Cybersecurity News


Not Punny: Angling Direct Breach Cripples Retailer for Days  

Not Punny: Angling Direct Breach Cripples Retailer for Days   A U.K. fishing retailer’s site has been hijacked and redirected to Pornhub.
09 November 2021

Robinhood data breach affects 7 million people

An attacker gained access to some of Robinhood's customer support systems and stole the personal data of around a third of the app's userbase

The post Robinhood data breach affects 7 million people appeared first on WeLiveSecurity

09 November 2021

Robinhood data breach affects 7 million people

An attacker gained access to some of Robinhood's customer support systems and stole the personal data of around a third of the app's userbase

The post Robinhood data breach affects 7 million people appeared first on WeLiveSecurity

09 November 2021

Paving the Way: Inspiring Women in Payments - A Q&A Featuring Amandeep Kaur

 

Amandeep Kaur was given a life-changing opportunity to leave her small village and move to the United Kingdom to stay with her aunt and uncle and study Information Security and Computer Forensics at a university of her choice. She followed her passion and, as a result, was able to start a new career in cybersecurity. But, for many women, opportunities like these are hard to find. In this edition of our blog, Amandeep explains that a lack of female role models in the industry, as well as a false stereotype that technology is “too hard” for women, can create negative perceptions that discourage women from this type of career.

09 November 2021

12 New Flaws Used in Ransomware Attacks in Q3

12 New Flaws Used in Ransomware Attacks in Q3 The Q3 2021 report revealed a 4.5% increase in CVEs associated with ransomware and a 3.4% increase in ransomware families compared with Q2 2021.
09 November 2021

The New Frontier of Enterprise Risk: Nth Parties

The New Frontier of Enterprise Risk: Nth Parties The average number of vulnerabilities discovered in a Cyberpion scan of external Fortune 500 networks (such as cloud systems) was 296, many critical (with the top of the scale weighing in at a staggering 7,500).
09 November 2021

Security Tool Guts: How Much Should Customers See?

Security Tool Guts: How Much Should Customers See? Yaron Kassner, CTO of Silverfort, delves into the pros and cons of transparency when it comes to cybersecurity tools’ algorithms.
09 November 2021

Robinhood Trading Platform Data Breach Hits 7M Customers

Robinhood Trading Platform Data Breach Hits 7M Customers The cyberattacker attempted to extort the company after socially engineering a customer service employee to gain access to email addresses and more.
09 November 2021

Multiple BusyBox Security Bugs Threaten Embedded Linux Devices

Multiple BusyBox Security Bugs Threaten Embedded Linux Devices Researchers discovered 14 vulnerabilities in the ‘Swiss Army Knife’ of the embedded OS used in many OT and IoT environments. They allow RCE, denial of service and data leaks.
09 November 2021

Meet Lyceum: Iranian hackers targeting telecoms, ISPs

The criminals climb up communication chains with the aim of reaching executives.
09 November 2021

REvil Ransom Arrest, $6M Seizure, and $10M Reward

The U.S. Department of Justice said today it arrested a Ukrainian man who deployed ransomware on behalf of the REvil ransomware gang, a Russian cybercriminal collective that has extorted hundreds of millions from victim organizations. The DOJ also said it had seized $6.1 million in cryptocurrency sent to another REvil affiliate, and that the State Department is now offering up to $10 million for information leading to the arrest of any key leaders of REvil.
08 November 2021

REvil Affiliates Arrested; DOJ Seizes $6.1M in Ransom

REvil Affiliates Arrested; DOJ Seizes $6.1M in Ransom The U.S. is seeking the extradition of a Ukrainian man, Yaroslav Vasinskyi, whom they suspect is behind the Kaseya supply-chain attacks and other REvil attacks.
08 November 2021

DDoS Attacks Shatter Records in Q3, Report Finds  

DDoS Attacks Shatter Records in Q3, Report Finds   Q3 DDoS attacks topped thousands daily, with more growth expected.
08 November 2021

Zebra2104 Initial Access Broker Supports Rival Malware Gangs, APTs

Zebra2104 Initial Access Broker Supports Rival Malware Gangs, APTs Researchers have uncovered a large, tangled web of infrastructure being used to enable a wide variety of cyberattacks.
08 November 2021

Zoho Password Manager Flaw Torched by Godzilla Webshell

Zoho Password Manager Flaw Torched by Godzilla Webshell A new campaign is prying apart a known security vulnerability in the Zoho ManageEngine ADSelfService Plus password manager, researchers warned over the weekend. The threat actors have managed to exploit the Zoho weakness in at least nine global entities across critical sectors so far (technology, defense, healthcare, energy and education), deploying the Godzilla webshell and […]
08 November 2021

Hacking of activists is latest in long line of cyber-attacks on Palestinians

Hacking of activists is latest in long line of cyber-attacks on Palestinians

Analysis: while identity of hackers is not known in this case, Palestinians have long been spied on by Israeli military

The disclosure that Palestinian human rights defenders were reportedly hacked using NSO’s Pegasus spyware will come as little surprise to two groups of people: Palestinians themselves and the Israeli military and intelligence cyber operatives who have long spied on Palestinians.

While it is not known who was responsible for the hacking in this instance, what is very well documented is the role of the Israeli military’s 8200 cyberwarfare unit – known in Hebrew as the Yehida Shmoneh-Matayim – in the widespread spying on Palestinian society.

Continue reading...
08 November 2021

Be On Alert This Holiday Season

 

In this blog we explore the challenges around security of payment data during the hectic holiday season and provide tips and best practices to help retailers better secure their payment data.

08 November 2021

Passwordless authentication: Is your company ready to move beyond passwords?

Are the days numbered for ‘123456’? As Microsoft further nudges the world away from passwords, here’s what your organization should consider before going password-free.

The post Passwordless authentication: Is your company ready to move beyond passwords? appeared first on WeLiveSecurity

08 November 2021

Passwordless authentication: Is your company ready to move beyond passwords?

Are the days numbered for ‘123456’? As Microsoft further nudges the world away from passwords, here’s what your organization should consider before going password-free.

The post Passwordless authentication: Is your company ready to move beyond passwords? appeared first on WeLiveSecurity

08 November 2021

Cybersecurity firms provide threat intel for Clop ransomware group arrests

The crackdown was codenamed Operation Cyclone.
08 November 2021