Cybersecurity News
The Trouble with Free and Open Source Software
Insecure developer accounts, legacy software, and nonstandard naming schemes are major problems, Linux Foundation and Harvard study concludes.18 February 2020
Microsoft has a subdomain hijacking problem
Spammers hijack Microsoft subdomains to advertise poker casinos. Many other subdomains have been vulnerable for years.18 February 2020
FC Barcelona Suffers Likely Credential-Stuffing Attack on Twitter
OurMine took over the Spanish powerhouse soccer team's Twitter account.
18 February 2020
Dell Sells RSA to Private Equity Firm for $2.1B
Deal with private equity entity Symphony Technology Group revealed one week before the security industry's RSA Conference in San Francisco.18 February 2020
Ring Mandates 2FA After Rash of Hacks
Ring outlined new security and data privacy measures, Tuesday, following backlash of the connected doorbell in the past year.
18 February 2020
Iran-Backed APTs Collaborate on 3-Year ‘Fox Kitten’ Global Spy Campaign
APT34/OilRig and APT33/Elfin have established a highly developed and persistent infrastructure that could be converted to distribute destructive wiper malware.
18 February 2020
Lumu to Emerge from Stealth at RSAC
The new company will focus on giving customers earlier indications of network and server compromise.18 February 2020
Cyber Fitness Takes More Than a Gym Membership & a Crash Diet
Make cybersecurity your top priority, moving away from addressing individual problems with Band-Aids and toward attaining a long-term cyber-fitness plan.18 February 2020
DHS says ransomware hit US gas pipeline operator
Operations halted for two days at unnamed US natural gas compression facility.18 February 2020
Encoding Stolen Credit Card Data on Barcodes
Crooks are constantly dreaming up new ways to use and conceal stolen credit card data. According to the U.S. Secret Service, the latest scheme involves stolen card information embedded in barcodes affixed to phony money network rewards cards. The scammers then pay for merchandise by instructing a cashier to scan the barcode and enter the expiration date and card security code.18 February 2020
Sensitive plastic surgery photos exposed online
Other leaked records include videos, facial and body scans, as well as a range of patients' personal data
The post Sensitive plastic surgery photos exposed online appeared first on WeLiveSecurity
18 February 2020
Active Exploits Hit Vulnerable WordPress ThemeGrill Plugin
Websites using a vulnerable version of the WordPress plugin, ThemeGrill Demo Importer, are being targeted by attackers.
18 February 2020
1.7M Nedbank Customers Affected via Third-Party Breach
A vulnerability in the network of marketing contractor Computer Facilities led to a breach at the South African bank.18 February 2020
Plugin flaw leaves up to 200,000 WordPress sites at risk of attack
A fix is available, so you may want to make sure that you run the plugin’s latest version
The post Plugin flaw leaves up to 200,000 WordPress sites at risk of attack appeared first on WeLiveSecurity
18 February 2020
Ring to enable 2FA for all user accounts after recent hacks
Google made 2FA mandatory for all Nest users last week.18 February 2020
Firmware Weaknesses Can Turn Computer Subsystems into Trojans
Network cards, video cameras, and graphics adapters are a few of the subsystems whose lack of security could allow attackers to turn them into spy implants.18 February 2020
Staircase to the Cloud: Dark Reading Caption Contest Winners
A humorous nod to the lack of gender equity in cybersecurity hiring was our judges' unanimous choice. And the winners are ...
18 February 2020
Hacker Scheme Threatens AdSense Customers with Account Suspension
Scam threatens to flood sites using Google’s banner-ad program with bot and junk traffic if owners don’t pay $5K in bitcoin.
18 February 2020
16 DDoS attacks take place every 60 seconds, rates reach 622 Gbps
With over 23,000 recorded attacks per day, customer-facing enterprise services are bearing the brunt of attacks.18 February 2020