Cybersecurity News


2021’s Most Dangerous Software Weaknesses

2021’s Most Dangerous Software Weaknesses Saryu Nayyar, CEO at Gurucul, peeks into Mitre's list of dangerous software bug types, highlighting that the oldies are still the goodies for attackers.
14 September 2021

Paving the Way: Inspiring Women in Payments - A Q&A Featuring Zeal Somani

 

Women alone can be powerful. But women who empower each other can have an even greater impact. In this edition of our blog, Zeal Somani, who was greatly influenced by her grandmother and by her female colleagues, explains that forming close connections with other women and channeling the power of collaboration are key to overcoming unconscious bias that women face in the workplace.

14 September 2021

ZLoader’s Back, Abusing Google AdWords, Disabling Windows Defender

ZLoader’s Back, Abusing Google AdWords, Disabling Windows Defender The well-known banking trojan retools for stealth with a whole new attack routine, including using ads for Microsoft TeamViewer and Zoom to lure victims in.
14 September 2021

WhatsApp announces end‑to‑end encrypted backups

The Facebook-owned messaging service plans to roll out the feature to both iOS and Android users in the coming weeks.

The post WhatsApp announces end‑to‑end encrypted backups appeared first on WeLiveSecurity

14 September 2021

Pair of Google Chrome Zero-Day Bugs Actively Exploited

Pair of Google Chrome Zero-Day Bugs Actively Exploited The security vulnerabilities bring the web behemoth up to 10 browser zero-days found so far this year.
14 September 2021

Unpatched Bugs Plague Databases; Your Data Is Probably Not Secure – Podcast

Unpatched Bugs Plague Databases; Your Data Is Probably Not Secure – Podcast Imperva's Elad Erez discusses findings that 46 percent of on-prem databases are sitting ducks, unpatched and vulnerable to attack, each with an average of 26 flaws.
14 September 2021

Romance, BEC Scams Lands Soldier in Jail for 46 Months

Romance, BEC Scams Lands Soldier in Jail for 46 Months A former Army Reservist pleaded guilty to scamming the elderly with catfishing and stealing from veterans.
14 September 2021

The state of ransomware: national emergencies and million-dollar blackmail

Banks, however, have experienced the highest volume of ransomware attacks this year.
14 September 2021

BlackMatter Ransomware Hits Japanese Tech Giant Olympus

BlackMatter Ransomware Hits Japanese Tech Giant Olympus The incident that occurred Sept. 8 and affected its EMEA IT systems seems to signal a return to business as usual for ransomware groups.
14 September 2021

HP patches severe OMEN driver privilege escalation vulnerability

The bug can be used to achieve kernel-mode permissions.
14 September 2021

Close to half of on-prem databases contain vulnerabilities, with many critical flaws

The Microsoft Exchange attack wave revealed the risks, but patching isn't always straightforward.
14 September 2021

What is a cyberattack surface and how can you reduce it?

Discover the best ways to mitigate your organization's attack surface, in order to maximize cybersecurity.

The post What is a cyberattack surface and how can you reduce it? appeared first on WeLiveSecurity

14 September 2021

Apple Issues Emergency Fix for NSO Zero-Click Zero Day

Apple Issues Emergency Fix for NSO Zero-Click Zero Day Citizen Lab urges Apple users to update immediately. The new zero-click zero-day ForcedEntry flaw affects all things Apple: iPhones, iPads, Macs and Watches.
13 September 2021

REvil’s Back; Coder Fat-Fingered Away Its Decryptor Key

REvil’s Back; Coder Fat-Fingered Away Its Decryptor Key How did Kaseya get a universal decryptor after a mind-bogglingly big ransomware attack? A REvil coder misclicked, generated & issued it, and “That’s how we sh*t ourselves.”
13 September 2021

WhatsApp’s End-to-End Encryption Isn’t Actually Broken

WhatsApp’s End-to-End Encryption Isn’t Actually Broken WhatsApp’s moderators sent messages flagged by intended recipients. Researchers say this isn't concerning -- yet.
13 September 2021

Honing Cybersecurity Strategy When Everyone’s a Target for Ransomware

Honing Cybersecurity Strategy When Everyone’s a Target for Ransomware Aamir Lakhani, researcher at FortiGuard Labs, explains why organizations must extend cyber-awareness training across the entire enterprise, from Luddites to the C-suite.
13 September 2021

WooCommerce Multi Currency Bug Allows Shoppers to Change eCommerce Pricing

WooCommerce Multi Currency Bug Allows Shoppers to Change eCommerce Pricing The security vulnerability can be exploited with a malicious CSV file.
13 September 2021

Over 60 million wearable, fitness tracking records exposed via unsecured database

Data sources included Apple's HealthKit and Fitbit.
13 September 2021

Over 60 million wearable, fitness tracking records exposed via unsecured database

Data sources included Apple's HealthKit and Fitbit.
13 September 2021

This is how a cybersecurity researcher accidentally broke Apple Shortcuts

Detectify explains how investigating CloudKit resulted in Shortcuts disruption for users back in March.
13 September 2021