Cybersecurity News
Unpatched WordPress Plugin Code-Injection Bug Afflicts 50K Sites

05 February 2021
Spotify Hit With Another Credential-Stuffing Attack
This marks the second credential-stuffing attack to hit the streaming platform in the last few months.05 February 2021
Webdev tutorials site SitePoint discloses data breach
SitePoint admits data breach after one million user creds were sold on a hacking forum last December.05 February 2021
Security Researchers Push for 'Bug Bounty Program of Last Resort'
An international program that pays out hefty sums for the discovery of software vulnerabilities could spur greater scrutiny of applications and lead to better security.05 February 2021
Pro Tip: Don't Doubt Yourself

05 February 2021
Week in security with Tony Anscombe
ESET unearths a supply-chain attack against an Android emulator for PC and Mac – ESET research into malware targeting HPC clusters – How to prevent at least some zero-days
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
05 February 2021
Google Chrome Zero-Day Afflicts Windows, Mac Users

05 February 2021
Google Chrome sync feature can be abused for C&C and data exfiltration
A security researcher has found a malicious Chrome extension in the wild abusing the Chrome Sync process.05 February 2021
Ransomware Attacks Hit Major Utilities

05 February 2021
Cybercrime Goes Mainstream
Organized cybercrime is global in scale and the second-greatest risk over the next decade.05 February 2021
AI and APIs: The A+ Answers to Keeping Data Secure and Private

05 February 2021
Woman pleads guilty for using gov’t PC to steal photos of 'snitches' in Iowa
The photos were shared in a group dedicated to outing “law enforcement cooperators.”05 February 2021
Founder of cryptocurrency hedge funds charged over $90 million theft
Clients were allegedly lied to when they queried where their funds were being invested.05 February 2021
Plex Media servers are being abused for DDoS attacks
Cyber-security firm Netscout warns of new DDoS attack vector.05 February 2021
Google's Payout to Bug Hunters Hits New High
Over 660 researchers from 62 countries collected rewards for reporting bugs in Chrome, Android, and other Google technologies.04 February 2021
IBM Offers $3M in Grants to Defend Schools from Cyberattacks
The grants will be awarded to six school districts in the United States to help prepare for, and respond to, cyberattacks.04 February 2021
Google patches an actively exploited Chrome zero-day
Google Chrome 88.0.4324.150 released with a fix. Users advised to update.04 February 2021
Microsoft Says It's Time to Attack Your Machine-Learning Models
With access to some training data, Microsoft's red team recreated a machine-learning system and found sequences of requests that resulted in a denial-of-service.04 February 2021
Android Devices Prone to Botnet’s DDoS Onslaught

04 February 2021
Web Application Attacks Grow Reliant on Automated Tools
Attackers often use automation in fuzzing attacks, injection attacks, fake bots, and application DDoS attacks.04 February 2021