Cybersecurity News
Unproven Coronavirus Therapy Proves Cash Cow for Shadow Pharmacies
Many of the same shadowy organizations that pay people to promote male erectile dysfunction drugs via spam and hacked websites recently have enjoyed a surge in demand for medicines used to fight malaria, lupus and arthritis, thanks largely to unfounded suggestions that these therapies can help fight the COVID-19 pandemic. A review of the sales figures from some of the top pharmacy affiliate programs suggests sales of drugs containing hydroxychloroquine rivaled that of their primary product -- generic Viagra and Cialis -- and that this as-yet-unproven Coronavirus treatment accounted for as much as 25 to 30 percent of all sales over the past month.24 April 2020
Sextortion Campaigns Net Cybercriminals Nearly $500K in Five Months
Tracking the cryptocurrency paid by victims finds that, even with a low rate of payout, the scheme netted a cool half million for the various groups involved.24 April 2020
Facebook-NSO lawsuit: Hundreds of WhatsApp attacks linked to one IP address
Facebook fights to keep the lawsuit on track after NSO filed a motion to dismiss the case earlier this month.24 April 2020
Narrow the Scope of Compliance
Many organizations are doing more than they need regarding compliance.24 April 2020
Nintendo Confirms Breach of 160,000 Accounts

24 April 2020
Week in security with Tony Anscombe
ESET research into vulnerabilities in smart home hubs – Discovering and disrupting a botnet in Latin America – Digital assistants in the work-from-home era
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
24 April 2020
Apple Pushes Back Against Zero-Day Exploit Claims

24 April 2020
Nintendo says 160,000 users impacted in recent account hacks
Nintendo disconnects NNID legacy login system from main Nintendo profiles after massive account hijacking campaign.24 April 2020
Apple disputes recent iOS zero-day claim
Apple says it "thoroughly investigated" a recent report about three iOS Mail bugs but "found no evidence they were used against customers."24 April 2020
Stuck at home, UK lockdown DIY fans slammed with Robert Dyas data breach
The hardware store is the latest victim of card-skimmer malware.24 April 2020
Google will now demand online advertisers provide proof of identity and location
The company is clamping down on fake content and scams by expanding checks previously reserved for political advertising.24 April 2020
Why Consumers, SMBs Are Likely to Fall for Coronavirus Scams
Data reveals both a lack of skepticism and a willingness to engage with emails crafted to seem like government communications.23 April 2020
Paay Misconfiguration Leaves Transaction Data Exposed
The New York-based credit-card processor left a server without password protection for approximately three weeks.23 April 2020
RIPE opposes China's internet protocols upgrade plan
RIPE speaks out against China and Huawei's "New IP" internet upgrade plan, says internet standards should be left to the IETF, not the UN.23 April 2020
How the Dark Web Fuels Insider Threats
New decentralized, criminal marketplaces and "as-a-service" offerings make it easy for employees to monetize their knowledge and access to enterprise networks and systems.23 April 2020
Communication, Cloud & Finance Apps Most Vulnerable to Insider Threat
Businesses say customer data, financial data, and intellectual property are the types of data most vulnerable to insider attacks.23 April 2020
Resiliency: The Trait National Sporting Leagues Share with Security & IT Teams
During unprecedented times such as these, both businesses and professional sports are forced to go back to basics.23 April 2020
iOS Mail app flaws may have left iPhone users vulnerable for years
A pair of vulnerabilities in the default email app on iOS devices is believed to have been exploited against high-profile targets
The post iOS Mail app flaws may have left iPhone users vulnerable for years appeared first on WeLiveSecurity
23 April 2020
Valve Confirms CS:GO, Team Fortress 2 Source-Code Leak

23 April 2020
When in Doubt: Hang Up, Look Up, & Call Back
Many security-conscious people probably think they'd never fall for a phone-based phishing scam. But if your response to such a scam involves anything other than hanging up and calling back the entity that claims to be calling, you may be in for a rude awakening. Here's how one security and tech-savvy reader got taken for more than $10,000 in an elaborate, weeks-long ruse.23 April 2020