Cybersecurity News
Trojans, Backdoors and Droppers: The Most-Analyzed Malware
Even so, backdoors and droppers are rare in the wild.
02 July 2020
Apache Guacamole Opens Door for Total Control of Remote Footprint
Several vulnerabilities can be chained together for a full exploit.
02 July 2020
Facebook Privacy Glitch Gave 5K Developers Access to ‘Expired’ Data
Facebook has fixed a privacy issue that gave developers access to user data long after the 90-day "expiration" date.
02 July 2020
Thousands of MongoDB databases ransacked, held for ransom
The cybercriminal behind the ransom raids on almost 23,000 databases threatens to leak the data and alert GDPR regulators
The post Thousands of MongoDB databases ransacked, held for ransom appeared first on WeLiveSecurity
02 July 2020
V Shred data leak exposes PII, sensitive photos of fitness customers and trainers
V Shred defended the public status of its open bucket and only partially solved the problem.02 July 2020
Lessons from COVID-19 Cyberattacks: Where Do We Go Next?
We need to learn from the attacks and attempts that have occurred in order to prepare for the future.02 July 2020
FakeSpy Android Malware Spread Via ‘Postal-Service’ Apps
New ‘smishing’ campaigns from the Roaming Mantis threat group infect Android users with the FakeSpy infostealer.
02 July 2020
This is how EKANS ransomware is targeting industrial control systems
New samples of the ransomware reveal the techniques used to attack critical ICS systems.02 July 2020
7 IoT Tips for Home Users
Whether for business or pleasure, you're on your own once you walk into the house with a new Internet of Things device. Here's how to keep every one secure.
02 July 2020
Facebook says 5,000 app developers got user data after cutoff date
A Facebook privacy mechanism blocks apps from receiving user data if users didn't use an app for 90 days. Facebook said 5,000 apps continued to receive user data regardless.01 July 2020
Connection discovered between Chinese hacker group APT15 and defense contractor
Lookout said it linked APT15 malware to Xi'an Tianhe Defense Technology, a Chinese defense contractor.01 July 2020
Ransomware Gangs Don’t Need PR Help
We've seen an ugly trend recently of tech news stories and cybersecurity firms trumpeting claims of ransomware attacks on companies large and small, apparently based on little more than the say-so of the ransomware gangs themselves. Such coverage is potentially quite harmful and plays deftly into the hands of organized crime. Often the rationale behind couching these events as newsworthy is that the attacks involve publicly traded companies or recognizable brands, and that investors and the public have a right to know. But absent any additional information from the victim company or their partners who may be affected by the attack, these kinds of stories and blog posts look a great deal like ambulance chasing and sensationalism.01 July 2020
Attackers Compromised Dozens of News Websites as Part of Ransomware Campaign
Malware used to download WastedLocker on target networks was hosted on legit websites belonging to one parent company, Symantec says.01 July 2020
Chinese Software Company Aisino Uninstalls GoldenSpy Malware
Follow-up sandbox research confirms Aisino knew about the malware in its tax software, though it's still unclear whether it was culpable.01 July 2020
Businesses Invest in Cloud Security Tools Despite Concerns
A majority of organizations say the acceleration was driven by a need to support more remote employees.01 July 2020
DHS Shares Data on Top Cyber Threats to Federal Agencies
Backdoors, cryptominers, and ransomware were the most widely detected threats by the DHS Cybersecurity and Infrastructure Security Agency (CISA)'s intrusion prevention system EINSTEIN.01 July 2020
DHS Shares Data on Top Cyberthreats to Federal Agencies
Backdoors, cryptominers, and ransomware were the most widely detected threats by the DHS Cybersecurity and Infrastructure Security Agency (CISA)'s intrusion prevention system EINSTEIN.01 July 2020
Hacker ransoms 23k MongoDB databases and threatens to contact GDPR authorities
The hacker has attempted to ransom nearly 47% of all MongoDB databases left exposed online.01 July 2020
Cisco Warns of High-Severity Bug in Small Business Switch Lineup
A high-severity flaw allows remote, unauthenticated attackers to potentially gain administrative privileges for Cisco small business switches.
01 July 2020
Alina Point-of-Sale Malware Spotted in Ongoing Campaign
The malware is using DNS tunneling to exfiltrate payment-card data.
01 July 2020