Cybersecurity News


Week in security with Tony Anscombe

New malware targeting organizations in Ukraine – How organizations can improve their cyber-resiliency – Scammers taking advantage of the crisis

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

04 March 2022

Free HermeticRansom Ransomware Decryptor Released

Free HermeticRansom Ransomware Decryptor Released Cruddy cryptography means victims whose files have been encrypted by the Ukraine-tormenting ransomware can break the chains without paying extortionists.
04 March 2022

These are the problems that cause headaches for bug bounty hunters

A researcher shares his thoughts on the challenges of responsible vulnerability disclosure.
04 March 2022

Emergency preparedness: How to disaster‑proof your tech

Here are a few tips that will help you get your ‘go bag’ ready if you have to leave at a moment’s notice and need your communications and data to survive

The post Emergency preparedness: How to disaster‑proof your tech appeared first on WeLiveSecurity

04 March 2022

Phishing Campaign Targeted Those Aiding Ukraine Refugees

Phishing Campaign Targeted Those Aiding Ukraine Refugees A military email address was used to distribute malicious email macros among EU personnel helping Ukrainians.
03 March 2022

Russia Leaks Data From a Thousand Cuts–Podcast

Russia Leaks Data From a Thousand Cuts–Podcast It’s not just Ukraine: There's a flood of intel on Russian military, nukes and crooks, says dark-web intel expert Vinny Troia, even with the Conti ransomware gang shuttering its leaking Jabber chat server.
03 March 2022

Securing Data With a Frenzied Remote Workforce–Podcast

Securing Data With a Frenzied Remote Workforce–Podcast Stock the liquor cabinet and take a shot whenever you hear GitLab Staff Security Researcher Mark Loveless say “Zero Trust.”
03 March 2022

US launches KleptoCapture force to tackle cryptocurrency use in Russian sanction avoidance

The DoJ says the team will target "efforts" to use cryptocurrency to circumvent sanctions or launder cash.
03 March 2022

ESET Research Podcast: Ukraine’s past and present cyberwar

Press play to hear Aryeh Goretsky, Jean-Ian Boutin and Robert Lipovsky discuss how recent malware attacks in Ukraine tie into years of cyberattacks against the country

The post ESET Research Podcast: Ukraine’s past and present cyberwar appeared first on WeLiveSecurity

03 March 2022

TeaBot Trojan Haunts Google Play Store, Again

TeaBot Trojan Haunts Google Play Store, Again Malicious Google Play apps have circumvented censorship by hiding trojans in software updates.
02 March 2022

Conti Ransomware Decryptor, TrickBot Source Code Leaked

Conti Ransomware Decryptor, TrickBot Source Code Leaked The decryptor spilled by ContiLeaks won’t work with recent victims. Conti couldn't care less: It's still operating just fine. Still, the dump is a bouquet’s worth of intel.
02 March 2022

Conti Ransomware Group Diaries, Part II: The Office

Earlier this week, a Ukrainian security researcher leaked almost two years’ worth of internal chat logs from Conti, one of the more rapacious and ruthless ransomware gangs in operation today. Tuesday’s story examined how Conti dealt with its own internal breaches and attacks from private security firms and governments. In Part II of this series we’ll explore what it’s like to work for Conti, as described by the Conti employees themselves.
02 March 2022

Ukraine government calls on Oracle, SAP for support

Mykhailo Fedorov has requested the severance of business relationships with Russia.
02 March 2022

Innovation and the Roots of Progress

If you look back at the long arc of history, it’s clear that one of the most crucial drivers of real progress in society is innovation

The post Innovation and the Roots of Progress appeared first on WeLiveSecurity

02 March 2022

TeaBot Android Banking Trojan continues its global conquest with new upgrades

The RAT has is now targeting over 400 applications.
02 March 2022

RCE Bugs in Hugely Popular VoIP Apps: Patch Now!

RCE Bugs in Hugely Popular VoIP Apps: Patch Now! The flaws are in the ubiquitous open-source PJSIP multimedia communication library, used by the Asterisk PBX toolkit that's found in a massive number of VoIP implementations.
01 March 2022

RCE Bugs in WhatsApp, Other Hugely Popular VoIP Apps: Patch Now!

RCE Bugs in WhatsApp, Other Hugely Popular VoIP Apps: Patch Now! The flaws are in the ubiquitous open-source PJSIP multimedia communication library, used by the Asterisk PBX toolkit that's found in a massive number of VoIP implementations.
01 March 2022

Conti Ransomware Group Diaries, Part I: Evasion

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti, an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. The chat logs offer a fascinating glimpse into the challenges of running a sprawling criminal enterprise with more than 100 salaried employees. The records also provide insight into how Conti has dealt with its own internal breaches and attacks from private security firms and foreign governments.
01 March 2022

Daxin Espionage Backdoor Ups the Ante on Chinese Malware

Daxin Espionage Backdoor Ups the Ante on Chinese Malware Via node-hopping, the espionage tool can reach computers that aren't even connected to the internet.
01 March 2022

Ukraine Hit with Novel ‘FoxBlade’ Trojan Hours Before Invasion

Ukraine Hit with Novel ‘FoxBlade’ Trojan Hours Before Invasion Microsoft detected cyberattacks launched against Ukraine hours before Russia’s tanks and missiles began to pummel the country last week.
01 March 2022