Cybersecurity News
‘Tortilla’ Wraps Exchange Servers in ProxyShell Attacks
The Microsoft Exchange ProxyShell vulnerabilities are being exploited yet again for ransomware, this time with Babuk from the new "Tortilla" threat actor.
Predicting the Next OWASP API Security Top 10
API security risk has dramatically evolved in the last two years. Jason Kent, Hacker-in-Residence at Cequence Security, discusses the top API security concerns today and how to address them.
Israeli spyware company NSO Group placed on US blacklist
Decision against company at heart of Pegasus project reflects deep concern about impact of spyware on US national security interests
NSO Group has been placed on a US blacklist by the Biden administration after it determined the Israeli spyware maker has acted “contrary to the foreign policy and national security interests of the US”.
The finding by the commerce department represents a blow to the Israeli company and reveals a deep undercurrent of concern by the US about the impact of spyware on national security interests.
Continue reading...Win one for privacy – Swiss providers don’t have to talk
Security and privacy get a leg up in Proton’s legal challenge against data retention and disclosure obligations
The post Win one for privacy – Swiss providers don’t have to talk appeared first on WeLiveSecurity
Win one for privacy – Swiss providers don’t have to talk
Security and privacy get a leg up in Proton’s legal challenge against data retention and disclosure obligations
The post Win one for privacy – Swiss providers don’t have to talk appeared first on WeLiveSecurity
Almost half of rootkits are used for cyberattacks against government organizations
Research institutes are also in the firing line.Report: BlackMatter Ransomware Gang Goes Dark, Again
The former DarkSide cybercriminal group will shut down due to increased pressure from authorities, who may have nabbed a key team member.
Medical school exposes personal data of thousands of students
ID cards, academic records, and more were open and accessible on the internet.What’s it like to work as a malware researcher? 10 questions answered
Three ESET malware researchers describe what their job involves and what it takes to embark on a successful career in this field
The post What’s it like to work as a malware researcher? 10 questions answered appeared first on WeLiveSecurity
What’s it like to work as a malware researcher? 10 questions answered
Three ESET malware researchers describe what their job involves and what it takes to embark on a successful career in this field
The post What’s it like to work as a malware researcher? 10 questions answered appeared first on WeLiveSecurity
Arrests were made, but the Mekotio Trojan lives on
Law enforcement cut off tails, but not the head of the cybercriminal operation.Squid Game Crypto Scammers Rips Off Investors for Millions
Anti-dumping code kept investors from selling SQUID while fraudsters cashed out.
Ransomware Gangs Target Corporate Financial Activities
The FBI is warning about a fresh extortion tactic: threatening to tank share prices for publicly held companies.
Android Patches Actively Exploited Zero-Day Kernel Bug
Google’s Android November 2021 security updates plug 18 flaws in the framework and system components and 18 more in the kernel and vendor components.
Man charged with hacking major US sports leagues to illegally stream games
On top of illegally streaming sports games for profit, the man is also believed to have attempted to extort MLB for $150,000
The post Man charged with hacking major US sports leagues to illegally stream games appeared first on WeLiveSecurity
Man charged with hacking major US sports leagues to illegally stream games
On top of illegally streaming sports games for profit, the man is also believed to have attempted to extort MLB for $150,000
The post Man charged with hacking major US sports leagues to illegally stream games appeared first on WeLiveSecurity
Apple macOS Flaw Allows Kernel-Level Compromise
‘Shrootless’ allows bypass of System Integrity Protection IT security measures to install a malicious rootkit that goes undetected and performs arbitrary device operations.
