Cybersecurity News


Twitter Taps Mudge

Noted security researcher Peiter Zatko joins the social network as head of security.
16 November 2020

Citrix SD-WAN Bugs Allow Remote Code Execution

Citrix SD-WAN Bugs Allow Remote Code Execution The bugs tracked as CVE-2020–8271, CVE-2020–8272 and CVE-2020–8273 exist in the Citrix SD-WAN Center.
16 November 2020

New Zoom feature can alert room owners of possible Zoombombing disruptions

The new "At-Risk Meeting Notifier" Zoom feature scans the internet and alerts conference organizers when a link to their Zoom meeting has been posted online.
16 November 2020

Zoom Debuts New Tools to Fight Meeting Disruptions

Two new capabilities in version 5.4.3 let hosts and co-hosts pause Zoom meetings to remove and report disruptive attendees.
16 November 2020

Hacked Security Software Used in Novel South Korean Supply-Chain Attack

Hacked Security Software Used in Novel South Korean Supply-Chain Attack Lazarus Group is believed to be behind a spate of attacks that leverage stolen digital certificates tied to browser software that secures communication with government and financial websites in South Korea.
16 November 2020

Exposed Database Reveals 100K+ Compromised Facebook Accounts

Exposed Database Reveals 100K+ Compromised Facebook Accounts Cybercriminals left an ElasticSearch database exposed, revealing a global attack that compromised Facebook accounts and used them to scam others.
16 November 2020

A Call for Change in Physical Security

We're at an inflection point. The threats we face are dynamic, emerging, and global. Are you ready?
16 November 2020

The ransomware landscape is more crowded than you think

More than 25 Ransomware-as-a-Service (RaaS) portals are currently renting ransomware to other criminal groups.
16 November 2020

Cybercrime Moves to the Cloud to Accelerate Attacks Amid Data Glut

Cybercrime Moves to the Cloud to Accelerate Attacks Amid Data Glut A report on the underground economy finds that malicious actors are offering cloud-based troves of stolen data, accessible with handy tools to slice and dice what's on offer.
16 November 2020

Lazarus supply‑chain attack in South Korea

ESET researchers uncover a novel Lazarus supply-chain attack leveraging WIZVERA VeraPort software

The post Lazarus supply‑chain attack in South Korea appeared first on WeLiveSecurity

16 November 2020

Lazarus malware strikes South Korean supply chains

The malware is passing security checks through the abuse of stolen software certificates.
16 November 2020

Scams Ramp Up Ahead of Black Friday Cybercriminal Craze

Scams Ramp Up Ahead of Black Friday Cybercriminal Craze With more online shoppers this year due to COVID-19, cybercriminals are pulling the trigger on new scams ahead of Black Friday and Cyber Monday.
14 November 2020

Apple Issues Security Updates

Vulnerabilities found in three most recent versions of macOS.
13 November 2020

CISA Director Expects to Be Fired Following Secure Election

Top US cybersecurity leader Chris Krebs, who has been vocal about the security of this year's election, expects he'll be removed from his role.
13 November 2020

Amazon Sues Instagram, TikTok Influencers Over Knockoff Scam

Amazon Sues Instagram, TikTok Influencers Over Knockoff Scam 'Order This, Get This': Social-media influencers are in Amazon’s legal crosshairs for promoting generic Amazon listings with the promise to get prohibited counterfeit luxury items instead.
13 November 2020

Botnet Attackers Turn to Vulnerable IoT Devices

Botnet Attackers Turn to Vulnerable IoT Devices Cybercriminals are leveraging the multitudes of vulnerable connected devices with botnets that launch dangerous distributed denial-of-service (DDoS) attacks.
13 November 2020

Three COVID-19 Vaccine-Makers are Under Active Attack

Three COVID-19 Vaccine-Makers are Under Active Attack Three major APTs are involved in ongoing compromises at pharma and clinical organizations involved in COVID-19 research, Microsoft says.
13 November 2020

Self-Service Security for Developers Is the DevSecOps Brass Ring

DevOps teams with full security integration and self-service capabilities are 80% more likely to fix critical vulnerabilities in under a day, according to the ninth annual "State of DevOps Report."
13 November 2020

Ticketmaster Scores Hefty Fine Over 2018 Data Breach

Ticketmaster Scores Hefty Fine Over 2018 Data Breach The events giant faces a GDPR-related penalty in the U.K., and more could follow.
13 November 2020

Credential-Stuffing Attack Hits The North Face

Credential-Stuffing Attack Hits The North Face The North Face has reset an undisclosed number of customer accounts after detecting a credential-stuffing attack on its website.
13 November 2020