Cybersecurity News


Attacks on WordPress Sites Surge

Defiant says it observed a 30-fold increase in attacks in just the past few days.
06 May 2020

Lazarus Group Hides macOS Spyware in 2FA Application

Lazarus Group Hides macOS Spyware in 2FA Application The Dacls RAT has been ported from an existing Linux version.
06 May 2020

What is an 'Endpoint'?

What is an 'Endpoint'? Some companies' endpoint security strategies may now cover an ever-widening array of devices, as Dark Reading's latest State of Endpoint Security survey discovered.
06 May 2020

Financial Phishing Attacks Take Off, Malware Declines

In the past year, the number of digital threats increased by nearly half as phishing swamped malware to become the most dominant attack technique.
06 May 2020

Half of Companies Have Suffered a Cybersecurity Issue Amid COVID-19 Crisis

Survey shows 49% expect to experience a data breach or cybersecurity incident in the next month.
06 May 2020

Microsoft Reportedly in Talks to Acquire CyberX

CyberX was founded in 2013 and has raised $48 million to build its cybersecurity platform for IoT and industrial control systems.
06 May 2020

InfinityBlack Dismantled After Selling Millions of Credentials

InfinityBlack Dismantled After Selling Millions of Credentials In the Europol-led takedown, police shut down databases with more than 170 million entries.
06 May 2020

Almost a million WordPress websites targeted in massive campaign

An unknown threat actor is exploiting vulnerabilities in plugins for which patches have been available for months, or even years

The post Almost a million WordPress websites targeted in massive campaign appeared first on WeLiveSecurity

06 May 2020

Samsung patches 0-click vulnerability impacting all smartphones sold since 2014

Samsung patched this month a critical bug discovered by Google security researchers.
06 May 2020

The Guardian view on an NHS coronavirus app: it must do no harm | Editorial

The Guardian view on an NHS coronavirus app: it must do no harm | Editorial

Smartphones can be used to digitally trace Covid-19. But not if the public don’t download an app over privacy fears – or find it won’t work on their device

The idea of the NHS tracing app is to enable smartphones to track users and tell them whether they interacted with someone who had Covid-19. Yet this will work only if large proportions of the population download the app. No matter how smart a solution may appear, mass consent is required. That will not be easy. Ministers and officials have failed to address the trade-offs between health and privacy by being ambiguous about the app’s safeguards.

Instead of offering cast-iron guarantees about the length of time for which data would be held; who can access it; and the level of anonymity afforded, we have had opacity and obfuscation. It is true that we are dealing with uncertainties. But without absolute clarity about privacy the public is unlikely to take up the app with the appropriate gusto.

Continue reading...
06 May 2020

The Price of Fame? Celebrities Face Unique Hacking Threats

The Price of Fame? Celebrities Face Unique Hacking Threats Hackers are hitting the sports industry hard on social media and luring quarantined consumers with offers of free streaming services, a new report shows.
06 May 2020

When Achieving Deadpool Status Is a Good Thing

When Achieving Deadpool Status Is a Good Thing It means attackers have been met with sufficient resistance that it's no longer worth their trouble and have moved on
06 May 2020

The Price of Fame? Celebrities Face Unique Hacking Threats

The Price of Fame? Celebrities Face Unique Hacking Threats Hackers are hitting the sports industry hard on social media and luring quarantined consumers with offers of free streaming services, a new report shows.
06 May 2020

Microsoft Shells Out $100K for IoT Security

Microsoft Shells Out $100K for IoT Security A three-month Azure Sphere bug-bounty challenge will offer top rewards for compromising Pluton or Secure World within Microsoft's IoT security suite.
06 May 2020

Hackers hide web skimmer behind a website's favicon

Hackers created a fake image-hosting portal to hide a web skimming operation.
06 May 2020

Ransomware Attack Takes Down Toll Group Systems, Again

Ransomware Attack Takes Down Toll Group Systems, Again Australian transportation company Toll Group has been hit by the Nefilim ransomware, causing customers to experience delays.
06 May 2020

Is CVSS the Right Standard for Prioritization?

Is CVSS the Right Standard for Prioritization? More than 55% of open source vulnerabilities are rated high or critical. To truly understand a vulnerability and how it might affect an organization or product, we need much more than a number.
06 May 2020

Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware

Fresenius, Europe's largest private hospital operator and a major provider of dialysis products and services that are in such high demand thanks to the COVID-19 pandemic, has been hit in a ransomware cyber attack on its technology systems. The company said the incident has limited some of its operations, but that patient care continues.
06 May 2020

Attackers Claim Identity of Financial NGO to Steal Sharepoint, Office Credentials

Attackers Claim Identity of Financial NGO to Steal Sharepoint, Office Credentials Investment brokers are the target of a new wave of socially engineered phishing attacks, warns FINRA.
06 May 2020

Search provider Algolia discloses security incident due to Salt vulnerability

Algolia now joins the ranks of LineageOS, Ghost, Digicert, and Xen Orchestra.
06 May 2020