Cybersecurity News


New wormable Android malware poses as Netflix to hijack WhatsApp sessions

Users are lured in with the promise of a free premium subscription.
07 April 2021

Supply‑chain attacks: When trust goes wrong, try hope?

How can organizations tackle the growing menace of attacks that shake trust in software?

The post Supply‑chain attacks: When trust goes wrong, try hope? appeared first on WeLiveSecurity

07 April 2021

Data of 553m Facebook users dumped online: how to see if you are impacted

The data is old but that doesn’t mean it still can’t be used.
07 April 2021

Microsoft Teams, Exchange Server, Windows 10 Hacked in Pwn2Own 2021

The 2021 Pwn2Own is among the largest in its history, with 23 separate entries targeting 10 products.
06 April 2021

Security Falls Short in Rapid COVID Cloud Migration

The quick pivot to the cloud for remote support also ushered in risks.
06 April 2021

Crime Service Gives Firms Another Reason to Purge Macros

Recent Trickbot campaigns and at least three common banking Trojans all attempt to infect systems using malicious macros in Microsoft Office documents created using EtterSilent.
06 April 2021

Critical Cloud Bug in VMWare Carbon Black Allows Takeover

Critical Cloud Bug in VMWare Carbon Black Allows Takeover CVE-2021-21982 affects a platform designed to secure private clouds, and the virtual servers and workloads that they contain.
06 April 2021

Chinese Hackers Selling Intimate Stolen Camera Footage

Chinese Hackers Selling Intimate Stolen Camera Footage A massive operation offers access to hacked camera feeds in bedrooms and at hotels.
06 April 2021

The Edge Pro Tip: Update Your DDoS Defense Plan

The Edge Pro Tip: Update Your DDoS Defense Plan The idea of monetizing distributed denial-of-service (DDoS) attacks dates back to the 1990s. But the rise of DDoS-for-hire services and cryptocurrencies has radically changed the landscape.
06 April 2021

Are You One of the 533M People Who Got Facebooked?

Ne'er-do-wells leaked personal data -- including phone numbers -- for some 553 million Facebook users this week. Facebook says the data was collected before 2020 when it changed things to prevent such information from being scraped from profiles. To my mind, this just reinforces the need to remove mobile phone numbers from all of your online accounts wherever feasible. Meanwhile, if you're a Facebook product user and want to learn if your data was leaked, there are easy ways to find out.
06 April 2021

SAP Bugs Under Active Cyberattack, Causing Widespread Compromise

SAP Bugs Under Active Cyberattack, Causing Widespread Compromise Cyberattackers are actively exploiting known security vulnerabilities in widely deployed, mission-critical SAP applications, allowing for full takeover and the ability to infest an organization further.
06 April 2021

Ryuk's Rampage Has Lessons for the Enterprise

The Ryuk ransomware epidemic is no accident. The cybercriminals responsible for its spread have systematically exploited weaknesses in enterprise defenses that must be addressed.
06 April 2021

9 Modern-Day Best Practices for Log Management

9 Modern-Day Best Practices for Log Management Log management is nothing new. But doing so smartly, correctly, and concisely in today's data-driven world is another story.
06 April 2021

NFT Thefts Reveal Security Risks in Coupling Private Keys & Digital Assets

Compromised NFT accounts highlight security concerns inherent in the design of centralized systems.
06 April 2021

Conti Gang Demands $40M Ransom from Florida School District

Conti Gang Demands $40M Ransom from Florida School District New details of negotiation between attackers and officials from Broward County Public Schools emerge after a ransomware attack early last month.
06 April 2021

SAP issues advisory on the exploit of old vulnerabilities to target enterprise applications

New research also reveals that SAP vulnerabilities, on average, are weaponized in less than 72 hours.
06 April 2021

Industries critical to COVID-19 response suffer surge in cloud cyberattacks

An increase in cloud adoption is being blamed for new security chasms.
06 April 2021

Meet Janeleiro: a new banking Trojan striking company, government targets

The .NET Trojan’s developers don’t seem to care about staying undetected.
06 April 2021

Janeleiro, the time traveler: A new old banking trojan in Brazil

ESET Research uncovers a new threat that targets organizations operating in various sectors in Brazil

The post Janeleiro, the time traveler: A new old banking trojan in Brazil appeared first on WeLiveSecurity

06 April 2021

FBI, CISA warn Fortinet FortiOS vulnerabilities are being actively exploited

APT groups are suspected of harnessing three bugs, two critical, for data exfiltration purposes.
06 April 2021