Cybersecurity News


Encrypted & Fileless Malware Sees Big Growth

Encrypted & Fileless Malware Sees Big Growth An analysis of second-quarter malware trends shows that threats are becoming stealthier.
04 October 2021

What Happened to Facebook, Instagram, & WhatsApp?

Facebook and its sister properties Instagram and WhatsApp are suffering from ongoing, global outages. We don't yet know why this happened, but the how is clear: Earlier this morning, something inside Facebook caused the company to revoke key digital records that tell computers and other Internet-enabled devices how to find these destinations online.
04 October 2021

Transnational Fraud Ring Bilks U.S. Military Service Members Out of Millions

Transnational Fraud Ring Bilks U.S. Military Service Members Out of Millions A former medical records tech stole PII that was then used to fraudulently claim DoD and VA benefits, particularly targeting disabled veterans.
04 October 2021

Fraudster jailed for stealing US military health records, millions in benefits

Military benefit fraud was the goal of a transnational criminal ring.
04 October 2021

MFA Glitch Leads to 6K+ Coinbase Customers Getting Robbed

MFA Glitch Leads to 6K+ Coinbase Customers Getting Robbed Coinbase suspects phishing led to attackers getting personal details needed to access wallets but also blamed a flaw in its SMS-based 2FA.
01 October 2021

3.1M Neiman Marcus Customer Card Details Breached

3.1M Neiman Marcus Customer Card Details Breached Experts say the detection delay of 17 months is a colossal security blunder by the retailer. 
01 October 2021

Week in security with Tony Anscombe

New ESET Threat Report is out – Cybersecurity Awareness Month begins today – What organizations should do to secure their VPNs

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

01 October 2021

Flubot Malware Targets Androids With Fake Security Updates

Flubot Malware Targets Androids With Fake Security Updates The banking trojan keeps switching up its lies, trying to fool Android users into clicking on a fake Flubot-deleting app or supposedly uploaded photos of recipients.
01 October 2021

FCC Proposal Targets SIM Swapping, Port-Out Fraud

The U.S. Federal Communications Commission (FCC) is asking for feedback on new proposed rules to crack down on SIM swapping and number port-out fraud, increasingly prevalent scams in which identity thieves hijack a target's mobile phone number and use that to wrest control over the victim's online identity.
01 October 2021

New APT ChamelGang Targets Russian Energy, Aviation Orgs

New APT ChamelGang Targets Russian Energy, Aviation Orgs First appearing in March, the group has been leveraging ProxyShell against targets in 10 countries and employs a variety of malware to steal data from compromised networks.
01 October 2021

Chief exec of cybersecurity Group-IB arrested on treason charge

Group-IB maintains the CEO is innocent.
01 October 2021

Android, Java bug bunting tool Mariana Trench goes open source

Mariana Trench originated as an internal Facebook tool.
01 October 2021

October is Cybersecurity Awareness Month! Why being cyber‑smart matters

The campaign may last for a month, but we should remember that cybersecurity is a year-round affair

The post October is Cybersecurity Awareness Month! Why being cyber‑smart matters appeared first on WeLiveSecurity

01 October 2021

Google Emergency Update Fixes Two Chrome Zero Days

Google Emergency Update Fixes Two Chrome Zero Days This is the second pair of zero days that Google's fixed this month, all four of which have been actively exploited in the wild.
30 September 2021

Military’s RFID Tracking of Guns May Endanger Troops

Military’s RFID Tracking of Guns May Endanger Troops RFID gun tags leave the military exposed to tracking, sniffing and spoofing attacks, experts say.  
30 September 2021

Tips & Tricks for Unmasking Ghoulish API Behavior

Tips & Tricks for Unmasking Ghoulish API Behavior Jason Kent, hacker-in-residence at Cequence Security, discusses how to track user-agent connections to mobile and desktop APIs, to spot malicious activity.
30 September 2021

Hackers could force locked iPhones to make contactless payments

Flaws in Apple Pay and Visa could allow criminals to make arbitrary contactless payments – no authentication needed, research finds

The post Hackers could force locked iPhones to make contactless payments appeared first on WeLiveSecurity

30 September 2021

Just Published: P2PE v3.1


Today, the PCI SSC published a minor revision to the PCI Point-to-Point Encryption (P2PE) ® Standard. We talk with Mike Thompson, Senior Manager of Emerging Standards and the Chair of the PCI Council’s P2PE Working Group, about some of these changes.

30 September 2021

Proxy Phantom: Fraud rings flood online merchants with credential stuffing attacks

Over 1.5 million stolen credential sets are being used by one fraud operation.
30 September 2021

The Top Ransomware Threats Aren’t Who You Think

The Top Ransomware Threats Aren’t Who You Think Move over REvil, Ragnar Locker, BlackMatter, Conti et al: Three lesser-known gangs account for the vast majority of ransomware attacks in the U.S. and globally.
30 September 2021