Cybersecurity News


Active Exploits Hit Vulnerable WordPress ThemeGrill Plugin

Active Exploits Hit Vulnerable WordPress ThemeGrill Plugin Websites using a vulnerable version of the WordPress plugin, ThemeGrill Demo Importer, are being targeted by attackers.
18 February 2020

1.7M Nedbank Customers Affected via Third-Party Breach

A vulnerability in the network of marketing contractor Computer Facilities led to a breach at the South African bank.
18 February 2020

Plugin flaw leaves up to 200,000 WordPress sites at risk of attack

A fix is available, so you may want to make sure that you run the plugin’s latest version

The post Plugin flaw leaves up to 200,000 WordPress sites at risk of attack appeared first on WeLiveSecurity

18 February 2020

Ring to enable 2FA for all user accounts after recent hacks

Google made 2FA mandatory for all Nest users last week.
18 February 2020

Firmware Weaknesses Can Turn Computer Subsystems into Trojans

Network cards, video cameras, and graphics adapters are a few of the subsystems whose lack of security could allow attackers to turn them into spy implants.
18 February 2020

Staircase to the Cloud: Dark Reading Caption Contest Winners

Staircase to the Cloud: Dark Reading Caption Contest Winners A humorous nod to the lack of gender equity in cybersecurity hiring was our judges' unanimous choice. And the winners are ...
18 February 2020

The Road(s) to Riches

You could be making millions in just two years!
18 February 2020

Hacker Scheme Threatens AdSense Customers with Account Suspension

Hacker Scheme Threatens AdSense Customers with Account Suspension Scam threatens to flood sites using Google’s banner-ad program with bot and junk traffic if owners don’t pay $5K in bitcoin.
18 February 2020

16 DDoS attacks take place every 60 seconds, rates reach 622 Gbps

With over 23,000 recorded attacks per day, customer-facing enterprise services are bearing the brunt of attacks.
18 February 2020

8 Things Users Do That Make Security Pros Miserable

8 Things Users Do That Make Security Pros Miserable When a user interacts with an enterprise system the result can be productivity or disaster. Here are 8 opportunities for the disaster side to win out over the productive.
18 February 2020

Lenovo, HP, Dell Peripherals Face Unpatched Firmware Bugs

Lenovo, HP, Dell Peripherals Face Unpatched Firmware Bugs A lack of proper code-signing verification and authentication for firmware updates opens the door to information disclosure, remote code execution, denial of service and more.
18 February 2020

Five years after the Equation Group HDD hacks, firmware security still sucks

Device manufacturers are not forcing driver signatures at all times.
18 February 2020

Microsoft to deploy ElectionGuard voting software for the first time tomorrow

Residents in Fulton, Wisconsin will elect representatives for the Wisconsin Supreme Court via voting machines running Microsoft's ElectionGuard voting software.
17 February 2020

Microsoft to deploy ElectionGuard voting software for the first time

Residents in Fulton, Wisconsin will elect representatives for the Wisconsin Supreme Court via voting machines running Microsoft's ElectionGuard voting software.
17 February 2020

Bug in WordPress plugin can let hackers wipe up to 200,000 sites

Same bug can also let attackers gain access to the admin account.
17 February 2020

FC Barcelona Twitter account hacked – again

The same hackers have also got their mitts on social media accounts of other high-profile sporting targets

The post FC Barcelona Twitter account hacked – again appeared first on WeLiveSecurity

17 February 2020

Pay Up, Or We’ll Make Google Ban Your Ads

A new email-based extortion scheme apparently is making the rounds, targeting Web site owners serving banner ads through Google's AdSense program. In this scam, the fraudsters demand bitcoin in exchange for a promise not to flood the publisher's ads with so much bot and junk traffic that Google's automated anti-fraud systems suspend the user's AdSense account for suspicious traffic.
17 February 2020

Israeli soldiers tricked into installing malware by Hamas agents posing as women

IDF: Six social media accounts were redirecting soldiers to installing three malware-infected apps.
16 February 2020

Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world

Iranian hackers have targeted Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs to hack into large companies.
16 February 2020

Our personal health history is too valuable to be harvested by the tech giants | Eerke Boiten

Our personal health history is too valuable to be harvested by the tech giants | Eerke Boiten

Action to prevent deeper access to our private lives and data is more essential than ever

Health data paints a rich picture of our lives. Even if you remove your name, date of birth and NHS number to “anonymise” yourself, a full health history will reveal your age, gender, the places where you have lived, your family relationships and aspects of your lifestyle.

Used in combination with other available information, this may be enough to verify that this medical history relates to you personally and to target you online. Consequently, whenever the NHS shares health data, even if it is anonymised, we need to have confidence in who it goes to and what they can do with it.

When data about us influences a credit rating or a hiring decision, we are unlikely ever to find out

Continue reading...
16 February 2020