Cybersecurity News


Music streaming platform victim of a crypto theft – Week in security with Tony Anscombe

Cybercriminals exploited a vulnerability to steal the equivalent of 18M$ from the NFT music streaming platform Audius, while other cyberthreats related to crypto makes the news.

The post Music streaming platform victim of a crypto theft – Week in security with Tony Anscombe appeared first on WeLiveSecurity

29 July 2022

Malicious Npm Packages Tapped Again to Target Discord Users

Malicious Npm Packages Tapped Again to Target Discord Users Recent LofyLife campaign steals tokens and infects client files to monitor various user actions, such as log-ins, password changes and payment methods.
29 July 2022

Staying safe online: How to browse the web securely

Learn to spot some of the threats that you can face while browsing online, and the best tips to stay safe on the web.

The post Staying safe online: How to browse the web securely appeared first on WeLiveSecurity

29 July 2022

Breach Exposes Users of Microleaves Proxy Service

Microleaves, a ten-year-old proxy service that lets customers route their web traffic through millions of Microsoft Windows computers, exposed their entire user database and the location of tens of millions of PCs running the proxy software. Microleaves claims its proxy software is installed with user consent. But research suggests Microleaves has a lengthy history of being supplied with new proxies by affiliates incentivized to install the software any which way they can -- such as by secretly bundling it with other software.
28 July 2022

Threat Actors Pivot Around Microsoft’s Macro-Blocking in Office

Threat Actors Pivot Around Microsoft’s Macro-Blocking in Office Cybercriminals turn to container files and other tactics to get around the company’s attempt to thwart a popular way to deliver malicious phishing payloads.
28 July 2022

Messaging Apps Tapped as Platform for Cybercriminal Activity

Messaging Apps Tapped as Platform for Cybercriminal Activity Built-in Telegram and Discord services are fertile ground for storing stolen data, hosting malware and using bots for nefarious purposes.
27 July 2022

Cash App fraud: 10 common scams to watch out for

It pays to be careful – here’s how you can stay safe from fake giveaways, money flipping scams and other cons that fraudsters use to trick payment app users out of their hard-earned cash

The post Cash App fraud: 10 common scams to watch out for appeared first on WeLiveSecurity

27 July 2022

A Retrospective on the 2015 Ashley Madison Breach

It's been seven years since the online cheating site AshleyMadison.com was hacked and highly sensitive data about its users posted online. The leak led to the public shaming and extortion of many AshleyMadison users, and to at least two suicides. To date, little is publicly known about the perpetrators or the true motivation for the attack. But a recent review of AshleyMadison mentions across Russian cybercrime forums and far-right underground websites in the months leading up to the hack revealed some previously unreported details that may deserve further scrutiny.
26 July 2022

Novel Malware Hijacks Facebook Business Accounts

Novel Malware Hijacks Facebook Business Accounts Newly discovered malware linked to Vietnamese threat actors targets users through a LinkedIn phishing campaign to steal data and admin privileges for financial gain.
26 July 2022

Phishing Attacks Skyrocket with Microsoft and Facebook as Most Abused Brands

Phishing Attacks Skyrocket with Microsoft and Facebook as Most Abused Brands Instances of phishing attacks leveraging the Microsoft brand increased 266 percent in Q1 compared to the year prior.
26 July 2022

IoT Botnets Fuels DDoS Attacks – Are You Prepared?

IoT Botnets Fuels DDoS Attacks – Are You Prepared? The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifies DDoS attacks today. This is a dangerous warning that the possibility of a sophisticated DDoS attack and a prolonged service outage will prevent businesses from growing.
26 July 2022

Why Physical Security Maintenance Should Never Be an Afterthought

Why Physical Security Maintenance Should Never Be an Afterthought SecuriThings' CEO Roy Dagan tackles the sometimes overlooked security step of physical security maintenance and breaks down why it is important.
25 July 2022

NFT: A new‑fangled trend or also a new‑found treasure?

I’ve created an NFT so you don’t have to – here's the good, the bad and the intangible of the hot-ticket tokens

The post NFT: A new‑fangled trend or also a new‑found treasure? appeared first on WeLiveSecurity

25 July 2022

Here are the top phone security threats in 2022 and how to avoid them

Your handset is always at risk of being exploited. Here's what to look out for.
23 July 2022

macOS malware: myth vs. reality – Week in security with Tony Anscombe

ESET research shows yet again that macOS is not immune to malware – and why some users can benefit from Apple’s Lockdown Mode

The post macOS malware: myth vs. reality – Week in security with Tony Anscombe appeared first on WeLiveSecurity

22 July 2022

Massive Losses Define Epidemic of ‘Pig Butchering’

U.S. state and federal investigators are being inundated with reports from people who’ve lost hundreds of thousands or millions of dollars in connection with a complex investment scam known as “pig butchering,” wherein people are lured by flirtatious strangers online into investing in cryptocurrency trading platforms that eventually seize any funds when victims try to cash out.
21 July 2022

Hackers for Hire: Adversaries Employ ‘Cyber Mercenaries’

Hackers for Hire: Adversaries Employ ‘Cyber Mercenaries’ Also known as the Atlantis Cyber-Army, the emerging organization has an enigmatic leader and a core set of admins that offer a range of services, including exclusive data leaks, DDoS and RDP.
21 July 2022

Conti’s Reign of Chaos: Costa Rica in the Crosshairs

Conti’s Reign of Chaos: Costa Rica in the Crosshairs Aamir Lakhani, with FortiGuard Labs, answers the question; Why is the Conti ransomware gang targeting people and businesses in Costa Rica?
20 July 2022

Magecart Serves Up Card Skimmers on Restaurant-Ordering Systems

Magecart Serves Up Card Skimmers on Restaurant-Ordering Systems 300 restaurants and at least 50,000 payment cards compromised by two separate campaigns against MenuDrive, Harbortouch and InTouchPOS services.
20 July 2022

ESET Research Podcast: Hot security topics at RSA or mostly hype?

Listen to Cameron Camp, Juraj Jánošík, and Filip Mazán discuss the use of machine learning in cybersecurity, followed by Cameron’s insights into the security of medical devices

The post ESET Research Podcast: Hot security topics at RSA or mostly hype? appeared first on WeLiveSecurity

20 July 2022