Cybersecurity News
Encrypted & Fileless Malware Sees Big Growth
An analysis of second-quarter malware trends shows that threats are becoming stealthier.
04 October 2021
What Happened to Facebook, Instagram, & WhatsApp?
Facebook and its sister properties Instagram and WhatsApp are suffering from ongoing, global outages. We don't yet know why this happened, but the how is clear: Earlier this morning, something inside Facebook caused the company to revoke key digital records that tell computers and other Internet-enabled devices how to find these destinations online.04 October 2021
Transnational Fraud Ring Bilks U.S. Military Service Members Out of Millions
A former medical records tech stole PII that was then used to fraudulently claim DoD and VA benefits, particularly targeting disabled veterans.
04 October 2021
Fraudster jailed for stealing US military health records, millions in benefits
Military benefit fraud was the goal of a transnational criminal ring.04 October 2021
MFA Glitch Leads to 6K+ Coinbase Customers Getting Robbed
Coinbase suspects phishing led to attackers getting personal details needed to access wallets but also blamed a flaw in its SMS-based 2FA.
01 October 2021
3.1M Neiman Marcus Customer Card Details Breached
Experts say the detection delay of 17 months is a colossal security blunder by the retailer.
01 October 2021
Week in security with Tony Anscombe
New ESET Threat Report is out – Cybersecurity Awareness Month begins today – What organizations should do to secure their VPNs
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
01 October 2021
Flubot Malware Targets Androids With Fake Security Updates
The banking trojan keeps switching up its lies, trying to fool Android users into clicking on a fake Flubot-deleting app or supposedly uploaded photos of recipients.
01 October 2021
FCC Proposal Targets SIM Swapping, Port-Out Fraud
The U.S. Federal Communications Commission (FCC) is asking for feedback on new proposed rules to crack down on SIM swapping and number port-out fraud, increasingly prevalent scams in which identity thieves hijack a target's mobile phone number and use that to wrest control over the victim's online identity.01 October 2021
New APT ChamelGang Targets Russian Energy, Aviation Orgs
First appearing in March, the group has been leveraging ProxyShell against targets in 10 countries and employs a variety of malware to steal data from compromised networks.
01 October 2021
Chief exec of cybersecurity Group-IB arrested on treason charge
Group-IB maintains the CEO is innocent.01 October 2021
Android, Java bug bunting tool Mariana Trench goes open source
Mariana Trench originated as an internal Facebook tool.01 October 2021
October is Cybersecurity Awareness Month! Why being cyber‑smart matters
The campaign may last for a month, but we should remember that cybersecurity is a year-round affair
The post October is Cybersecurity Awareness Month! Why being cyber‑smart matters appeared first on WeLiveSecurity
01 October 2021
Google Emergency Update Fixes Two Chrome Zero Days
This is the second pair of zero days that Google's fixed this month, all four of which have been actively exploited in the wild.
30 September 2021
Military’s RFID Tracking of Guns May Endanger Troops
RFID gun tags leave the military exposed to tracking, sniffing and spoofing attacks, experts say.
30 September 2021
Tips & Tricks for Unmasking Ghoulish API Behavior
Jason Kent, hacker-in-residence at Cequence Security, discusses how to track user-agent connections to mobile and desktop APIs, to spot malicious activity.
30 September 2021
Hackers could force locked iPhones to make contactless payments
Flaws in Apple Pay and Visa could allow criminals to make arbitrary contactless payments – no authentication needed, research finds
The post Hackers could force locked iPhones to make contactless payments appeared first on WeLiveSecurity
30 September 2021
Just Published: P2PE v3.1
Today, the PCI SSC published a minor revision to the PCI Point-to-Point Encryption (P2PE) ® Standard. We talk with Mike Thompson, Senior Manager of Emerging Standards and the Chair of the PCI Council’s P2PE Working Group, about some of these changes.
30 September 2021
Proxy Phantom: Fraud rings flood online merchants with credential stuffing attacks
Over 1.5 million stolen credential sets are being used by one fraud operation.30 September 2021
The Top Ransomware Threats Aren’t Who You Think
Move over REvil, Ragnar Locker, BlackMatter, Conti et al: Three lesser-known gangs account for the vast majority of ransomware attacks in the U.S. and globally.
30 September 2021