Cybersecurity News
Fiserv Forgets to Buy Domain It Used as System Default
Fintech security provider Fiserv acknowledges it used unregistered domain as default email.
18 March 2021
Trojanized Xcode Project Slips MacOS Malware to Apple Developers
In a new campaign, threat actors are bundling macOS malware in trojanized Apple Xcode developer projects.
18 March 2021
Women's History Month: Making Mentorship Meaningful
This month is a perfect opportunity for us to take a step back and think about what role we want to play as women in the technology sector.18 March 2021
New CopperStealer Malware Hijacks Social Media Accounts
Proofpoint researchers say it steals logins and spreads more malware.18 March 2021
FBI: Business Email Compromise Cost $1.8B in 2020
The Internet Crime Complaint Center received a record 791,790 complaints last year, with reported losses exceeding $4.1 billion.18 March 2021
Beware the Package Typosquatting Supply Chain Attack
Attackers are mimicking the names of existing packages on public registries in hopes that users or developers will accidentally download these malicious packages instead of legitimate ones.18 March 2021
FBI: Cybercrime losses topped US$4.2 billion in 2020
The Bureau received over 28,000 reports of COVID-19-themed scams last year
The post FBI: Cybercrime losses topped US$4.2 billion in 2020 appeared first on WeLiveSecurity
18 March 2021
SolarWinds-linked hacking group SilverFish abuses enterprise victims for sandbox tests
Existing victim networks are used to test out payloads as a novel form of sandbox.18 March 2021
Zoom Screen-Sharing Glitch ‘Briefly’ Leaks Sensitive Data
A glitch in Zoom's screen-sharing feature shows parts of presenters' screens that they did not intend to share - potentially leaking emails or passwords.
18 March 2021
Security Researcher Hides ZIP, MP3 Files Inside PNG Files on Twitter
The newly discovered steganography method could be exploited by threat actors to obscure nefarious activity inside photos hosted on the social-media platform.
18 March 2021
Beware Android trojan posing as Clubhouse app
The malware can grab login credentials for more than 450 apps and bypass SMS-based two-factor authentication
The post Beware Android trojan posing as Clubhouse app appeared first on WeLiveSecurity
18 March 2021
What CISOs Can Learn From Big Breaches: Focus on the Root Causes
Address these six technical root causes of breaches in order to keep your company safer.18 March 2021
Apple developers targeted by new malware, EggShell backdoor
macOS malware is being spread via compromised Xcode projects.18 March 2021
US taxpayers targeted in NetWire, Remcos Trojan attack wave
Cyberattackers are looking to cash in on this year’s tax season.18 March 2021
Ransom Payments Have Nearly Tripled
In 2020, ransomware targeted the manufacturing sector, healthcare organizations, and construction companies, with the average ransom reaching $312,000, a report finds.18 March 2021
Tutor LMS for WordPress Open to Info-Stealing Security Holes
The popular learning-management system for teacher-student communication is rife with SQL-injection vulnerabilities.
18 March 2021
Mimecast reveals source code theft in SolarWinds hack
Some customer records were also compromised in the breach.18 March 2021
Mimecast Says SolarWinds Attackers Accessed its Source Code Repositories
But the amount of code downloaded is too little to be of any use, the email security vendor says in its latest update.17 March 2021
Cisco Plugs Security Hole in Small Business Routers
The Cisco security vulnerability exists in the RV132W ADSL2+ Wireless-N VPN Routers and RV134W VDSL2 Wireless-AC VPN Routers.
17 March 2021