Cybersecurity News


Week in security with Tony Anscombe

ESET research discovers ESPecter bootkit – FontOnLake targeting Linux – Fake SafeMoon app update

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

08 October 2021

BrewDog exposed data of 200,000 shareholders for over a year

The beer's on BrewDog, too.
08 October 2021

Navy Warship’s Facebook Page Hacked to Stream ‘Age of Empires’ Gaming

Navy Warship’s Facebook Page Hacked to Stream ‘Age of Empires’ Gaming The destroyer-class USS Kidd streamed hours of game play in a funny incident that has serious cybersecurity ramifications.
07 October 2021

Twitch Leak Included Emails, Passwords in Clear Text: Researcher

Twitch Leak Included Emails, Passwords in Clear Text: Researcher A researcher combed through the Twitch leak and found what they said was evidence of PayPal chargebacks with names and emails; employees' emails; and more.
07 October 2021

Cybersecurity Month: Be Cyber Smart


As an  Official Champion of National Cyber Security Awareness Month (NCSAM), the Council will be sharing educational resources on payment security best practices on the PCI Perspectives blog, and through our Twitter (@PCISSC) and LinkedIn pages. The Council will align these resources with the four weekly themes outlined by the National Cyber Security Alliance:

07 October 2021

4 Key Questions for Zero-Trust Success

4 Key Questions for Zero-Trust Success Anurag Kahol, CTO & co-founder at Bitglass, offers tips for avoiding implementation pitfalls for zero trust.
07 October 2021

No honor among thieves: One in five targets of FIN12 hacking group is in healthcare

The group strikes big game targets with annual revenues of over $6 billion.
07 October 2021

FontOnLake: Previously unknown malware family targeting Linux

ESET researchers discover a malware family with tools that show signs they’re used in targeted attacks

The post FontOnLake: Previously unknown malware family targeting Linux appeared first on WeLiveSecurity

07 October 2021

Former Kent police officer sentenced for downloading child sex abuse material

The disgraced officer has avoided jail.
07 October 2021

Canopy Parental Control App Wide Open to Unpatched XSS Bugs

Canopy Parental Control App Wide Open to Unpatched XSS Bugs The possible cyberattacks include disabling monitoring, location-tracking of children and malicious redirects of parent-console users.
06 October 2021

VMware ESXi Servers Encrypted by Lightning-Fast Python Script

VMware ESXi Servers Encrypted by Lightning-Fast Python Script The little snippet of Python code strikes fast and nasty, taking less than three hours to complete a ransomware attack from initial breach to encryption.
06 October 2021

ESPecter Bootkit Malware Haunts Victims with Persistent Espionage

ESPecter Bootkit Malware Haunts Victims with Persistent Espionage The rare UEFI bootkit drops a fully featured backdoor on PCs and gains the ultimate persistence by modifying the Windows Boot Manager.
06 October 2021

Becoming a new chief information security officer today: The steps for success

It's no easy ride -- but here are some tips from an experienced CISO.
06 October 2021

Google to turn on 2FA by default for 150 million users, 2 million YouTubers

Two-factor authentication is a simple way to greatly enhance the security of your account

The post Google to turn on 2FA by default for 150 million users, 2 million YouTubers appeared first on WeLiveSecurity

06 October 2021

Twitch Gets Gutted: All Source Code Leaked

Twitch Gets Gutted: All Source Code Leaked An anonymous user posted a link to a 125GB torrent to 4chan yesterday, containing all of Twitch's source code, comments going back to its inception and more.
06 October 2021

Dubai ruler hacked ex-wife using NSO Pegasus spyware, high court judge finds

Dubai ruler hacked ex-wife using NSO Pegasus spyware, high court judge finds

Sheikh Mohammed used spyware on Princess Haya and five associates in unlawful abuse of power, judge rules

The ruler of Dubai hacked the phone of his ex-wife Princess Haya using NSO Group’s controversial Pegasus spyware in an unlawful abuse of power and trust, a senior high court judge has ruled.

The president of the family division found that agents acting on behalf of Sheikh Mohammed bin Rashid al-Maktoum, who is also prime minister of the United Arab Emirates, a close Gulf ally of Britain, hacked Haya and five of her associates while the couple were locked in court proceedings in London concerning the welfare of their two children.

Continue reading...
06 October 2021

‘The walls are closing in on me’: the hacking of Princess Haya

‘The walls are closing in on me’: the hacking of Princess Haya

Court judgments reveal how Sheikh Mohammed’s use of Pegasus spyware against his ex-wife was uncovered

Eleven court judgments, covering 181 pages, plus hundreds of other pages of legal documents have revealed an extraordinary spying scandal: state-sponsored mobile phone hacking conducted on behalf of the ruler of Dubai against his fearful sixth and former wife, Princess Haya, Britain’s most famous divorce lawyer and her associate, plus three others – against the backdrop of a bitter child protection battle being played out day after day in the English courts.

The conclusion, after just over a year of intense and costly legal arguments, is that “servants or agents” of Sheikh Mohammed bin Rashid al-Maktoum, the vice-president and prime minister of the United Arab Emirates, engaged in “the surveillance of the six phones” in Britain using technology supplied by Israel’s NSO Group, a company already embroiled in a string of hacking scandals, apparently to further his cause in the welfare battle.

Continue reading...
06 October 2021

Apache HTTP Server Project patches exploited zero-day vulnerability

The critical vulnerability is being actively exploited in the wild.
06 October 2021

Meet ESPecter: a new UEFI bootkit for cyber spying

The bootkit is able to load unsigned drivers to hijack the ESP.
06 October 2021

To the moon and hack: Fake SafeMoon app drops malware to spy on you

Cryptocurrencies rise and fall, but one thing stays the same – cybercriminals attempt to cash in on the craze

The post To the moon and hack: Fake SafeMoon app drops malware to spy on you appeared first on WeLiveSecurity

06 October 2021