Cybersecurity News


The biggest data breaches, hacks of 2021

As COVID-19 continues to cause disruption, cyberattacks haven't let up, either.
31 December 2021

Copycat and fad hackers will be the bane of supply chain security in 2022

Experts explain why the supply chain is now a top target for cybercriminals -- and what we should expect to see in 2022.
31 December 2021

What the Rise in Cyber-Recon Means for Your Security Strategy

What the Rise in Cyber-Recon Means for Your Security Strategy Expect many more zero-day exploits in 2022, and cyberattacks using them being launched at a significantly higher rate, warns Aamir Lakhani, researcher at FortiGuard Labs.
30 December 2021

APT ‘Aquatic Panda’ Targets Universities with Log4Shell Exploit Tools

APT ‘Aquatic Panda’ Targets Universities with Log4Shell Exploit Tools Researchers from CrowdStrike disrupted an attempt by the threat group to steal industrial intelligence and military secrets from an academic institution.
30 December 2021

22 cybersecurity statistics to know for 2022

As we usher in the New Year, let’s take a look at some statistics that will help you stay up-to-date on recent cybersecurity trends

The post 22 cybersecurity statistics to know for 2022 appeared first on WeLiveSecurity

30 December 2021

Happy 12th Birthday, KrebsOnSecurity.com!

KrebsOnSecurity.com celebrates its 12th anniversary today! Maybe "celebrate" is too indelicate a word for a year wracked by the global pandemics of COVID-19 and ransomware. Especially since stories about both have helped to grow the audience here tremendously in 2021. But this site's birthday also is a welcome opportunity to thank you all for your continued readership and support, which helps keep the content here free to everyone.
29 December 2021

Threat Advisory: E-commerce Bots Use Domain Registration Services for Mass Account Fraud

Threat Advisory: E-commerce Bots Use Domain Registration Services for Mass Account Fraud Jason Kent is Hacker-in-Residence at Cequence Security.
29 December 2021

Cryptomining Attack Exploits Docker API Misconfiguration Since 2019

Cryptomining Attack Exploits Docker API Misconfiguration Since 2019 Campaign exploits misconfigured Docker APIs to gain network entry and ultimately sets up a backdoor on compromised hosts to mine cryptocurrency.
29 December 2021

5 Cybersecurity Trends to Watch in 2022

5 Cybersecurity Trends to Watch in 2022 Here’s what cybersecurity watchers want infosec pros to know heading into 2022.  
29 December 2021

That Toy You Got for Christmas Could Be Spying on You

That Toy You Got for Christmas Could Be Spying on You Security flaws in the recently released Fisher-Price Chatter Bluetooth telephone can allow nearby attackers to spy on calls or communicate with children using the device.
28 December 2021

Polish opposition says government use of spyware is ‘crisis for democracy’

Polish opposition says government use of spyware is ‘crisis for democracy’

Opposition leader Donald Tusk calls for inquiry after watchdog says rivals were targeted by Pegasus spyware

Polish opposition leader Donald Tusk said on Tuesday reports that the government spied on its opponents represented the country’s biggest “crisis for democracy” since the end of communism.

A cybersecurity watchdog last week said the Pegasus spyware had been used to target prominent opposition figures, with Polish media dubbing the scandal a “Polish Watergate”.

Continue reading...
28 December 2021

2021 Wants Another Chance (A Lighter-Side Year in Review)

2021 Wants Another Chance (A Lighter-Side Year in Review) The year wasn't ALL bad news. These sometimes cringe-worthy/sometimes laughable cybersecurity and other technology stories offer schadenfreude and WTF opportunities, and some giggles.
28 December 2021

Global Cyberattacks from Nation-State Actors Posing Greater Threats

Global Cyberattacks from Nation-State Actors Posing Greater Threats Casey Ellis, CTO at Bugcrowd, outlines how international relations have deteriorated into a new sort of Cold War, with espionage playing out in the cyber-domain. 
27 December 2021

The 5 Most-Wanted Threatpost Stories of 2021

The 5 Most-Wanted Threatpost Stories of 2021 A look back at what was hot with readers in this second year of the pandemic.
27 December 2021

2021 in review: The biggest cybersecurity stories of the year

As we close out another year like no other, let's look back at some of the most notable cybersecurity stories that shaped 2021

The post 2021 in review: The biggest cybersecurity stories of the year appeared first on WeLiveSecurity

27 December 2021

4-Year-Old Microsoft Azure Zero-Day Exposes Web App Source Code

4-Year-Old Microsoft Azure Zero-Day Exposes Web App Source Code The security vulnerability could expose passwords and access tokens, along with blueprints for internal infrastructure and finding software vulnerabilities.
23 December 2021

Telegram Abused to Steal Crypto-Wallet Credentials

Telegram Abused to Steal Crypto-Wallet Credentials Attackers use the Telegram handle “Smokes Night” to spread the malicious Echelon infostealer, which steals credentials for cryptocurrency and other user accounts, researchers said.
23 December 2021

‘Spider-Man: No Way Home’ Download Installs Cryptominer

‘Spider-Man: No Way Home’ Download Installs Cryptominer The origin of the Monero cryptominer file has been traced to a Russian torrent website, researchers report.
23 December 2021

PYSA Emerges as Top Ransomware Actor in November

PYSA Emerges as Top Ransomware Actor in November Overtaking the Conti ransomware gang, PYSA finds success with government-sector attacks.
22 December 2021

All in One SEO Plugin Bug Threatens 3M Websites with Takeovers

All in One SEO Plugin Bug Threatens 3M Websites with Takeovers A critical privilege-escalation vulnerability could lead to backdoors for admin access nesting in web servers.
22 December 2021