Cybersecurity News
Zales.com Leaked Customer Data, Just Like Sister Firms Jared, Kay Jewelers Did in 2018
In December 2018, bling vendor Signet Jewelers fixed a weakness in their Kay Jewelers and Jared websites that exposed the order information for all of their online customers. This week, Signet subsidiary Zales.com updated its website to remediate a nearly identical customer data exposure.EU’s Green Pass Vaccination ID Private Key Leaked
The private key used to sign the vaccine passports was leaked and is being passed around to create fake passes for the likes of Mickey Mouse and Adolf Hitler.
Grief Ransomware Targets NRA
Grief, a ransomware group with ties to Russia-based Evil Corp, claims to have stolen data from the gun-rights group and has posted files on its dark web site.
5 tips for parents for a cybersecure Halloween
What are some of the key dangers faced by children online and how can you help protect them from the ghosts, ghouls and goblins creeping on the internet?
The post 5 tips for parents for a cybersecure Halloween appeared first on WeLiveSecurity
5 tips for parents for a cybersecure Halloween
What are some of the key dangers faced by children online and how can you help protect them from the ghosts, ghouls and goblins creeping on the internet?
The post 5 tips for parents for a cybersecure Halloween appeared first on WeLiveSecurity
WordPress Plugin Bug Lets Subscribers Wipe Sites
The flaw, found in the Hashthemes Demo Importer plugin, allows any authenticated user to exsanguinate a vulnerable WordPress site, deleting nearly all database content and uploaded media.
Ransomware Attacks Are Evolving. Your Security Strategy Should, Too
Defending against ransomware will take a move to zero-trust, argues Daniel Spicer, CSO, Ivanti.
Teen Rakes in $2.74M Worth of Bitcoin in Phishing Scam
The kid was busted after abusing Google Ads to lure users to his fake gift card site.
Adobe’s Surprise Security Bulletin Dominated by Critical Patches
Out of 92 security vulnerabilities, 66 are rated critical in severity, mostly allowing code execution. The most severe can lead to information disclosure.
War-Driving Technique Allows Wi-Fi Password-Cracking at Scale
A researcher was able to crack 70 percent of the gathered hashes in an experiment in a residential neighborhood.
Apple Patches Critical iOS Bugs; One Under Attack
Researchers found that one critical flaw in question is exploitable from the browser, allowing watering-hole attacks.
Dark HunTOR: 150 arrested, $31 million seized in major dark web bust
The police sting spanned three continents and involved crackdowns in nine countries
The post Dark HunTOR: 150 arrested, $31 million seized in major dark web bust appeared first on WeLiveSecurity
Dark HunTOR: 150 arrested, $31 million seized in major dark web bust
The police sting spanned three continents and involved crackdowns in nine countries
The post Dark HunTOR: 150 arrested, $31 million seized in major dark web bust appeared first on WeLiveSecurity
Weeks early: Adobe dumps massive security patch update
The security update targets 14 products.Cyberattack Cripples Iranian Fuel Distribution Network
The incident triggered shutdowns at pumps across the country as attackers flashed the phone number of Supreme Leader Ali Khamenei across video screens.
Cyber Attack Cripples Iranian Fuel Distribution Network
The incident triggered shutdowns at pumps across the country as attackers flashed the phone number of Supreme Leader Ali Khamenei across video screens.
Meet Balikbayan Foxes: a threat group impersonating the Philippine gov't
The gang is also taking advantage of COVID-19 to propagate Trojan malware.Wslink: Unique and undocumented malicious loader that runs as a server
There are no code, functionality or operational similarities to suggest that this is a tool from a known threat actor
The post Wslink: Unique and undocumented malicious loader that runs as a server appeared first on WeLiveSecurity
Wslink: Unique and undocumented malicious loader that runs as a server
There are no code, functionality or operational similarities to suggest that this is a tool from a known threat actor
The post Wslink: Unique and undocumented malicious loader that runs as a server appeared first on WeLiveSecurity
SquirrelWaffle Loader Malspams, Packing Qakbot, Cobalt Strike
Say hello to what could be the next big spam player: SquirrelWaffle, which is spreading with increasing frequency via spam campaigns and infecting systems with a new malware loader.