Cybersecurity News


Printing Shellz: Critical bugs impacting 150 HP printer models patched

"Cross-site printing attacks" feature in the research.
30 November 2021

Anti-virus firm McAfee seems to be sending junk emails

Anti-virus firm McAfee seems to be sending junk emails

I received a flood of renewal demands and unsubscribing doesn’t work

I cancelled my McAfee anti-virus subscription earlier this year when I discovered it had been double charging me. It refunded only the current year and led me on a wild goose chase to recover the previous two years’ money; I eventually gave up.

Now that my subscription period has ended, it is bombarding me with renewal demand emails several times a day. This weekend I received 15.

Continue reading...
30 November 2021

IKEA Hit by Email Reply-Chain Cyberattack

IKEA Hit by Email Reply-Chain Cyberattack IKEA, king of furniture-in-a-flat-box, warned employees on Friday that an ongoing cyberattack was using internal emails to malspam malicious links in active email threads.
29 November 2021

Researchers Flag 300K Banking Trojan Infections from Google Play in 4 Months

Researchers Flag 300K Banking Trojan Infections from Google Play in 4 Months Attackers are honing Google Play dropper campaigns, overcoming app store restrictions.
29 November 2021

ScarCruft APT Mounts Desktop/Mobile Double-Pronged Spy Attacks

ScarCruft APT Mounts Desktop/Mobile Double-Pronged Spy Attacks The North Korea-linked group is deploying the Chinotto spyware backdoor against dissidents, journalists and other politically relevant individuals in South Korea.
29 November 2021

Unpatched Windows Zero-Day Allows Privileged File Access

Unpatched Windows Zero-Day Allows Privileged File Access A temporary fix has been issued for CVE-2021-24084, which can be exploited using the LPE exploitation approach for the HiveNightmare/SeriousSAM bug.
29 November 2021

More than 1,000 arrested in global crackdown on online fraud

The INTERPOL-led operation involved law enforcement from 20 countries and led to the seizure of millions of dollars in illicit gains

The post More than 1,000 arrested in global crackdown on online fraud appeared first on WeLiveSecurity

29 November 2021

Shape-Shifting ‘Tardigrade’ Malware Hits Vaccine Makers

Shape-Shifting ‘Tardigrade’ Malware Hits Vaccine Makers Some security researchers say it’s actually Cobalt Strike and not a SmokeLoader variant, but BioBright says in-depth testing shows it’s for real a scary morphic malware that changes its parts and recompiles itself.
29 November 2021

The Internet is Held Together With Spit & Baling Wire

Imagine being able to disconnect or redirect Internet traffic destined for some of the world's largest companies -- just by spoofing an email. This is the nature of a threat vector recently removed by a Fortune 500 firm that operates one of the world's largest Internet backbones.
26 November 2021

Week in security with Tony Anscombe

How scammers take advantage of supply chain shortages – Tips for safe online shopping this holiday season – Steps to take after receiving a data breach notice

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

26 November 2021

‘Amoral 21st-century mercenaries’: problems mount for NSO Group

‘Amoral 21st-century mercenaries’: problems mount for NSO Group

Israeli spyware firm goes from bad to worse as scathing Apple lawsuit follows US blacklisting

Shalev Hulio, the co-founder of Israel’s NSO Group, was in Washington DC on a mission to try to resuscitate the surveillance company’s battered reputation on Capitol Hill shortly before the news broke that he had probably arrived too late to make a difference.

With little advance warning to its allies in Israel, the Biden administration announced on 3 November that it was putting the spyware maker – one of the most sophisticated cyber-weapons companies in the world – on a US blacklist, citing use of the company’s software by regimes around the world for “transnational repression”.

Continue reading...
26 November 2021

New Twists on Gift-Card Scams Flourish on Black Friday

New Twists on Gift-Card Scams Flourish on Black Friday Fake merchandise and crypto jacking are among the new ways cybercriminals will try to defraud people flocking online for Black Friday and Cyber Monday.
25 November 2021

The triangle of holiday shopping: Scams, social media and supply chain woes

‘Tis the season to avoid getting played by scammers hijacking Twitter accounts and promoting fake offers for PlayStation 5 consoles and other red-hot products

The post The triangle of holiday shopping: Scams, social media and supply chain woes appeared first on WeLiveSecurity

25 November 2021

9.3M+ Androids Running ‘Malicious’ Games from Huawei AppGallery

9.3M+ Androids Running ‘Malicious’ Games from Huawei AppGallery A new trojan called Android.Cynos.7.origin, designed to collect Android users’ device data and phone numbers, was found in 190 games installed on over 9M Android devices.
24 November 2021

GoDaddy Breach Widens to Include Reseller Subsidiaries

GoDaddy Breach Widens to Include Reseller Subsidiaries Customers of several brands that resell GoDaddy Managed WordPress have also been caught up in the big breach, in which millions of emails, passwords and more were stolen.
24 November 2021

Apple’s NSO Group Lawsuit Amps Up Pressure on Pegasus Spyware-Maker

Apple’s NSO Group Lawsuit Amps Up Pressure on Pegasus Spyware-Maker Just weeks after a judge ruled that NSO Group did not have immunity in a suit brought by Facebook subsidiary WhatsApp, Apple is adding significant weight to the company's woes.
24 November 2021

Attackers Actively Target Windows Installer Zero-Day

Attackers Actively Target Windows Installer Zero-Day Researcher discovered a “more powerful” variant of an elevation-of-privilege flaw for which Microsoft released a botched patch earlier this month.
24 November 2021

Avoiding the shopping blues: How to shop online safely this holiday season

With the holiday shopping bonanza right around the corner, here's how to make sure your online spending spree is hacker-free

The post Avoiding the shopping blues: How to shop online safely this holiday season appeared first on WeLiveSecurity

24 November 2021

Attackers Will Flock to Crypto Wallets, Linux in 2022: Podcast

Attackers Will Flock to Crypto Wallets, Linux in 2022:  Podcast That’s just the start of what cyberattackers will zero in on as they pick up APT techniques to hurl more destructive ransomware & supply-chain attacks, says Fortinet’s Derek Manky.
23 November 2021

FBI, CISA urge organizations to be on guard for attacks during holidays

Threat actors have previously timed ransomware and other attacks to coincide with holidays and weekends

The post FBI, CISA urge organizations to be on guard for attacks during holidays appeared first on WeLiveSecurity

23 November 2021