens

Over 100,000 fake accounts were allegedly used to spread misinformation about Russia's invasion.
29 March 2022

Log4Shell exploited to infect VMware Horizon servers with backdoors, crypto miners

Three backdoors and four miners have been detected in new attacks.
29 March 2022

Europe’s quest for energy independence – and how cyber‑risks come into play

Soaring energy prices and increased geopolitical tensions amid the Russian invasion of Ukraine bring a sharp focus on European energy security

The post Europe’s quest for energy independence – and how cyber‑risks come into play appeared first on WeLiveSecurity

29 March 2022

Okta Says It Goofed in Handling the Lapsus$ Attack

Okta Says It Goofed in Handling the Lapsus$ Attack "We made a mistake," Okta said, owning up to its responsibility for security incidents that hit its service providers and potentially its own customers.
28 March 2022

Critical Sophos Security Bug Allows RCE on Firewalls

Critical Sophos Security Bug Allows RCE on Firewalls The security vendor's appliance suffers from an authentication-bypass issue.
28 March 2022

Hundreds more packages found in malicious npm 'factory'

Over 600 malicious packages were published in only five days.
28 March 2022

Sophos patches critical remote code execution vulnerability in Firewall

Sophos Firewall is a network protection solution for the enterprise market.
28 March 2022

Under the hood of Wslink’s multilayered virtual machine

ESET researchers describe the structure of the virtual machine used in samples of Wslink and suggest a possible approach to see through its obfuscation techniques

The post Under the hood of Wslink’s multilayered virtual machine appeared first on WeLiveSecurity

28 March 2022

DOJ Indicts Russian Gov’t Employees Over Targeting Power Sector

DOJ Indicts Russian Gov’t Employees Over Targeting Power Sector The supply-chain attack on the U.S. energy sector targeted thousands of computers at hundreds of organizations, including at least one nuclear power plant.
25 March 2022

Estonian Tied to 13 Ransomware Attacks Gets 66 Months in Prison

An Estonian man was sentenced today to more than five years in a U.S. prison for his role in at least 13 ransomware attacks that caused losses of approximately $53 million. Prosecutors say the accused also enjoyed a lengthy career of "cashing out" access to hacked bank accounts worldwide.
25 March 2022

Week in security with Tony Anscombe

ESET discovers Mustang Panda's Hodur trojan – Crypto malware targeting Android and iOS users alike – Nation-state digital deterrent

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

25 March 2022

UK police arrest seven individuals suspected of being hacking group members

The youngest suspect is 16 years old.
25 March 2022

Google Chrome Zero-Day Bugs Exploited Weeks Ahead of Patch

Google Chrome Zero-Day Bugs Exploited Weeks Ahead of Patch Two separate campaigns from different threat actors targeted users with the same exploit kit for more than a month before the company fixed an RCE flaw found in February.
25 March 2022

Frosties NFT operators arrested over $1.1 million 'rug pull' scam

Investors hand over their cryptocurrency. Project developers vanish.
25 March 2022

Avast acquires SecureKey Technologies in authentication, identity management push

The Canadian company specializes in digital identity services.
25 March 2022