Cybersecurity News


DanaBot Malware Roars Back into Relevancy

DanaBot Malware Roars Back into Relevancy Sophisticated and dangerous, DanaBot has resurfaced after laying dormant for seven months.
26 January 2021

Privacy Teams Helped Navigate the Pivot to Work-from-Home

Annual Cisco privacy study also reports that 90% of organizations say their customers won't buy from them if they are not clear about data policy practices.
26 January 2021

Apple fixes another three iOS zero-days exploited in the wild

Fixes come after Apple patched another set of three zero-days last November.
26 January 2021

Mimecast: Recent Certificate Compromise Tied to SolarWinds Attacks

Yet another security firm hit in the sweeping attack campaign believed to be out of Russia.
26 January 2021

23M Gamer Records Exposed in VIPGames Leak

23M Gamer Records Exposed in VIPGames Leak The personal data of 66,000 users was left wide open on a misconfigured Elasticsearch server, joining a growing list of companies with leaky clouds.
26 January 2021

BEC Scammers Find New Ways to Navigate Microsoft 365

Their techniques made use of out-of-office replies and automatic responses during the 2020 holiday season, researchers report.
26 January 2021

Four security vendors disclose SolarWinds-related incidents

Mimecast, Palo Alto Networks, Qualys, and Fidelis confirmed this week they were also targeted during the SolarWinds supply chain attack.
26 January 2021

Cartoon Caption Winner: Before I Go ...

Cartoon Caption Winner: Before I Go ... And the winner of The Edge's January cartoon caption contest is ...
26 January 2021

Fighting the Rapid Rise of Cyber Warfare in a Changing World

Global cyber warfare is a grim reality, but strong public-private relationships and security frameworks can safeguard people, institutions, and businesses.
26 January 2021

Criminal, Domestic Violence Case Info Exposed in Cook County Leak

Criminal, Domestic Violence Case Info Exposed in Cook County Leak Cook County, Ill., home to Chicago, has left a database exposed since at least September that contained sensitive criminal and family-court records.
26 January 2021

Nefilim Ransomware Gang Hits Jackpot with Ghost Account

Nefilim Ransomware Gang Hits Jackpot with Ghost Account An unmonitored account belonging to a deceased employee allowed Nefilim to exfiltrate data and infiltrate systems for a month, without being noticed.
26 January 2021

Firefox 85 removes Flash and adds protection against supercookies

Firefox now joins Chrome and Edge, both of which removed support for Flash earlier this month.
26 January 2021

Wormable Android malware spreads via WhatsApp messages

“Download This application and Win Mobile Phone”, reads the message attempting to trick users into downloading a fake Huawei app

The post Wormable Android malware spreads via WhatsApp messages appeared first on WeLiveSecurity

26 January 2021

South African government releases its own browser just to re-enable Flash support

For some people, it's apparently easier to manage your own browser than port some web forms from Flash to HTML.
26 January 2021

Learn SAML: The Language You Don't Know You're Already Speaking

Learn SAML: The Language You Don't Know You're Already Speaking Security Assertion Markup Language, a protocol most people use daily to log into applications, makes authentication easier for both admins and users. Here's what you need to know about SAML (and what it has to do with 'GoldenSAML').
26 January 2021

Mainframe Security Automation Is Not a Luxury

As cyber threats grow, even the most securable platform is vulnerable and requires adaptive autonomous protection.
26 January 2021

North Korea Targets Security Researchers in Elaborate 0-Day Campaign

North Korea Targets Security Researchers in Elaborate 0-Day Campaign Hackers masquerade as security researchers to befriend analysts and eventually infect fully patched systems at multiple firms with a malicious backdoor.
26 January 2021

Startup Offers Free Version of its 'Passwordless' Technology

Beyond Identity co-founders hope to move the needle in eliminating the need for passwords, but experts say killing passwords altogether won't be easy.
26 January 2021

Cybercriminals use deceased staff accounts to spread Nemty ransomware

Researchers explore how ‘ghost’ accounts can become targets for threat actors.
26 January 2021

TikTok Flaw Lay Bare Phone Numbers, User IDs For Phishing Attacks

TikTok Flaw Lay Bare Phone Numbers, User IDs For Phishing Attacks A security flaw in TikTok could have allowed attackers to query query the platform's database – potentially opening up for privacy violations.
26 January 2021