Cybersecurity News


Abcbot botnet has now been linked to Xanthe cryptojacking group

Researchers believe the focus is moving from cryptocurrency to traditional botnet attacks.
10 January 2022

500M Avira Antivirus Users Introduced to Cryptomining

Many readers were surprised to learn recently that the popular Norton 360 antivirus suite now ships with a program which lets customers make money mining virtual currency. But Norton 360 isn't alone in this dubious endeavor: Avira antivirus -- which has built a base of 500 million users worldwide largely by making the product free -- was recently bought by the same company that owns Norton 360 and is introducing its customers to a service called Avira Crypto.
08 January 2022

EoL Systems Stonewalling Log4j Fixes for Fed Agencies

EoL Systems Stonewalling Log4j Fixes for Fed Agencies End of life, end of support, pandemic-induced shipping delays and remote work, scanning failures: It’s a recipe for a patching nightmare, federal cyberserurity CTO Matt Keller says.
07 January 2022

Cyberattackers Hit Data of 80K Fertility Patients

Cyberattackers Hit Data of 80K Fertility Patients Fertility Centers of Illinois' security measures protected electronic medical records, but the attackers still got at extremely intimate data in admin files.
07 January 2022

3.7M FlexBooker Records Dumped on Hacker Forum

3.7M FlexBooker Records Dumped on Hacker Forum Attackers are trading millions of records from a trio of pre-holiday breaches on an online forum.
07 January 2022

QNAP: Get NAS Devices Off the Internet Now

QNAP: Get NAS Devices Off the Internet Now There are active ransomware and brute-force attacks being launched against internet-exposed, network-attached storage devices, the device maker warned.
07 January 2022

Week in security with Tony Anscombe

CES gives us a glimpse of our connected future – 10 bad cybersecurity habits to break this year – How hackers steal passwords

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

07 January 2022

Log4J-Related RCE Flaw in H2 Database Earns Critical Rating

Log4J-Related RCE Flaw in H2 Database Earns Critical Rating Critical flaw in the H2 open-source Java SQL database are similar to the Log4J vulnerability, but do not pose a widespread threat.
07 January 2022

CES 2022: Space security – no more flying blind

And no more worrying about your satellite being smashed by a “drunk driver” as new tech promises to predict hazards in orbit

The post CES 2022: Space security – no more flying blind appeared first on WeLiveSecurity

07 January 2022

NoReboot attack fakes iOS phone shutdown to spy on you

The PoC malware can be used to hijack microphone and camera functions.
07 January 2022

Chinese scientist pleads guilty to stealing US agricultural tech

US prosecutors have labeled his actions as "economic espionage."
07 January 2022

Activision Files Unusual Lawsuit over Call of Duty Cheat Codes

Activision Files Unusual Lawsuit over Call of Duty Cheat Codes Activision is suing to shut down the EngineOwning cheat-code site and hold individual developers and coders liable for damages.
06 January 2022

Google Voice Authentication Scam Leaves Victims on the Hook

Google Voice Authentication Scam Leaves Victims on the Hook The FBI is seeing so much activity around malicious Google Voice activity, where victims are associated with fraudulent virtual phone numbers, that it sent out an alert this week.
06 January 2022

Norton 360 Now Comes With a Cryptominer

Norton 360, one of the most popular antivirus products on the market today, has installed a cryptocurrency mining program on its customers' computers. Norton's parent firm says the cloud-based service that activates the program and enables customers to profit from the scheme -- in which the company keeps 15 percent of any currencies mined -- is "opt-in," meaning users have to agree to enable it. But many Norton users complain the mining program is difficult to remove, and reactions from longtime customers have ranged from unease and disbelief to, "Dude, where's my crypto?"
06 January 2022

CES 2022: More sensors than people

A sea of sensors will soon influence almost everything in your world

The post CES 2022: More sensors than people appeared first on WeLiveSecurity

06 January 2022

Partially Unpatched VMware Bug Opens Door to Hypervisor Takeover

Partially Unpatched VMware Bug Opens Door to Hypervisor Takeover ESXi version 7 users are still waiting for a full fix for a high-severity heap-overflow security vulnerability, but Cloud Foundation, Fusion and Workstation users can go ahead and patch.
06 January 2022

Apple iPhone Malware Tactic Causes Fake Shutdowns to Enable Spying

Apple iPhone Malware Tactic Causes Fake Shutdowns to Enable Spying The 'NoReboot' technique is the ultimate in persistence for iPhone malware, preventing reboots and enabling remote attackers to do anything on the device while remaining completely unseen.
06 January 2022

Attackers Exploit Flaw in Google Docs’ Comments Feature

Attackers Exploit Flaw in Google Docs’ Comments Feature A wave of phishing attacks identified in December targeting mainly Outlook users are difficult for both email scanners and victims to flag, researchers said.
06 January 2022

1.1M Compromised Accounts Found at 17 Major Companies

1.1M Compromised Accounts Found at 17 Major Companies The accounts fell victim to credential-stuffing attacks, according to the New York State AG.
05 January 2022

‘Elephant Beetle’ Lurks for Months in Networks

‘Elephant Beetle’ Lurks for Months in Networks The group blends into an environment before loading up trivial, thickly stacked, fraudulent financial transactions too tiny to be noticed but adding up to millions of dollars.
05 January 2022