Cybersecurity News


Emotet 101: How the Ransomware Works -- and Why It's So Darn Effective

Emotet 101: How the Ransomware Works -- and Why It's So Darn Effective In recent weeks, Emotet has emerged as the most common form of ransomware. Managing the risk involves starts with understanding the way it works.
09 October 2020

US unveils enforcement framework to combat terrorist, criminal cryptocurrency activities

Blockchain technologies are described as “breathtaking,” but still, the US wants to tighten its grip on emerging criminal use cases.
09 October 2020

Facebook launches bug bounty 'loyalty program'

Facebook to rank bug hunters based on past activity and provide bonuses and special perks.
09 October 2020

So you thought your personal data was deleted? Not so fast

It may be impossible to delete your personal information from Houseparty and other social media services – despite privacy legislation!

The post So you thought your personal data was deleted? Not so fast appeared first on WeLiveSecurity

09 October 2020

Microsoft warns of Android ransomware that activates when you press the Home button

New MalLocker.B ransomware is currently spreading via online forums and third-party websites
09 October 2020

Cyberattacks Up, But Companies (Mostly) Succeed in Securing Remote Workforce

Despite fears that the burgeoning population of remote workers would lead to breaches, companies have held their own, a survey of threat analysts finds.
08 October 2020

RAINBOWMIX Apps in Google Play Serve Up Millions of Ad Fraud Victims

RAINBOWMIX Apps in Google Play Serve Up Millions of Ad Fraud Victims Collectively, 240 fraudulent Android apps -- masquerading as retro game emulators -- account for 14 million installs.
08 October 2020

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

There's an old adage in information security: "Every company gets penetration tested, whether or not they pay someone for the pleasure." Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in. But judging from the proliferation of help-wanted ads for offensive pentesters in the cybercrime underground, today's attackers have exactly zero trouble gaining that initial intrusion: The real challenge seems to be hiring enough people to help everyone profit from the access already gained.
08 October 2020

Scale Up Threat Hunting to Skill Up Analysts

Security operation centers need to move beyond the simplicity of good and bad software to having levels of "badness," as well as better defining what is good. Here's why.
08 October 2020

US Seizes Domain Names Used in Iranian Disinformation Campaign

The US has seized 92 domain names used by Iran's Islamic Revolutionary Guard Corps to spread a worldwide disinformation campaign.
08 October 2020

Cisco Fixes High-Severity Webex, Security Camera Flaws

Cisco Fixes High-Severity Webex, Security Camera Flaws Three high-severity flaws exist in Cisco's Webex video conferencing system, Cisco’s Video Surveillance 8000 Series IP Cameras and Identity Services Engine.
08 October 2020

HEH P2P Botnet Sports Dangerous Wiper Function

HEH P2P Botnet Sports Dangerous Wiper Function The P2P malware is infecting any and all types of endpoints via brute-forcing, with 10 versions targeting desktops, laptops, mobile and IoT devices.
08 October 2020

Google adds password breach alerts to Chrome for Android, iOS

The feature is part of the browser's security improvements that were first built into its desktop version

The post Google adds password breach alerts to Chrome for Android, iOS appeared first on WeLiveSecurity

08 October 2020

US Election-Related Websites Vulnerable to Fraud, Abuse

New research finds the vast majority of reputable news, political, and donor-oriented sites don't use registry locks.
08 October 2020

Kaspersky Researchers Spot Russia-on-Russia Cyber-Espionage Campaign

Steganography-borne malware used to spy on industrial targets in Russia.
08 October 2020

Microsoft Azure Flaws Open Admin Servers to Takeover

Microsoft Azure Flaws Open Admin Servers to Takeover Two flaws in Microsoft's cloud-based Azure App Services could have allowed server-side forgery request (SSFR) and remote code-execution attacks.
08 October 2020

Key Considerations & Best Practices for Establishing a Secure Remote Workforce

Cybersecurity is challenging but not paralyzing, and now is the moment to educate our employees to overcome these challenges.
08 October 2020

Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks

Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks A spike in phishing and malicious websites aimed at defrauding Amazon.com customers aim to make Prime Day a field day for hackers.
08 October 2020

Waterbear malware used in attack wave against government agencies

The loader has been launched against a number of Taiwanese government entities.
08 October 2020

240+ Android apps caught showing out-of-context ads

The malicious applications were showing ads but making them appear as coming from other, legitimate apps.
08 October 2020