Cybersecurity News


Tuesday’s Magento 1 EOL Leaves Clock Ticking on 100K Online Stores

Tuesday’s Magento 1 EOL Leaves Clock Ticking on 100K Online Stores Adobe and payment-card companies are making last-minute pleas for e-commerce sites to update to Magento 2, to avoid Magecart attacks and more.
29 June 2020

Files Stolen from 945 Websites Discovered on Dark Web

Researchers who found the archived SQL files estimate up to 14 million people could be affected.
29 June 2020

AWS Facial Recognition Platform Misidentified Over 100 Politicians As Criminals

AWS Facial Recognition Platform Misidentified Over 100 Politicians As Criminals Comparitech’s Paul Bischoff found that Amazon’s facial recognition platform misidentified an alarming number of people, and was racially biased.
29 June 2020

Unpatched Wi-Fi Extender Opens Home Networks to Remote Control

Unpatched Wi-Fi Extender Opens Home Networks to Remote Control The Homeplug device, from Tenda, suffers from web server bugs as well as a DoS flaw.
29 June 2020

India bans 59 Chinese apps, including TikTok, UC Browser, Weibo, and WeChat

Indian government ban comes after the Indian military has clashed with Chinese forces on the country's northern border.
29 June 2020

HackerOne's 2020 Top 10 public bug bounty programs

The HackerOne bug bounty platform reveals its most successful bug bounty programs.
29 June 2020

Tall Order for Small Businesses: 3 Tips to Find Tailored Security Solutions

SMBs are responsible for nearly 44% of US economic activity, but given the current climate, it can be difficult for them to find available and/or affordable resources.
29 June 2020

Michigan tackles compulsory microchip implants for employees with new bill

RFID implants for workers are not an issue now, but the state wants to get ahead on what could become a huge privacy problem in the future.
29 June 2020

SEC warns off investment in iBSmartify Nigeria cryptocurrencies

iBledger and InksNation are unregistered, and therefore a financial risk outside of the local commission’s regulatory protections.
29 June 2020

Remote access at risk: Pandemic pulls more cyber‑crooks into the brute‑forcing game

Poorly secured remote access attracts mostly ransomware gangs, but can provide access to coin miners and backdoors too

The post Remote access at risk: Pandemic pulls more cyber‑crooks into the brute‑forcing game appeared first on WeLiveSecurity

29 June 2020

Russian leader of Infraud stolen ID, credit card ring pleads guilty

The Infraud Organization was once known as a major player in the carding world.
29 June 2020

Updating Plugins

Every plugin or add-on you install in your browser can expose you to more danger. Only install the plugins you need and make sure they are always current. If you no longer need a plugin, disable or remove it from your browser via your browser's plugin preferences.
29 June 2020

Apple strong-arms entire CA industry into one-year certificate lifespans

Apple, Google, and Mozilla reduce the lifespan for HTTPS certificates to 398 days, against the wishes of Certificate Authorities.
28 June 2020

Apple declined to implement 16 Web APIs in Safari due to privacy concerns

Apple said these 16 new Web APIs add new user fingerprinting opportunities for online advertisers.
28 June 2020

Russian Cybercrime Boss Burkov Gets 9 Years

A well-connected Russian hacker once described as “an asset of supreme importance” to Moscow was sentenced on Friday to nine years in a U.S. prison after pleading guilty to running a site that sold stolen payment card data, and to administering a highly secretive crime forum that counted among its members some of the most elite Russian cybercrooks.
27 June 2020

Adobe, Mastercard, Visa warn online store owners of Magento 1.x EOL

Almost 110,000 online stores are still running the soon-to-be-outdated Magento 1.x CMS.
27 June 2020

DarkCrewFriends Returns with Botnet Strategy

DarkCrewFriends Returns with Botnet Strategy The botnet can be used to mount different kinds of attacks, including code-execution and DDoS.
26 June 2020

8 U.S. City Websites Targeted in Magecart Attacks

8 U.S. City Websites Targeted in Magecart Attacks Researchers believe that Click2Gov, municipal payment software, may be at the heart of this most recent government security incident.
26 June 2020

‘Cardplanet’ Operator Sentenced to 9 Years for Selling Stolen Credit Cards

‘Cardplanet’ Operator Sentenced to 9 Years for Selling Stolen Credit Cards The carding store victimized mainly U.S. citizens and is responsible for $20 million in fraudulent purchases.
26 June 2020

Major US Companies Targeted in New Ransomware Campaign

Evil Corp. group hit at least 31 customers in campaign to deploy WastedLocker malware, according to Symantec.
26 June 2020