Cybersecurity News
Backdoor malware is being spread through fake security certificate alerts
Victims of this new technique are invited to install a malicious "security certificate update" when they visit compromised websites.Trump, Sanders Are the Top Brands for Cybercriminals
An analysis of spam subject lines and malicious domains shows that attackers have been betting on Trump and Sanders to snag public interest.
Trump, Sanders Are the Top Brands for Cybercriminals
An analysis of spam subject lines and malicious domains shows that attackers have been betting on Trump and Sanders to snag public interest.
Let’s Encrypt Pushes Back Deadline to Revoke Some TLS Certificates
While 1.7 million of the certificates potentially affected by a CAA bug have already been replaced, around 1 million are still active.
Guildma: The Devil drives electric
The fourth installment of our occasional series demystifying Latin American banking trojans
The post Guildma: The Devil drives electric appeared first on WeLiveSecurity
Chinese hackers use decade-old Bisonal Trojan in cyberespionage campaigns
The RAT’s core functions remain the same but it is unusual that the malware has been rehashed over so many years.Ryuk ransomware hits Fortune 500 company EMCOR
Company expects the incident to have an impact on its 2020 earnings, according to its 2019 Q4 financial report.Malicious Chrome extension caught stealing Ledger wallet recovery seeds
A Chrome extension named Ledger Live was exposed today as malicious. It is currently heavily promoted via Google search ads.Let's Encrypt Revokes Over 3 Million of Its Digital Certs
Domain validation glitch prompts an abrupt decision.Browsers to block access to HTTPS sites using TLS 1.0 and 1.1 starting this month
More than 850,000 websites still use outdated TLS 1.0 and 1.1 protocols.Most Cyberattacks in 2019 Were Waged Without Malware
If the "malware-free" attack trajectory continues, it could mean major trouble for defenders, according to experts from CrowdStrike and other security companies.PCI SSC Statement on COVID-19
PCI SSC is aware of the unprecedented situation caused by the spread of COVID-19. As circumstances evolve, questions have arisen surrounding a variety of issues, including the impact on assessments and trainings. We are actively monitoring the developments and collaborating with our stakeholders and community on response and needed guidance. We have established this webpage for all updates, so please be sure to check regularly as this is a constantly evolving situation.
CISOs Who Want a Seat at the DevOps Table Better Bring Value
Here are four ways to make inroads with the DevOps team -- before it's too late.Critical Netgear Bug Impacts Flagship Nighthawk Router
Dozens of routers are patched by Netgear as it snuffs out critical, high and medium severity flaws.
Microsoft OneNote Used To Sidestep Phishing Detection
A recent phishing campaign used OneNote to distribute the Agent Tesla keylogger.
EternalBlue Longevity Underscores Patching Problem
Three years after the Shadow Brokers published zero-day exploits stolen from the National Security Agency, the SMB compromise continues to be a popular Internet attack.The Perfect Travel Security Policy for a Globe-Trotting Laptop
There are many challenges to safely carrying data and equipment on international travels, but the right policy can make navigating the challenges easier and more successful.
Fraud Prevention Month: How to protect yourself from scams
ESET Chief Security Evangelist Tony Anscombe sat down with us to share his insights on how to avoid falling prey to online fraud
The post Fraud Prevention Month: How to protect yourself from scams appeared first on WeLiveSecurity
Loyalty Cards Targeted in Tesco Clubcard Attack
Around 600,000 of the supermarket's 12 million loyalty program members have been warned about a cyberattack.