Adobe: Zero-Day Magento 2 RCE Bug Under Active AttackThe vendor issued an emergency fix on Sunday, and eCommerce websites should update ASAP to avoid Magecart card-skimming attacks and other problems.
From the back office to the till: Cybersecurity challenges facing global retailers
How well retailers can manage the surge in cyberthreats may be crucial for their prospects in a post‑pandemic world
The post From the back office to the till: Cybersecurity challenges facing global retailers appeared first on WeLiveSecurity
Patch now: Adobe releases emergency fix for exploited Commerce, Magento zero-dayAdobe says the vulnerability is being used in attacks targeting Adobe Commerce users.
Critical MQTT-Related Bugs Open Industrial Networks to RCE Via MoxaA collection of five security vulnerabilities with a collective CVSS score of 10 out of 10 threaten critical infrastructure environments that use Moxa MXview.
Cybercrooks Frame Targets by Planting Fabricated Digital EvidenceThe ‘ModifiedElephant’ threat actors are technically unimpressive, but they’ve evaded detection for a decade, hacking human rights advocates' systems with dusty old keyloggers and off-the-shelf RATs.
Week in security with Tony Anscombe
New ESET Threat Report is out – How dark web services are moving to common apps and services – Leave romance scammers high and dry
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Apple Patches Actively Exploited WebKit Zero DayA memory issue affects myriad iPhone, iPad and MacOS devices and allows attackers to execute arbitrary code after processing malicious web content.
These cybercriminals plant criminal evidence on human rights defender, lawyer devicesThere's more than one way to silence civil rights activists, it seems.
When love hurts: Watch out for romance scams this Valentine’s Day
Don’t be the next victim – spot the signs of a faux romance in time and send that scammer ‘packing’
The post When love hurts: Watch out for romance scams this Valentine’s Day appeared first on WeLiveSecurity
Spanish police arrest suspects in SIM-swapping ringFraudsters used photocopies and stolen data to obtain duplicate SIM cards.
$1.3 billion lost to romance scams in the past five years: FTCRomance scams are reaching record-highs, regulators warn.
Decryptor Keys Published for Maze, Egregor, Sekhmet RansomwaresThe Maze gang are purportedly never going back to ransomware and have destroyed all of their ransomware source code, said somebody claiming to be the developer.
Sharp SIM-Swapping Spike Causes $68M in LossesThe attacks, which lead to 2FA defeat and account takeover, have accelerated by several hundred percent in one year, leading to thousands of drained bank accounts.
SAP Patches Severe ‘ICMAD’ BugsSAP’s Patch Tuesday brought fixes for a trio of flaws in the ubiquitous ICM component in internet-exposed apps. One of them, with a risk score of 10, could allow attackers to hijack identities, steal data and more.
SAP to Give Threat Briefing on Uber-Severe ‘ICMAD’ BugsSAP’s Patch Tuesday brought fixes for a trio of flaws in the ubiquitous ICM component in internet-exposed apps. One of them, with a risk score of 10, could allow attackers to hijack identities, steal data and more.
The Threat of Ransomware Attacks
How the spike in ransomware attacks presents an urgent threat to the payment security community. On the blog, we cover basic questions with Lisa Plaggemier, Executive Director National Cybersecurity Alliance and PCI SSC Executive Director Lance Johnson about this growing threat to businesses across the U.S. and around the world and how to better protect yourself from this dangerous attack.
FritzFrog botnet returns to attack healthcare, education, government sectorsThe botnet managed to strike at least 500 government and enterprise SSH servers in eight months.
PHP Everywhere Bugs Put 30K+ WordPress Sites at Risk of RCEThe plug-in’s default settings spawned flaws that could allow for full site takeover but have since been fixed in an update that users should immediately install, Wordfence researchers said.
Hidden in plain sight: How the dark web is spilling onto social media
A trip into the dark corners of Telegram, which has become a magnet for criminals peddling everything from illegal drugs to fake money and COVID-19 vaccine passes
The post Hidden in plain sight: How the dark web is spilling onto social media appeared first on WeLiveSecurity