Cybersecurity News
On the three-year anniversary of WannaCry, US exposes new North Korean malware
US cyber-security officials expose today three new North Korean malware strains named COPPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH.12 May 2020
A-List Celebrity Law Firm Confirms Cyberattack
Attackers claim to steal 756GB of data from Grubman Shire Meiselas & Sacks, which includes Madonna and Lady Gaga among its clients.12 May 2020
WordPress Page Builder Plugin Bugs Threaten 1 Million Sites with Full Takeover
Severe CSRF to XSS bugs open the door to code execution and complete website compromise.
12 May 2020
Adobe Kills 16 Critical Flaws in Acrobat and Reader, Digital Negative SDK
Adobe patched 36 flaws, including critical vulnerabilities in Acrobat and Reader and its DNG Software Development Kit.
12 May 2020
Coronavirus, Data Privacy & the New Online Social Contract
How governments can protect personal privacy in contact tracing while saving peoples' lives12 May 2020
Chatbooks Confirms Breach After ‘Shiny Hunters’ Sell Data
Photo print service Chatbooks has disclosed a data breach after customers' emails, passwords and more were listed for sale on underground forums.
12 May 2020
Anubis Malware Upgrade Logs When Victims Look at Their Screens
Threat actors are cooking up new features for the sophisticated banking trojan that targets Google Android apps and devices.
12 May 2020
WannaCryptor remains a global threat three years on
WannaCryptor is still alive and kicking, so much so that it sits atop the list of the most commonly detected ransomware families
The post WannaCryptor remains a global threat three years on appeared first on WeLiveSecurity
12 May 2020
6 Free Cybersecurity Training and Awareness Courses
Most are designed to help organizations address teleworking risks related to COVID-19 scams.
12 May 2020
Texas courts slammed by ransomware attack
Officials say they will not bow to any blackmail or ransom demands.12 May 2020
WordPress plugin Page Builder by SiteOrigin patched against code execution attacks
The vulnerabilities impacted over one million websites.12 May 2020
Lukas Stefanko: How we fought off a DDoS attack from a mobile botnet
Hot on the heels of his research into an attack that attempted to take down ESET’s website, Lukas Stefanko sheds more light on threats posed by mobile botnets
The post Lukas Stefanko: How we fought off a DDoS attack from a mobile botnet appeared first on WeLiveSecurity
12 May 2020
Android app promised to serve news updates, served ESET with a DDoS attack instead
The app managed to slither into Google Play and was downloaded at least 50,000 times.12 May 2020
Astaroth malware hides command servers in YouTube channel descriptions
Astaroth continues to evolve into a dangerous threat. Luckily, it's only spreading in Brazil only, right now.12 May 2020
Thunderbolt Vulnerabilities Could Threaten Millions of PCs
Attackers with physical access to targeted machines could exploit these flaws to access and copy data within minutes, researchers say.11 May 2020
Astaroth’s New Evasion Tactics Make It ‘Painful to Analyze’
The infostealer has gone above and beyond in its new anti-analysis and obfuscation tactics.
11 May 2020
Unpatched Bugs in Oracle iPlanet Opens Door to Info-Disclosure, Injection
CVE-2020-9315 and CVE-2020-9314 in iPlanet version 7 will not receive patches.
11 May 2020
Data Breaches Declined in Q1 2020 Over Q1 2019 -- Or Did They?
Numbers are down, but that may only be because organizations have been too busy fighting COVID-19-related cyberthreats to notice compromises, Risk Based Security says.11 May 2020
Iran reports failed cyber-attack on Strait of Hormuz port
Iranian officials said hackers infiltrated and damaged a small number of computers at the port of Shahid Rajaei in the city of Bandar Abbas.11 May 2020
Researchers Analyze Oracle WebLogic Flaw Under Attack
Trend Micro researchers explain how attackers bypassed the patch for a deserialization vulnerability in the Oracle WebLogic Server.11 May 2020