Cybersecurity News


DarkHotel hackers use VPN zero-day to breach Chinese government agencies

Targets included government agencies in Beijing and Shanghai and Chinese diplomatic missions abroad.
06 April 2020

Russian telco hijacks internet traffic for Google, AWS, Cloudflare, and others

Rostelecom involved in two BGP hijacking incidents this week impacting more than 200 CDNs and cloud providers.
05 April 2020

Docker servers targeted by new Kinsing malware campaign

Hackers breach Docker clusters via administrative API ports left exposed online without a password.
04 April 2020

Firefox Zero-Day Flaws Exploited in the Wild Get Patched

Firefox Zero-Day Flaws Exploited in the Wild Get Patched Mozilla Foundation rushes patches to fix bugs in its browser that could allow for remote code execution.
04 April 2020

12k+ Android apps contain master passwords, secret access keys, secret commands

Comprehensive academic study finds hidden backdoor-like behavior in 6,800 Play Store apps, 1,000 apps from third-party app stores, and almost 4,800 apps pre-installed on user devices.
04 April 2020

DOJ says Zoom-bombing is a crime

DOJ officials say Zoom-bombing raids could lead to arrests, fines, and even prison sentences.
03 April 2020

Google rolls back Chrome privacy feature due to COVID-19

Google disables SameSite cookie support to prevent any unforseen breakage to sites during the coronavirus outbreak.
03 April 2020

Firefox gets fixes for two zero-days exploited in the wild

Mozilla releases Firefox 74.0.1 to patch two bugs exploited by hackers.
03 April 2020

Week in security with Tony Anscombe

Staying safe from coronavirus-themed scams – Securing remote desktop connections – The security risks of videoconferencing

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

03 April 2020

Zoom’s privacy and security woes in the spotlight

The company goes straight from basking in the glow of its near-overnight success to launching an all‑out effort to fix its privacy and security issues

The post Zoom’s privacy and security woes in the spotlight appeared first on WeLiveSecurity

03 April 2020

Researcher Hijacks iOS, macOS Camera with Three Safari Zero-Days

A security researcher earned $75,000 for finding a whopping seven zero-days in Safari, three of which can be combined to access the camera.
03 April 2020

5 Soothing Security Products We Wish Existed

5 Soothing Security Products We Wish Existed Maybe security alert fatigue wouldn't be so bad if the alerts themselves delivered less stress and more aromatherapy.
03 April 2020

Self-Propagating Malware Targets Thousands of Docker Ports Per Day

Self-Propagating Malware Targets Thousands of Docker Ports Per Day A Bitcoin-mining campaign using the Kinsing malware is spreading quickly thanks to cloud-container misconfigurations.
03 April 2020

Cloud Providers, CDNs Team Up to Battle Internet Routing Attacks

Cloud Providers, CDNs Team Up to Battle Internet Routing Attacks A group of CDNs and cloud providers are joining in on a fight against common internet routing attacks.
03 April 2020

FBI Warns Education & Remote Work Platforms About Cyberattacks

The FBI expects attackers will target virtual environments as more organizations rely on them as a result of the COVID-19 pandemic.
03 April 2020

This is Not Your Father's Ransomware

This is Not Your Father's Ransomware Ransomware operators are aiming for bigger targets and hitting below the belt. With doxing and extortion threats added to the mix, ransomware is evolving into something even more sinister.
03 April 2020

Want to Improve Cloud Security? It Starts with Logging

Remedying the "garbage in, garbage out" problem requires an understanding of what is causing the problem in the first place.
03 April 2020

Web skimming attacks did not see a big spike during COVID-19 quarantines

However, experts expect to see an increase in web skimming attacks going forward.
03 April 2020

Spearphishing Campaign Exploits COVID-19 To Spread Lokibot Infostealer

Spearphishing Campaign Exploits COVID-19 To Spread Lokibot Infostealer The attack discovered uses World Health Organization trademark to lure users with info related to coronavirus.
03 April 2020