Cybersecurity News
Gaming, Banking Trojans Dominate Mobile Malware Scene
The overall number of attacks on mobile users is down, but they're getting slicker, both in terms of malware functionality and vectors, researchers say.
Cyberattackers Cook Up Employee Personal Data Heist for Meyer
The Conti gang breached the cookware giant's network, prepping thousands of employees’ personal data for consumption by cybercrooks.
Police use of Pegasus malware not illegal, Israeli inquiry finds
Police have been accused of spying on at least 26 individuals who are not criminal suspects
An inquiry into allegations that Israel’s police force systematically hacked into the mobile phones of Israeli citizens has found that while the police did use NSO Group’s controversial Pegasus malware, there is no evidence suggesting illegality.
In a series of explosive reports over the last two months, the local financial daily newspaper Calcalist accused the police of spying on at least 26 individuals who were not criminal suspects. Those named included politicians, protesters, and members of the former prime minister Benjamin Netanyahu’s inner circle – claims Netanyahu used to delay proceedings in his corruption trial.
Continue reading...Xenomorph Malware Burrows into Google Play Users, No Facehugger Required
Researchers discovered a new, modular banking trojan with ties to Cerberus and Alien that has the capability to become a much larger threat than it is now.
IRS: Selfies Now Optional, Biometric Data to Be Deleted
The U.S. Internal Revenue Service (IRS) said Monday that taxpayers are no longer required to provide facial scans to create an account online at irs.gov. In lieu of providing biometric data, taxpayers can now opt for a live video interview with ID.me, the privately-held Virginia company that runs the agency's identity proofing system. The IRS also said any biometric data already shared with ID.me would be permanently deleted over the next few weeks, and any biometric data provided for new signups will be destroyed after an account is created.Report: Missouri Governor’s Office Responsible for Teacher Data Leak
Missouri Governor Mike Parson made headlines last year when he vowed to criminally prosecute a journalist for reporting a security flaw in a state website that exposed personal information of more than 100,000 teachers. But Missouri prosecutors now say they… Read More »Teenage cybercrime: How to stop kids from taking the wrong path
It’s never too late to prevent children from being dragged to the dark side and to ensure their skills are a force for good
The post Teenage cybercrime: How to stop kids from taking the wrong path appeared first on WeLiveSecurity
Almost 100,000 new mobile banking Trojan strains detected in 2021
Mobile malware used to be relatively rare. Now, the focus has pivoted from PCs to our handsets.NFT Investors Lose $1.7M in OpenSea Phishing Attack
Attackers took advantage of a smart-contract migration to swindle 17 users.
NIST proposes model to assess cybersecurity investment strategies in network security
The larger the network, the larger the attack surface. Computational models may pinpoint the best places for investment.CISA publishes guide with free cybersecurity tools, resources for incident response
The resources can provide a foundation for dealing with the aftermath of cyberattacks.Scam artists swindle NFTs worth 'millions' in OpenSea phishing attack
The NFT platform is "working around the clock" to investigate.Integer overflow: How does it occur and how can it be prevented?
Make no mistake, counting on a computer is not as easy as it may seem. Here’s what happens when a number gets “too big”.
The post Integer overflow: How does it occur and how can it be prevented? appeared first on WeLiveSecurity
Week in security with Tony Anscombe
What does progress in technology mean? – IRS makes a U-turn on facial recognition but questions remain – What retailers need to know about cyberthreats
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
New Critical RCE Bug Found in Adobe Commerce, Magento
Adobe updated its recent out-of-band security advisory to add another critical bug, while researchers put out a PoC for the one it emergency-fixed last weekend.
Severe WordPress Plug-In UpdraftPlus Bug Threatens Backups
An oversight in a WordPress plug-in exposes PII and authentication data to malicious insiders.
Iranian State Broadcaster Clobbered by ‘Clumsy, Buggy’ Code
Researchers said a Jan. 27 attack that aired footage of opposition leaders calling for assassination of Iran’s Supreme Leader was a clumsy and unsophisticated wiper attack.
Thanks, dad: jammer used to stop kids going online, wipes out a town's internet by mistake
The -interesting- control method could lead to a hefty fine and jail time.New RCE flaw added to Adobe Commerce, Magento security advisory
Researchers have also been able to replicate the original security flaw.Baby Golang-Based Botnet Already Pulling in $3K/Month for Operators
Kraken has already spread like wildfire, but in the past few months, the malware's author has been tinkering away, adding more infostealers and backdoors.
