Cybersecurity News
Critical Cisco Bug in Small Business Routers to Remain Unpatched

InkySquid State Actor Exploiting Known IE Bugs

Windows EoP Bug Detailed by Google Project Zero

COVID-19 Contact-Tracing Data Exposed, Fake Vax Cards Circulate

Wanted: Disgruntled Employees to Deploy Ransomware
Criminal hackers will try almost anything to get inside a profitable enterprise and secure a million-dollar payday from a ransomware infection. Apparently now that includes emailing employees directly and asking them to unleash the malware inside their employer's network in exchange for a percentage of any ransom amount paid by the victim company.Postmortem on U.S. Census Hack Exposes Cybersecurity Failures

Are you, the customer, the one paying the ransomware demand?
Ransomware payments may have greater implications than you thought – and not just for the company that gave in to the attackers’ demands
The post Are you, the customer, the one paying the ransomware demand? appeared first on WeLiveSecurity
Bogus Cryptomining Apps Infest Google Play

T-Mobile: >40 Million Customers’ Data Stolen

T-Mobile: Breach Exposed SSN/DOB of 40M+ People
T-Mobile warned Monday that a data breach has exposed the names, date of birth, Social Security number and driver's license/ID information of more than 40 million current, former or prospective customers. The acknowledgment came less than 48 hours after millions of the stolen T-Mobile customer records went up for sale in the cybercrime underground.Health authorities in 40 countries targeted by COVID‑19 vaccine scammers
Fraudsters impersonate vaccine manufacturers and authorities overseeing vaccine distribution efforts, INTERPOL warns
The post Health authorities in 40 countries targeted by COVID‑19 vaccine scammers appeared first on WeLiveSecurity
Memory Bugs in BlackBerry’s QNX Embedded OS Open Devices to Attacks

Kerberos Authentication Spoofing: Don’t Bypass the Spec

Unpatched Fortinet Bug Allows Firewall Takeovers

HolesWarm Malware Exploits Unpatched Windows, Linux Servers

The Overlooked Security Risks of The Cloud

Back-to-Basics: Secure Remote Access
As small and medium businesses begin to re-open following the pandemic, it’s important to do so securely in order to protect customer’s payment card data. Too often, data breaches happen as a result of vulnerabilities that are entirely preventable. The PCI Security Standards Council (PCI SSC) has developed a set of payment protection resources for small businesses. In this 8-part back-to-basics series, we highlight payment security basics for protecting against payment data theft. Today’s blog focuses on securing remote access.
LockBit 2.0 Ransomware Proliferates Globally

Bug in Millions of Flawed IoT Devices Lets Attackers Eavesdrop

Nearly 2 million records from terrorist watchlist exposed online
The secret list was exposed online for three weeks, allowing anyone to access it without any kind of authentication
The post Nearly 2 million records from terrorist watchlist exposed online appeared first on WeLiveSecurity