Cybersecurity News


Military’s RFID Tracking of Guns May Endanger Troops

Military’s RFID Tracking of Guns May Endanger Troops RFID gun tags leave the military exposed to tracking, sniffing and spoofing attacks, experts say.  
30 September 2021

Tips & Tricks for Unmasking Ghoulish API Behavior

Tips & Tricks for Unmasking Ghoulish API Behavior Jason Kent, hacker-in-residence at Cequence Security, discusses how to track user-agent connections to mobile and desktop APIs, to spot malicious activity.
30 September 2021

Hackers could force locked iPhones to make contactless payments

Flaws in Apple Pay and Visa could allow criminals to make arbitrary contactless payments – no authentication needed, research finds

The post Hackers could force locked iPhones to make contactless payments appeared first on WeLiveSecurity

30 September 2021

Just Published: P2PE v3.1


Today, the PCI SSC published a minor revision to the PCI Point-to-Point Encryption (P2PE) ® Standard. We talk with Mike Thompson, Senior Manager of Emerging Standards and the Chair of the PCI Council’s P2PE Working Group, about some of these changes.

30 September 2021

Proxy Phantom: Fraud rings flood online merchants with credential stuffing attacks

Over 1.5 million stolen credential sets are being used by one fraud operation.
30 September 2021

The Top Ransomware Threats Aren’t Who You Think

The Top Ransomware Threats Aren’t Who You Think Move over REvil, Ragnar Locker, BlackMatter, Conti et al: Three lesser-known gangs account for the vast majority of ransomware attacks in the U.S. and globally.
30 September 2021

Fears surrounding Pegasus spyware prompt new Trojan campaign

Criminals hope that the lure of a promise to protect you from spyware will make you click that link.
30 September 2021

Thousands of University Wi-Fi Networks Expose Log-In Credentials

Thousands of University Wi-Fi Networks Expose Log-In Credentials Certificate misconfigurations of the EAP protocol in Eduroam (and likely other networks globally) threaten Android and Windows users.
30 September 2021

ESET Threat Report T2 2021

A view of the T2 2021 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts

The post ESET Threat Report T2 2021 appeared first on WeLiveSecurity

30 September 2021

Keep Attackers Out of VPNs: Feds Offer Guidance

Keep Attackers Out of VPNs: Feds Offer Guidance The NSA and CISA issued recommendations on choosing and hardening VPNs to prevent nation-state APTs from weaponizing flaws & CVEs to break into protected networks.
29 September 2021

Keep Attackers Out of VPNs: Feds Offer Guidance

Keep Attackers Out of VPNs: Feds Offer Guidance The NSA and CISA issued guidance on choosing and hardening VPNs to prevent nation-state APTs from weaponizing flaws & CVEs to break into protected networks.
29 September 2021

Researchers discover bypass 'bug' in iPhone Apple Pay, Visa to make contactless payments

The security issue relates to Visa and Apple's transmit mode.
29 September 2021

Apple AirTag Zero-Day Weaponizes Trackers

Apple AirTag Zero-Day Weaponizes Trackers Apple's personal item-tracker devices can be used to deliver malware, slurp credentials, steal tokens and more thanks to XSS.
29 September 2021

GriftHorse Money-Stealing Trojan Takes 10M Android Users for a Ride

GriftHorse Money-Stealing Trojan Takes 10M Android Users for a Ride The mobile malware has fleeced hundreds of millions of dollars from victims globally, using sophisticated techniques.
29 September 2021

Conti Ransomware Expands Ability to Blow Up Backups

Conti Ransomware Expands Ability to Blow Up Backups The Conti ransomware gang has developed novel tactics to demolish backups, especially the Veeam recovery software.
29 September 2021

Tomiris backdoor discovery linked to Sunshuttle, DarkHalo hackers

Another backdoor has been tentatively linked to the hackers behind SolarWinds.
29 September 2021

CISA and NSA release guidance for securing VPNs

What your organization should consider when it comes to choosing a VPN solution and hardening it against attacks

The post CISA and NSA release guidance for securing VPNs appeared first on WeLiveSecurity

29 September 2021

SAS 2021: ‘Tomiris’ Backdoor Linked to SolarWinds Malware

SAS 2021: ‘Tomiris’ Backdoor Linked to SolarWinds Malware Newly discovered code resembles the Kazuar backdoor and the Sunshuttle second-stage malware distributed by Nobelium in the SolarWinds supply-chain attacks.
29 September 2021

Threat Actors Weaponize Telegram Bots to Compromise PayPal Accounts

Threat Actors Weaponize Telegram Bots to Compromise PayPal Accounts A campaign is stealing one-time password tokens to gain access to PayPal, Apple Pay and Google Pay, among others.
29 September 2021

This dangerous mobile Trojan has stolen a fortune from over 10 million victims

Researchers say the infections are generating millions of dollars a month in recurring revenue.
29 September 2021