Cybersecurity News


Details Tied to Safari Browser-based ‘ScamClub’ Campaign Revealed

Details Tied to Safari Browser-based ‘ScamClub’ Campaign Revealed Public disclosure of a privilege escalation attack details how a cybergang bypassed browser iframe sandboxing with malicious PostMessage popups.
17 February 2021

4 Predictions for the Future of Privacy

Use these predictions to avoid pushback, find opportunity, and create value for your organization.
17 February 2021

Dutch police post 'friendly' warnings on hacking forums

Dutch police: "Hosting criminal infrastructure in The Netherlands is a lost cause."
17 February 2021

Bug in shared SDK can let attackers join calls undetected across multiple apps

Apps that use the SDK include MeetMe, Skout, Nimo TV, temi, and Talkspace.
17 February 2021

Owner of app that hijacked millions of devices with one update exposes buy-to-infect scam

The owners of the once-legitimate Android app insist that a buyer was responsible for a malicious update with far-reaching consequences.
17 February 2021

Tracker pixels in emails are now an ‘endemic’ privacy concern

Critics suggest the practice is marketing gone too far.
17 February 2021

Securing Your WiFi Access Point

The first step to creating a cybersecure home is to start by securing your WiFi Access Point. Change your WiFi Access Points default adminstrator password to something only you know. Many WiFi Access Points or WiFi routers are shipped with default administrator passwords that are publicly known and posted on the Internet. The first step to creating a cybersecure home is to start by securing your WiFi Access Point. Change your WiFi Access Points default adminstrator password to something only you know. Many WiFi Access Points or WiFi routers are shipped with default administrator passwords that are publicly known and posted on the Internet.
17 February 2021

Attacks targeting IT firms stir concern, controversy

The Exaramel backdoor, discovered by ESET in 2018, resurfaces in a campaign hitting companies that use an outdated version of a popular IT monitoring tool

The post Attacks targeting IT firms stir concern, controversy appeared first on WeLiveSecurity

16 February 2021

Compromised Credentials Show That Abuse Happens in Multiple Phases

The third stage, when threat actors rush to use stolen usernames and password pairs in credential-stuffing attacks, is the most damaging for organizations, F5 says.
16 February 2021

Centreon says only 15 entitites were targeted in recent Russian hacking spree

Hacked companies were using very outdated versions of Centreon's open-source IT monitoring software.
16 February 2021

Firms Patch Greater Number of Systems, but Still Slowly

Fewer systems have flaws; however, the time to remediate vulnerabilities stays flat, and many issues targeted by in-the-wild malware remain open to attack.
16 February 2021

Complaint Blasts TikTok’s ‘Misleading’ Privacy Policies

Complaint Blasts TikTok’s ‘Misleading’ Privacy Policies TikTok is again in hot water for how the popular video-sharing app collects and shares data - particularly from its underage userbase.
16 February 2021

Let’s Encrypt Gears Up to Replace 200M Certificates a Day

Let’s Encrypt Gears Up to Replace 200M Certificates a Day The open CA prepares for ‘worst scenarios’ with new fiber, servers, cryptographic signing and more.
16 February 2021

DDoS Attacks Wane in Q4 Amid Cryptomining Resurgence

DDoS Attacks Wane in Q4 Amid Cryptomining Resurgence The volume of attacks fell 31 percent in the last part of 2020, as Bitcoin values skyrocketed. But there were still several notable trends, such as a rise in Linux botnets.
16 February 2021

Malvertiser abused WebKit zero-day to redirect iOS & macOS users to shady sites

Malicious ad campaigns have taken place all last year. Patches shipped on February 1, 2021.
16 February 2021

Strata Identity Raises $11M in Series A Round

The series A round of funding, led by Menlo Ventures, will help Strata scale its distributed identity technology.
16 February 2021

Under Attack: Hosting & Internet Service Providers

The digital universe depends on always-on IT networks and services, so ISPs and hosting providers have become favorite targets for cyberattacks.
16 February 2021

Romance scams in 2020: Breaking hearts, wallets – and records

As dating apps experience a boom amid COVID-19, losses to romance scams soar too

The post Romance scams in 2020: Breaking hearts, wallets – and records appeared first on WeLiveSecurity

16 February 2021

Misconfigured Baby Monitors Allow Unauthorized Viewing

Misconfigured Baby Monitors Allow Unauthorized Viewing Hundreds of thousands of individuals are potentially affected by this vulnerability.
16 February 2021

Microsoft Pulls Bad Windows Update After Patch Tuesday Headaches

Microsoft Pulls Bad Windows Update After Patch Tuesday Headaches Microsoft released a new servicing stack update (KB5001078) after an older one caused problems for Windows users installing Patch Tuesday security updates.
16 February 2021