Cybersecurity News


Real Big Phish: Mobile Phishing & Managing User Fallibility

Real Big Phish: Mobile Phishing & Managing User Fallibility Phishing is more successful than ever. Daniel Spicer, CSO of Ivanti, discusses emerging trends in phishing, and using zero-trust security to patch the human vulnerabilities underpinning the spike.
14 January 2022

Critical Cisco Contact Center Bug Threatens Customer-Service Havoc

Critical Cisco Contact Center Bug Threatens Customer-Service Havoc Attackers could access and modify agent resources, telephone queues and other customer-service systems – and access personal information on companies’ customers.
14 January 2022

‘Be Afraid:’ Massive Cyberattack Downs Ukrainian Gov’t Sites

‘Be Afraid:’ Massive Cyberattack Downs Ukrainian Gov’t Sites As Moscow moves troops and threatens military action, about 70 Ukrainian government sites were hit. “Be afraid” was scrawled on the Foreign Ministry site.
14 January 2022

Russian Security Takes Down REvil Ransomware Gang

Russian Security Takes Down REvil Ransomware Gang The country's FSB said that it raided gang hideouts; seized currency, cars and personnel; and neutralized REvil's infrastructure.
14 January 2022

Three Plugins with Same Bug Put 84K WordPress Sites at Risk

Three Plugins with Same Bug Put 84K WordPress Sites at Risk Researchers discovered vulnerabilities that can allow for full site takeover in login and e-commerce add-ons for the popular website-building platform.
14 January 2022

Week in security with Tony Anscombe

How malware exploits security flaws in kernel drivers – Watch out for cryptocurrency scams – Why loyalty accounts are a target for criminals

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

14 January 2022

Cold calling 02 scam artists are offering 40% plan discounts, free phone contracts for your security code

They don't seem to like it when you call them out, though.
14 January 2022

Dark web carding platform UniCC shuts up shop after making millions

The operators have apparently made enough to keep them happy in retirement.
14 January 2022

SnatchCrypto campaign plants backdoors in crypto startups, DeFi, blockchain networks

Malware is used to find and empty cryptocurrency wallets at victim organizations.
14 January 2022

Microsoft Yanks Buggy Windows Server Updates

Microsoft Yanks Buggy Windows Server Updates Since their release on Patch Tuesday, the updates have been breaking Windows, causing spontaneous boot loops on Windows domain controller servers, breaking Hyper-V and making ReFS volume systems unavailable.
13 January 2022

North Korean APTs Stole ~$400M in Crypto in 2021

North Korean APTs Stole ~$400M in Crypto in 2021 Meanwhile, EtherumMax got sued over an alleged pump-and-dump scam after using celebs like Floyd Mayweather Jr. & Kim Kardashian to promote EMAX Tokens.
13 January 2022

US Military Ties Prolific MuddyWater Cyberespionage APT to Iran

US Military Ties Prolific MuddyWater Cyberespionage APT to Iran US Cyber Command linked the group to Iranian intelligence and detailed its multi-pronged, increasingly sophisticated suite of malware tools.
13 January 2022

New GootLoader Campaign Targets Accounting, Law Firms

New GootLoader Campaign Targets Accounting, Law Firms GootLoader hijacks WordPress sites to lure professionals to download malicious sample contract templates.
13 January 2022

Adobe Cloud Abused to Steal Office 365, Gmail Credentials

Adobe Cloud Abused to Steal Office 365, Gmail Credentials Threat actors are creating accounts within the Adobe Cloud suite and sending images and PDFs that appear legitimate to target Office 365 and Gmail users, researchers from Avanan discovered.
13 January 2022

Ransomware locks down prison, knocks systems offline

Inmates were confined to their cells as a result of the cyberattack.
13 January 2022

UK jails man for spying on kids, adults with Remote Access Trojans

Malware was used to take explicit photos and videos.
13 January 2022

Making loyalty pay: How to keep your loyalty rewards safe from scammers

Is loyalty fraud on your radar? Here's why your hard-earned reward points and air miles may be easy pickings for cybercriminals.

The post Making loyalty pay: How to keep your loyalty rewards safe from scammers appeared first on WeLiveSecurity

13 January 2022

Fingers point to Lazarus, Cobalt, FIN7 as key hacking groups attacking finance industry

A deep dive into threats against this sector reveals the top threats organizations should keep in mind.
13 January 2022

Widespread, Easily Exploitable Windows RDP Bug Opens Users to Data Theft

Widespread, Easily Exploitable Windows RDP Bug Opens Users to Data Theft Most Windows versions are at risk of remote, unprivileged attackers abusing RDP from the inside to hijack smart cards and get unauthorized file system access.
12 January 2022

Amazon, Azure Clouds Host RAT-ty Trio in Infostealing Campaign

Amazon, Azure Clouds Host RAT-ty Trio in Infostealing Campaign A cloudy campaign delivers commodity remote-access trojans to steal information and execute code.
12 January 2022