Cybersecurity News


‘Tortilla’ Wraps Exchange Servers in ProxyShell Attacks

‘Tortilla’ Wraps Exchange Servers in ProxyShell Attacks The Microsoft Exchange ProxyShell vulnerabilities are being exploited yet again for ransomware, this time with Babuk from the new "Tortilla" threat actor.
03 November 2021

Predicting the Next OWASP API Security Top 10

Predicting the Next OWASP API Security Top 10 API security risk has dramatically evolved in the last two years. Jason Kent, Hacker-in-Residence at Cequence Security, discusses the top API security concerns today and how to address them.
03 November 2021

Israeli spyware company NSO Group placed on US blacklist

Israeli spyware company NSO Group placed on US blacklist

Decision against company at heart of Pegasus project reflects deep concern about impact of spyware on US national security interests

NSO Group has been placed on a US blacklist by the Biden administration after it determined the Israeli spyware maker has acted “contrary to the foreign policy and national security interests of the US”.

The finding by the commerce department represents a blow to the Israeli company and reveals a deep undercurrent of concern by the US about the impact of spyware on national security interests.

Continue reading...
03 November 2021

Win one for privacy – Swiss providers don’t have to talk

Security and privacy get a leg up in Proton’s legal challenge against data retention and disclosure obligations

The post Win one for privacy – Swiss providers don’t have to talk appeared first on WeLiveSecurity

03 November 2021

Win one for privacy – Swiss providers don’t have to talk

Security and privacy get a leg up in Proton’s legal challenge against data retention and disclosure obligations

The post Win one for privacy – Swiss providers don’t have to talk appeared first on WeLiveSecurity

03 November 2021

Almost half of rootkits are used for cyberattacks against government organizations

Research institutes are also in the firing line.
03 November 2021

Report: BlackMatter Ransomware Gang Goes Dark, Again

Report: BlackMatter Ransomware Gang Goes Dark, Again The former DarkSide cybercriminal group will shut down due to increased pressure from authorities, who may have nabbed a key team member.
03 November 2021

Medical school exposes personal data of thousands of students

ID cards, academic records, and more were open and accessible on the internet.
03 November 2021

What’s it like to work as a malware researcher? 10 questions answered

Three ESET malware researchers describe what their job involves and what it takes to embark on a successful career in this field

The post What’s it like to work as a malware researcher? 10 questions answered appeared first on WeLiveSecurity

03 November 2021

What’s it like to work as a malware researcher? 10 questions answered

Three ESET malware researchers describe what their job involves and what it takes to embark on a successful career in this field

The post What’s it like to work as a malware researcher? 10 questions answered appeared first on WeLiveSecurity

03 November 2021

Arrests were made, but the Mekotio Trojan lives on

Law enforcement cut off tails, but not the head of the cybercriminal operation.
03 November 2021

Squid Game Crypto Scammers Rips Off Investors for Millions

Squid Game Crypto Scammers Rips Off Investors for Millions Anti-dumping code kept investors from selling SQUID while fraudsters cashed out.
02 November 2021

Ransomware Gangs Target Corporate Financial Activities

Ransomware Gangs Target Corporate Financial Activities The FBI is warning about a fresh extortion tactic: threatening to tank share prices for publicly held companies.
02 November 2021

Android Patches Actively Exploited Zero-Day Kernel Bug

Android Patches Actively Exploited Zero-Day Kernel Bug Google’s Android November 2021 security updates plug 18 flaws in the framework and system components and 18 more in the kernel and vendor components.
02 November 2021

Man charged with hacking major US sports leagues to illegally stream games

On top of illegally streaming sports games for profit, the man is also believed to have attempted to extort MLB for $150,000

The post Man charged with hacking major US sports leagues to illegally stream games appeared first on WeLiveSecurity

02 November 2021

Man charged with hacking major US sports leagues to illegally stream games

On top of illegally streaming sports games for profit, the man is also believed to have attempted to extort MLB for $150,000

The post Man charged with hacking major US sports leagues to illegally stream games appeared first on WeLiveSecurity

02 November 2021

Apple macOS Flaw Allows Kernel-Level Compromise

Apple macOS Flaw Allows Kernel-Level Compromise ‘Shrootless’ allows bypass of System Integrity Protection IT security measures to install a malicious rootkit that goes undetected and performs arbitrary device operations.
02 November 2021

The ‘Groove’ Ransomware Gang Was a Hoax

A number of publications in September warned about the emergence of "Groove," a new ransomware group that called on competing extortion gangs to unite in attacking U.S. government interests online. It now appears that Groove was all a big hoax designed to toy with security firms and journalists.
02 November 2021

Squid Game cryptocurrency creators pull the rug from under investors, steal millions

The coin has crashed in what appears to be an exit scam.
02 November 2021

Cybercriminals flog access to international shipping, logistics giants

The underground hosts initial access brokers with entry to companies key in global supply chains.
02 November 2021