Cybersecurity News


Attackers Aim at Software Supply Chain with Package Typosquatting

Attackers seed Ruby Gems repository with more than 760 malicious packages using names just a bit different than the standard code libraries.
21 April 2020

Here's a list of all the ransomware gangs who will steal and leak your data if you don't pay

Ransomware gangs are getting more aggressive these days about pursuing payments and have begun stealing and threatening to leak sensitive documents if victims don't pay the requested ransom demand.
21 April 2020

Terahash Buys L0phtCrack in Password Merger

The acquisition brings password cracking and password auditing capabilities together in a single company.
21 April 2020

7 Steps to Avoid the Top Cloud Access Risks

Securing identities and data in the cloud is challenging, but a least-privilege access approach helps.
21 April 2020

Oil and Gas Firms Targeted With Agent Tesla Spyware

Oil and Gas Firms Targeted With Agent Tesla Spyware Highly targeted spearphishing emails are being sent to oil and gas companies in hopes of infecting them with the Agent Tesla spyware.
21 April 2020

Microsoft Proposes Privacy Controls for COVID-19 Contact Tracking, Tracing

As governments broaden use of digital technologies to stem pandemic, sensitive health and location data need to be protected, company says.
21 April 2020

Deepfakes and AI: Fighting Cybersecurity Fire with Fire

Deepfakes and AI: Fighting Cybersecurity Fire with Fire To successfully mitigate evolving attacks, security teams must use the exact same AI tools that create those attacks in the first place.
21 April 2020

Work-from-Home Exposes Already-Infected Machines in 50K US Organizations

Researchers find massive spike in infected enterprises worldwide.
21 April 2020

Cyberattackers Ramp Up to 1.5M COVID-19 Emails Per Day

Cyberattackers Ramp Up to 1.5M COVID-19 Emails Per Day Research analyzing three months of coronavirus-themed attacks show cybercriminals adjusting threat levels to evolve with pandemic and typical employment trends.
21 April 2020

Security researcher discloses four IBM zero-days after company refused to patch

Zero-days impact the IBM Data Risk Manager (IDRM), one of IBM's enterprise security tools.
21 April 2020

How gamification can boost your cybersecurity training

Security is not a game, but learning about it could be – here’s why adding the fun factor can help employees become more cyber-aware

The post How gamification can boost your cybersecurity training appeared first on WeLiveSecurity

21 April 2020

France asks Apple to relax iPhone security for coronavirus tracking app development

A technical issue is stymying the development of a government app for tracing COVID-19.
21 April 2020

Nintendo accounts are getting hacked and used to buy Fortnite currency

Nintendo has recommended that users enable two-factor authentication on their accounts.
21 April 2020

Chinese hackers targeted company behind 'Ragnarok Online' MMORPG

Security firm finds new Chinese malware aimed at the Gravity game maker's network. Unclear if the attempted intrusion succeeded.
20 April 2020

How Can I Help My Users Spot Disinformation?

How Can I Help My Users Spot Disinformation? A combination of clever tools, good education, and better mindfulness might keep users from being manipulated.
20 April 2020

Mootbot Botnet Targets Fiber Routers with Dual Zero-Days

Mootbot Botnet Targets Fiber Routers with Dual Zero-Days Researchers saw several IoT botnets using one of the bugs in the wild after a proof-of-concept was published in March.
20 April 2020

Starbleed bug impacts FPGA chips used in data centers, IoT devices, industrial equipment

Xilinx 7-series and some 6-series FPGAs deemed vulnerable to new Starbleed vulnerability.
20 April 2020

Maze Ransomware Attack Hits Cognizant

Maze Ransomware Attack Hits Cognizant Cognizant has confirmed that a Friday evening Maze ransomware attack has disrupted its systems.
20 April 2020

Stimulus Payments Are Popular Leverage for Cyberattacks

More than 4,300 domains related to stimulus and relief packages, many of them malicious, have been registered since January.
20 April 2020

Who’s Behind the “Reopen” Domain Surge?

The past few weeks have seen a large number of new domain registrations beginning with the word "reopen" and ending with U.S. city or state names. The largest number of them were created just hours after President Trump sent a series of all-caps tweets urging citizens to "liberate" themselves from new gun control measures and state leaders who've enacted strict social distancing restrictions in the face of the COVID-19 pandemic. Here's a closer look at who and what appear to be behind these domains.
20 April 2020