Cybersecurity News


Zales.com Leaked Customer Data, Just Like Sister Firms Jared, Kay Jewelers Did in 2018

In December 2018, bling vendor Signet Jewelers fixed a weakness in their Kay Jewelers and Jared websites that exposed the order information for all of their online customers. This week, Signet subsidiary Zales.com updated its website to remediate a nearly identical customer data exposure.
28 October 2021

EU’s Green Pass Vaccination ID Private Key Leaked

EU’s Green Pass Vaccination ID Private Key Leaked The private key used to sign the vaccine passports was leaked and is being passed around to create fake passes for the likes of Mickey Mouse and Adolf Hitler.
28 October 2021

Grief Ransomware Targets NRA

Grief Ransomware Targets NRA Grief, a ransomware group with ties to Russia-based Evil Corp, claims to have stolen data from the gun-rights group and has posted files on its dark web site. 
28 October 2021

5 tips for parents for a cybersecure Halloween

What are some of the key dangers faced by children online and how can you help protect them from the ghosts, ghouls and goblins creeping on the internet?

The post 5 tips for parents for a cybersecure Halloween appeared first on WeLiveSecurity

28 October 2021

5 tips for parents for a cybersecure Halloween

What are some of the key dangers faced by children online and how can you help protect them from the ghosts, ghouls and goblins creeping on the internet?

The post 5 tips for parents for a cybersecure Halloween appeared first on WeLiveSecurity

28 October 2021

WordPress Plugin Bug Lets Subscribers Wipe Sites

WordPress Plugin Bug Lets Subscribers Wipe Sites The flaw, found in the Hashthemes Demo Importer plugin, allows any authenticated user to exsanguinate a vulnerable WordPress site, deleting nearly all database content and uploaded media.
27 October 2021

Ransomware Attacks Are Evolving. Your Security Strategy Should, Too

Ransomware Attacks Are Evolving. Your Security Strategy Should, Too Defending against ransomware will take a move to zero-trust, argues Daniel Spicer, CSO, Ivanti.
27 October 2021

Teen Rakes in $2.74M Worth of Bitcoin in Phishing Scam

Teen Rakes in $2.74M Worth of Bitcoin in Phishing Scam The kid was busted after abusing Google Ads to lure users to his fake gift card site. 
27 October 2021

Adobe’s Surprise Security Bulletin Dominated by Critical Patches

Adobe’s Surprise Security Bulletin Dominated by Critical Patches Out of 92 security vulnerabilities, 66 are rated critical in severity, mostly allowing code execution. The most severe can lead to information disclosure.
27 October 2021

War-Driving Technique Allows Wi-Fi Password-Cracking at Scale

War-Driving Technique Allows Wi-Fi Password-Cracking at Scale A researcher was able to crack 70 percent of the gathered hashes in an experiment in a residential neighborhood.
27 October 2021

Apple Patches Critical iOS Bugs; One Under Attack

Apple Patches Critical iOS Bugs; One Under Attack Researchers found that one critical flaw in question is exploitable from the browser, allowing watering-hole attacks.
27 October 2021

Dark HunTOR: 150 arrested, $31 million seized in major dark web bust

The police sting spanned three continents and involved crackdowns in nine countries

The post Dark HunTOR: 150 arrested, $31 million seized in major dark web bust appeared first on WeLiveSecurity

27 October 2021

Dark HunTOR: 150 arrested, $31 million seized in major dark web bust

The police sting spanned three continents and involved crackdowns in nine countries

The post Dark HunTOR: 150 arrested, $31 million seized in major dark web bust appeared first on WeLiveSecurity

27 October 2021

Weeks early: Adobe dumps massive security patch update

The security update targets 14 products.
27 October 2021

Cyberattack Cripples Iranian Fuel Distribution Network

Cyberattack Cripples Iranian Fuel Distribution Network The incident triggered shutdowns at pumps across the country as attackers flashed the phone number of Supreme Leader Ali Khamenei across video screens.
27 October 2021

Cyber Attack Cripples Iranian Fuel Distribution Network

Cyber Attack Cripples Iranian Fuel Distribution Network The incident triggered shutdowns at pumps across the country as attackers flashed the phone number of Supreme Leader Ali Khamenei across video screens.
27 October 2021

Meet Balikbayan Foxes: a threat group impersonating the Philippine gov't

The gang is also taking advantage of COVID-19 to propagate Trojan malware.
27 October 2021

Wslink: Unique and undocumented malicious loader that runs as a server

There are no code, functionality or operational similarities to suggest that this is a tool from a known threat actor

The post Wslink: Unique and undocumented malicious loader that runs as a server appeared first on WeLiveSecurity

27 October 2021

Wslink: Unique and undocumented malicious loader that runs as a server

There are no code, functionality or operational similarities to suggest that this is a tool from a known threat actor

The post Wslink: Unique and undocumented malicious loader that runs as a server appeared first on WeLiveSecurity

27 October 2021

SquirrelWaffle Loader Malspams, Packing Qakbot, Cobalt Strike

SquirrelWaffle Loader Malspams, Packing Qakbot, Cobalt Strike Say hello to what could be the next big spam player: SquirrelWaffle, which is spreading with increasing frequency via spam campaigns and infecting systems with a new malware loader.
26 October 2021