Cybersecurity News


Squid Game Crypto Scammers Rips Off Investors for Millions

Squid Game Crypto Scammers Rips Off Investors for Millions Anti-dumping code kept investors from selling SQUID while fraudsters cashed out.
02 November 2021

Ransomware Gangs Target Corporate Financial Activities

Ransomware Gangs Target Corporate Financial Activities The FBI is warning about a fresh extortion tactic: threatening to tank share prices for publicly held companies.
02 November 2021

Android Patches Actively Exploited Zero-Day Kernel Bug

Android Patches Actively Exploited Zero-Day Kernel Bug Google’s Android November 2021 security updates plug 18 flaws in the framework and system components and 18 more in the kernel and vendor components.
02 November 2021

Man charged with hacking major US sports leagues to illegally stream games

On top of illegally streaming sports games for profit, the man is also believed to have attempted to extort MLB for $150,000

The post Man charged with hacking major US sports leagues to illegally stream games appeared first on WeLiveSecurity

02 November 2021

Man charged with hacking major US sports leagues to illegally stream games

On top of illegally streaming sports games for profit, the man is also believed to have attempted to extort MLB for $150,000

The post Man charged with hacking major US sports leagues to illegally stream games appeared first on WeLiveSecurity

02 November 2021

Apple macOS Flaw Allows Kernel-Level Compromise

Apple macOS Flaw Allows Kernel-Level Compromise ‘Shrootless’ allows bypass of System Integrity Protection IT security measures to install a malicious rootkit that goes undetected and performs arbitrary device operations.
02 November 2021

The ‘Groove’ Ransomware Gang Was a Hoax

A number of publications in September warned about the emergence of "Groove," a new ransomware group that called on competing extortion gangs to unite in attacking U.S. government interests online. It now appears that Groove was all a big hoax designed to toy with security firms and journalists.
02 November 2021

Squid Game cryptocurrency creators pull the rug from under investors, steal millions

The coin has crashed in what appears to be an exit scam.
02 November 2021

Cybercriminals flog access to international shipping, logistics giants

The underground hosts initial access brokers with entry to companies key in global supply chains.
02 November 2021

Office 365 Phishing Campaign Uses Kaspersky’s Amazon SES Token

Office 365 Phishing Campaign Uses Kaspersky’s Amazon SES Token It's a legitimate access token, stolen from a third-party contractor, that lets the attackers send phishing emails from kaspersky.com email addresses.
01 November 2021

Pirate Sports Streamer Gets Busted, Pivots to MLB Extortion

Pirate Sports Streamer Gets Busted, Pivots to MLB Extortion An alleged sports content pirate is accused of not only hijacking leagues' streams but also threatening to tell reporters how he accessed their systems.
01 November 2021

‘Trojan Source’ Hides Invisible Bugs in Source Code

‘Trojan Source’ Hides Invisible Bugs in Source Code The old RLO trick of exploiting how Unicode handles script ordering and a related homoglyph attack can imperceptibly switch the real name of malware.
01 November 2021

‘Trojan Source’ Bug Threatens the Security of All Code

Virtually all compilers -- programs that transform human-readable source code into computer-executable machine code -- are vulnerable to an insidious attack in which an adversary can introduce targeted vulnerabilities into any software without being detected, new research released today warns. The vulnerability disclosure was coordinated with multiple organizations, some of whom are now releasing updates to address the security weakness.
01 November 2021

Google Chrome is Abused to Deliver Malware as ‘Legit’ Win 10 App

Google Chrome is Abused to Deliver Malware as ‘Legit’ Win 10 App Malware delivered via a compromised website on Chrome browsers can bypass User Account Controls to infect systems and steal sensitive data, such as credentials and cryptocurrency.
29 October 2021

Week in security with Tony Anscombe

ESET discovers Wslink – Why secure-by-design is a must – Staying cybersecure this Halloween and beyond – Operation Dark HunTOR

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

29 October 2021

Week in security with Tony Anscombe

ESET discovers Wslink – Why secure-by-design is a must – Staying cybersecure this Halloween and beyond – Operation Dark HunTOR

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

29 October 2021

All Sectors Are Now Prey as Cyber Threats Expand Targeting

All Sectors Are Now Prey as Cyber Threats Expand Targeting Aamir Lakhani, security researcher at Fortinet, says no sector is off limits these days: It's time for everyone to strengthen the kill chain.
28 October 2021

Suspected REvil Gang Insider Identified

Suspected REvil Gang Insider Identified German investigators have identified a deep-pocketed, big-spending Russian billionaire whom they suspect of being a core member of the REvil ransomware gang.
28 October 2021

Zales.com Leaked Customer Data, Just Like Sister Firms Jared, Kay Jewelers Did in 2018

In December 2018, bling vendor Signet Jewelers fixed a weakness in their Kay Jewelers and Jared websites that exposed the order information for all of their online customers. This week, Signet subsidiary Zales.com updated its website to remediate a nearly identical customer data exposure.
28 October 2021

EU’s Green Pass Vaccination ID Private Key Leaked

EU’s Green Pass Vaccination ID Private Key Leaked The private key used to sign the vaccine passports was leaked and is being passed around to create fake passes for the likes of Mickey Mouse and Adolf Hitler.
28 October 2021