Cybersecurity News


First-Ever Russian BEC Gang, Cosmic Lynx, Uncovered

First-Ever Russian BEC Gang, Cosmic Lynx, Uncovered Researchers warn that Cosmic Lynx targets firms that don't use DMARC and uses a "mergers and acquisitions" pretext that can lead to large sums of money being stolen.
07 July 2020

Cerberus banking Trojan infiltrates Google Play

The malware was found buried within a seemingly-innocent currency converter.
07 July 2020

Raising children in the social media limelight? Pause before you post

How (over)sharing your children’s triumphs and antics with the world may impact their immediate and distant future – and how to reduce the risks of ‘sharenting’

The post Raising children in the social media limelight? Pause before you post appeared first on WeLiveSecurity

07 July 2020

BEC Busts Take Down Multimillion-Dollar Operations

The two extraditions of business email compromise attackers indicate a step forward for international law enforcement collaboration.
06 July 2020

Attackers Scan for Vulnerable BIG-IP Devices After Flaw Disclosure

The US Cybersecurity and Infrastructure Security Agency encourages organizations to patch a critical flaw in the BIG-IP family of application delivery controllers, as firms find evidence that attackers are scanning for the critical vulnerability.
06 July 2020

North Korea's Lazarus Group Diversifies Into Card Skimming

Since at least May 2019, the state-sponsored threat actor has stolen card data from dozens of retailers, including major US firms.
06 July 2020

Android Users Hit with ‘Undeletable’ Adware

Android Users Hit with ‘Undeletable’ Adware Researcher say that 14.8 percent of Android users who were targeted with mobile malware or adware last year were left with undeletable files.
06 July 2020

Credit-Card Skimmer Seeks Websites Running Microsoft's ASP.NET

The payment-card skimmer targets websites hosted on Microsoft IIS servers and running the ASP.NET web framework.
06 July 2020

Admins Urged to Patch Critical F5 Flaw Under Active Attack

Admins Urged to Patch Critical F5 Flaw Under Active Attack Security experts and the U.S. Cyber Command are urging admins to update a critical flaw in F5 Networks, which is under active attack.
06 July 2020

Android Adware Tied to Undeletable Malware

Adware on inexpensive Android smartphone can carry additional malware and be undeletable.
06 July 2020

Lazarus Group Adds Magecart to the Mix

Lazarus Group Adds Magecart to the Mix North Korea-based APT is targeting online payments made by American and European shoppers.
06 July 2020

US Secret Service reports an increase in hacked managed service providers (MSPs)

US Secret Service says hackers are breaching MSPs to orchestrate ransomware attacks, point-of-sale intrusions, and business email compromise (BEC) scams.
06 July 2020

Purple Fox EK Adds Microsoft Exploits to Arsenal

Purple Fox EK Adds Microsoft Exploits to Arsenal Two exploits for Microsoft vulnerabilities have been added to the Purple Fox EK, showing ongoing development.
06 July 2020

The Fed shares insight on how to combat synthetic identity fraud

The Federal Reserve looks at ways to counter what is thought to be the fastest-growing type of financial crime in the country

The post The Fed shares insight on how to combat synthetic identity fraud appeared first on WeLiveSecurity

06 July 2020

Email Sender Identity is Key to Solving the Phishing Crisis

Email Sender Identity is Key to Solving the Phishing Crisis Almost 90% of email attacks manipulate sender identity to fool recipients and initiate social engineering attacks.
06 July 2020

How to Assess More Sophisticated IoT Threats

Securing the Internet of Things requires diligence in secure development and hardware design throughout the product life cycle, as well as resilience testing and system component analysis.
06 July 2020

VaultAge Solutions CEO goes into hiding to avoid cryptocurrency investors allegedly scammed out of $13 million

Roughly 2,000 investors have been left out of pocket by the alleged misappropriation of funds.
06 July 2020

Yahoo engineer gets no jail time after hacking 6,000 accounts to look for porn

Hacker sentenced to five years probation, with home confinement condition.
06 July 2020

USCYBERCOM urgently recommends F5 customers to patch CVE-2020-5902 and 5903 NOW

By William Knowles @c4i Senior Editor InfoSec News July 6, 2020 Just in case you accidentally had your work phone and duty pager in a Faraday bag all July 4th holiday weekend […]
06 July 2020

North Korean hackers linked to web skimming (Magecart) attacks, report says

After hacking banks and cryptocurrency exchanges, orchestrating ATM cash-outs, and deploying ransomware, North Korean hackers have now set their sights on online stores.
06 July 2020