Cybersecurity News
Almost a million WordPress websites targeted in massive campaign
An unknown threat actor is exploiting vulnerabilities in plugins for which patches have been available for months, or even years
The post Almost a million WordPress websites targeted in massive campaign appeared first on WeLiveSecurity
Samsung patches 0-click vulnerability impacting all smartphones sold since 2014
Samsung patched this month a critical bug discovered by Google security researchers.The Guardian view on an NHS coronavirus app: it must do no harm | Editorial
Smartphones can be used to digitally trace Covid-19. But not if the public don’t download an app over privacy fears – or find it won’t work on their device
The idea of the NHS tracing app is to enable smartphones to track users and tell them whether they interacted with someone who had Covid-19. Yet this will work only if large proportions of the population download the app. No matter how smart a solution may appear, mass consent is required. That will not be easy. Ministers and officials have failed to address the trade-offs between health and privacy by being ambiguous about the app’s safeguards.
Instead of offering cast-iron guarantees about the length of time for which data would be held; who can access it; and the level of anonymity afforded, we have had opacity and obfuscation. It is true that we are dealing with uncertainties. But without absolute clarity about privacy the public is unlikely to take up the app with the appropriate gusto.
Continue reading...The Price of Fame? Celebrities Face Unique Hacking Threats
Hackers are hitting the sports industry hard on social media and luring quarantined consumers with offers of free streaming services, a new report shows.
When Achieving Deadpool Status Is a Good Thing
It means attackers have been met with sufficient resistance that it's no longer worth their trouble and have moved on
The Price of Fame? Celebrities Face Unique Hacking Threats
Hackers are hitting the sports industry hard on social media and luring quarantined consumers with offers of free streaming services, a new report shows.
Microsoft Shells Out $100K for IoT Security
A three-month Azure Sphere bug-bounty challenge will offer top rewards for compromising Pluton or Secure World within Microsoft's IoT security suite.
Hackers hide web skimmer behind a website's favicon
Hackers created a fake image-hosting portal to hide a web skimming operation.Ransomware Attack Takes Down Toll Group Systems, Again
Australian transportation company Toll Group has been hit by the Nefilim ransomware, causing customers to experience delays.
Is CVSS the Right Standard for Prioritization?
More than 55% of open source vulnerabilities are rated high or critical. To truly understand a vulnerability and how it might affect an organization or product, we need much more than a number.
Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware
Fresenius, Europe's largest private hospital operator and a major provider of dialysis products and services that are in such high demand thanks to the COVID-19 pandemic, has been hit in a ransomware cyber attack on its technology systems. The company said the incident has limited some of its operations, but that patient care continues.Attackers Claim Identity of Financial NGO to Steal Sharepoint, Office Credentials
Investment brokers are the target of a new wave of socially engineered phishing attacks, warns FINRA.