Cybersecurity News


Hackers are targeting UK universities to steal coronavirus research, NCSC warns

State-sponsored hackers from Russia, Iran, and China are suspected.
04 May 2020

CursedChrome turns your browser into a hacker's proxy

CursedChrome shows how hackers can take full control over your Chrome browser using just one extension.
03 May 2020

Ghost blogging platform servers hacked and infected with crypto-miner

Ghost platform got hacked via the same vulnerability that allowed hackers to breach LineageOS servers hours before.
03 May 2020

Hackers breach LineageOS servers via unpatched vulnerability

LineageOS source code, OS builds, and signing keys were unaffected, developers said.
03 May 2020

UK NCSC to stop using 'whitelist' and 'blacklist' due to racial stereotyping

UK cyber-security agency to use "allow list" and "deny list" on its website, going forward.
02 May 2020

Hacker leaks 15 million records from Tokopedia, Indonesia's largest online store

The Tokopedia data has been published on a well-known hacking forum.
02 May 2020

Upgraded Cerberus Spyware Spreads Rapidly via MDM

Upgraded Cerberus Spyware Spreads Rapidly via MDM No longer a simple Android banker, Cerberus is now a full-fledged RAT that can take complete control of devices and automatically spread via mobile device management servers.
01 May 2020

Fake Microsoft Teams Emails Phish for Credentials

Employees belonging to organizations in industries such as energy, retail, and hospitality have been recipients, Abnormal Security says.
01 May 2020

DHS CISA Launches Site for Teleworking Security

The new website is intended to be a one-stop source for information on securing teleworkers and their employers.
01 May 2020

Trump bans acquisition of foreign power grid equipment, citing hacking threats

White House says foreign-made equipment "augments the ability of foreign adversaries to create and exploit vulnerabilities" in the US power grid.
01 May 2020

Name That Toon: The Lights Are On ...

Name That Toon: The Lights Are On ... Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
01 May 2020

News Wrap: Microsoft Sway Phish, Malicious GIF and Spyware Attacks

News Wrap: Microsoft Sway Phish, Malicious GIF and Spyware Attacks Threatpost editors discuss a phishing attack abusing Microsoft Sway, a Microsoft Teams flaw and an Android spyware campaign unearthed this week.
01 May 2020

Best Practices for Managing a Remote SOC

Experts share what it takes to get your security analysts effectively countering threats from their home offices.
01 May 2020

Microsoft Teams Impersonation Attacks Flood Inboxes

Microsoft Teams Impersonation Attacks Flood Inboxes Two separate attacks have targeted as many as 50,000 different Teams users, with the goal of phishing Office 365 logins.
01 May 2020

Week in security with Tony Anscombe

ESET's new Threat Report is out – Another deep dive into Latin American banking trojans – More coronavirus-themed scams

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

01 May 2020

Apple Makes It Easier to Unlock iPhone While Wearing a Mask

The beta release of iOS 13.5 brings an updated FaceID so that users wearing masks can bypass facial recognition and unlock their phone with a code.
01 May 2020

New Firefox service will generate unique email aliases to enter in online forms

Firefox Private Relay add-on to help users safeguard their email addresses from spammers.
01 May 2020

Industrial Networks' Newest Threat: Remote Users

We know remote working isn't going away anytime soon, so it's crucial we be extra vigilant about security for industrial networks and critical infrastructure.
01 May 2020

TrickBot Attack Exploits COVID-19 Fears with DocuSign-Themed Ploy

TrickBot Attack Exploits COVID-19 Fears with DocuSign-Themed Ploy Threat actors are spreading the tricky trojan through fake messages in another opportunistic COVID-19-related campaign, said IBM X-Force.
01 May 2020

Oracle warns of attacks against recently patched WebLogic security bug

Oracle patched the bug last month but attacks began after proof-of-concept code was published on GitHub.
01 May 2020