Cybersecurity News
Sophisticated Android Spyware Attack Spreads via Google Play
The PhantomLance espionage campaign is targeting specific victims, mainly in Southeast Asia -- and could be the work of the OceanLotus APT.
28 April 2020
PhantomLance spying campaign breaches Google Play security
The four-year-long attack wave has been connected to dozens of malicious apps found in app stores.28 April 2020
What's Your Cybersecurity Architecture Integration Business Plan?
To get the most out of your enterprise cybersecurity products, they need to work together. But getting those products talking to each other isn't easy.28 April 2020
New Startup Accurics Tackles Cloud Infrastructure Security
Accurics offers a free product to prevent "drift" between infrastructure defined through code and infrastructure running in the cloud.28 April 2020
Troves of Zoom Credentials Shared on Hacker Forums
Several new databases have been uncovered on underground forums sharing recycled Zoom credentials.
28 April 2020
Grandoreiro: How engorged can an EXE get?
Another in our occasional series demystifying Latin American banking trojans
The post Grandoreiro: How engorged can an EXE get? appeared first on WeLiveSecurity
28 April 2020
Android OEM patch rates have improved, with Nokia and Google leading the charge
The Android OEM patch rate has gone down from 44 days in 2018 to 38 days today.28 April 2020
Hackers are creating backdoor accounts and cookie files on WordPress sites running OneTone
Attacks began earlier this month after WordPress theme developer did not release a patch for a trivial bug.28 April 2020
Consumers benefit as video call vendors scramble to revamp security in a COVID-19 world
Houseparty, Discord, and Doxy.me, however, fail to meet basic security standards, new research suggests.28 April 2020
Biopharmaceutical Firm Suffers Ransomware Attack, Data Dump
ExecuPharm said its internal servers were hit with ransomware after attackers launched a phishing attack.27 April 2020
Top 10 Cyber Incident Response Mistakes and How to Avoid Them
From lack of planning to rushing the closure of incidents, these mistakes seriously harm IR effectiveness.
27 April 2020
Attackers Target Sophos Firewalls with Zero-Day
Remote exploit compromises specific configurations of XG firewalls with the intent of stealing data from the devices.27 April 2020
GDPR Compliance Site Leaks Git Data, Passwords
Researchers discovered a .git folder exposing passwords and more for a website that gives advice to organizations about complying with the General Data Protection Regulation (GDPR) rules.
27 April 2020
Will the Pandemic Complicate Cyber Insurance Claims?
While quarantined workers are keeping safe at home, they could be jeopardizing your insurance policy.
27 April 2020
Microsoft Patches Dangerous Teams Vulnerability
CyberArk says issue would have allowed attackers to take over Teams accounts using a malicious GIF.27 April 2020
You can now manage Windows 10 devices through G Suite
G Suite gets a long-awaited feature -- Windows 10 device management.27 April 2020
Microsoft Advisory Warns of Vulnerabilities Affecting Office
The flaws exist in Autodesk's FBX Software Development Kit, which is supported in Microsoft Office 2019 and Office 365 ProPlus.27 April 2020
Financial sector is seeing more credential stuffing than DDoS attacks
North American financial institutions and banks are targeted the most, primarily because most leaked credentials are from US services.27 April 2020
Cloud Services Are the New Critical Infrastructure. Can We Rely on Them?
If cloud services vendors successfully asked themselves these three questions, we'd all be better off.27 April 2020
Microsoft Teams flaw could let attackers hijack accounts
Microsoft plugs a security hole that could have enabled attackers to weaponize a GIF in order to hijack Teams accounts and steal data
The post Microsoft Teams flaw could let attackers hijack accounts appeared first on WeLiveSecurity
27 April 2020