Cybersecurity News


REvil Affiliates Arrested; DOJ Seizes $6.1M in Ransom

REvil Affiliates Arrested; DOJ Seizes $6.1M in Ransom The U.S. is seeking the extradition of a Ukrainian man, Yaroslav Vasinskyi, whom they suspect is behind the Kaseya supply-chain attacks and other REvil attacks.
08 November 2021

DDoS Attacks Shatter Records in Q3, Report Finds  

DDoS Attacks Shatter Records in Q3, Report Finds   Q3 DDoS attacks topped thousands daily, with more growth expected.
08 November 2021

Zebra2104 Initial Access Broker Supports Rival Malware Gangs, APTs

Zebra2104 Initial Access Broker Supports Rival Malware Gangs, APTs Researchers have uncovered a large, tangled web of infrastructure being used to enable a wide variety of cyberattacks.
08 November 2021

Zoho Password Manager Flaw Torched by Godzilla Webshell

Zoho Password Manager Flaw Torched by Godzilla Webshell A new campaign is prying apart a known security vulnerability in the Zoho ManageEngine ADSelfService Plus password manager, researchers warned over the weekend. The threat actors have managed to exploit the Zoho weakness in at least nine global entities across critical sectors so far (technology, defense, healthcare, energy and education), deploying the Godzilla webshell and […]
08 November 2021

Hacking of activists is latest in long line of cyber-attacks on Palestinians

Hacking of activists is latest in long line of cyber-attacks on Palestinians

Analysis: while identity of hackers is not known in this case, Palestinians have long been spied on by Israeli military

The disclosure that Palestinian human rights defenders were reportedly hacked using NSO’s Pegasus spyware will come as little surprise to two groups of people: Palestinians themselves and the Israeli military and intelligence cyber operatives who have long spied on Palestinians.

While it is not known who was responsible for the hacking in this instance, what is very well documented is the role of the Israeli military’s 8200 cyberwarfare unit – known in Hebrew as the Yehida Shmoneh-Matayim – in the widespread spying on Palestinian society.

Continue reading...
08 November 2021

Be On Alert This Holiday Season

 

In this blog we explore the challenges around security of payment data during the hectic holiday season and provide tips and best practices to help retailers better secure their payment data.

08 November 2021

Passwordless authentication: Is your company ready to move beyond passwords?

Are the days numbered for ‘123456’? As Microsoft further nudges the world away from passwords, here’s what your organization should consider before going password-free.

The post Passwordless authentication: Is your company ready to move beyond passwords? appeared first on WeLiveSecurity

08 November 2021

Passwordless authentication: Is your company ready to move beyond passwords?

Are the days numbered for ‘123456’? As Microsoft further nudges the world away from passwords, here’s what your organization should consider before going password-free.

The post Passwordless authentication: Is your company ready to move beyond passwords? appeared first on WeLiveSecurity

08 November 2021

Cybersecurity firms provide threat intel for Clop ransomware group arrests

The crackdown was codenamed Operation Cyclone.
08 November 2021

Native Tribal Casinos Taking Millions in Ransomware Losses

Native Tribal Casinos Taking Millions in Ransomware Losses An FBI notification is warning of an uptick in attacks against tribal casinos.
05 November 2021

BrakTooth Bluetooth Bugs Bite: Exploit Code, PoC Released

BrakTooth Bluetooth Bugs Bite: Exploit Code, PoC Released CISA is urging vendors to patch, given the release of public exploit code & a proof of concept tool for bugs that open billions of devices – phones, PCs, toys, etc. – to DoS & code execution.
05 November 2021

Beyond the Basics: Tips for Building Advanced Ransomware Resiliency

Beyond the Basics: Tips for Building Advanced Ransomware Resiliency Joseph Carson, chief security scientist and advisory CISO at ThycoticCentrify, offers advice on least privilege, automation, application control and more.
05 November 2021

Google Ads for Faux Cryptowallets Net Scammers At Least $500K

Google Ads for Faux Cryptowallets Net Scammers At Least $500K Malicious Phantom, MetaMask cryptowallets are on the prowl to drain victim funds. 
05 November 2021

Proofpoint Phish Harvests Microsoft O365, Google Logins

Proofpoint Phish Harvests Microsoft O365, Google Logins A savvy campaign impersonating the cybersecurity company skated past Microsoft email security.
05 November 2021

Week in security with Tony Anscombe

What's it like working as a malware researcher? – ProtonMail and the battle for email privacy – Man charged with hacking, trying to extort US sports leagues

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

05 November 2021

Week in security with Tony Anscombe

What's it like working as a malware researcher? – ProtonMail and the battle for email privacy – Man charged with hacking, trying to extort US sports leagues

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

05 November 2021

Feds Offer $10 Million Bounty for DarkSide Info

Feds Offer $10 Million Bounty for DarkSide Info The U.S. State Department ups the ante in its hunt for the ransomware perpetrators by offering a sizeable cash sum for locating and arresting leaders of the cybercriminal group.
05 November 2021

SSL certificate research highlights pitfalls for company data, competition

Analysis reveals hidden risks for organizations that do not monitor their certificate usage.
05 November 2021

US Blacklists Pegasus Spyware Maker

US Blacklists Pegasus Spyware Maker NSO Group plans to fight the trade ban, saying it's "dismayed" and clinging to the mantra that its tools actually help to prevent terrorism and crime.
04 November 2021

3 Guideposts for Building a Better Incident-Response Plan

3 Guideposts for Building a Better Incident-Response Plan Invest and practice: Grant Oviatt, director of incident-response engagements at Red Canary, lays out the key building blocks for effective IR.
04 November 2021