Cybersecurity News


Buying a secondhand device? Here’s what to keep in mind

If you’re trying to be responsible towards the planet, also be responsible to yourself and take these steps so that the device doesn’t end up costing you more than you’ve saved

The post Buying a secondhand device? Here’s what to keep in mind appeared first on WeLiveSecurity

22 April 2020

Smart IoT home hubs vulnerable to remote code execution attacks

IoT hubs used in homes and offices were found to be susceptible to exploit due to critical bugs in their firmware.
22 April 2020

Serious flaws found in multiple smart home hubs: Is your device among them?

In worst-case scenarios, some vulnerabilities could even allow attackers to take control over the central units and all peripheral devices connected to them

The post Serious flaws found in multiple smart home hubs: Is your device among them? appeared first on WeLiveSecurity

22 April 2020

Automated Bots Are Increasingly Scraping Data & Attempting Logins

The share of bot traffic to online sites declines, but businesses are seeing an overall increase in automated scraping of data, login attempts, and other detrimental activity.
21 April 2020

Banking.BR Android Trojan Emerges in Credential-Stealing Attacks

Banking.BR Android Trojan Emerges in Credential-Stealing Attacks A new Android trojan targets banking customers with overlay attacks to steal their bank credentials and ultimately take over their accounts.
21 April 2020

Researchers Use Microsoft Terminal Services Client in New Attack Method

The technique would enable attackers to run malicious code via Remote Desktop Protocol using DLL side-loading to bypass security controls.
21 April 2020

NFL Tackles Cybersecurity Concerns Ahead of 2020 Draft Day

NFL Tackles Cybersecurity Concerns Ahead of 2020 Draft Day Researchers weigh in on potential security concerns surrounding the 2020 NFL Draft.
21 April 2020

New iOS exploit discovered being used to spy on China's Uyghur minority

New "Insomnia" exploit works on iOS versions 12.3, 12.3.1, and 12.3.2; was patched in iOS 12.4 last year.
21 April 2020

8 Tips for Small Merchants: Protecting Payment Data During COVID-19

 

The COVID-19 pandemic is quickly changing how many small merchants accept payments. Merchants that previously only had brick-and-mortar locations are moving to accept e-commerce and over-the-phone transactions.

21 April 2020

RCE Exploit Released for IBM Data Risk Manager, No Patch Available

RCE Exploit Released for IBM Data Risk Manager, No Patch Available Three separate flaws can be chained to achieve full system compromise.
21 April 2020

Viral WhatsApp Scam Promises Free Streaming Services

Cybercriminals capitalize on the popularity of media and entertainment to target consumers looking for at-home activities.
21 April 2020

Is COVID-19 Intensifying the Need for Security Staffing?

Overall, security practitioners should find themselves in a better working situation than many other professionals. However, we are not immune.
21 April 2020

Attackers Aim at Software Supply Chain with Package Typosquatting

Attackers seed Ruby Gems repository with more than 760 malicious packages using names just a bit different than the standard code libraries.
21 April 2020

Here's a list of all the ransomware gangs who will steal and leak your data if you don't pay

Ransomware gangs are getting more aggressive these days about pursuing payments and have begun stealing and threatening to leak sensitive documents if victims don't pay the requested ransom demand.
21 April 2020

Terahash Buys L0phtCrack in Password Merger

The acquisition brings password cracking and password auditing capabilities together in a single company.
21 April 2020

7 Steps to Avoid the Top Cloud Access Risks

Securing identities and data in the cloud is challenging, but a least-privilege access approach helps.
21 April 2020

Oil and Gas Firms Targeted With Agent Tesla Spyware

Oil and Gas Firms Targeted With Agent Tesla Spyware Highly targeted spearphishing emails are being sent to oil and gas companies in hopes of infecting them with the Agent Tesla spyware.
21 April 2020

Microsoft Proposes Privacy Controls for COVID-19 Contact Tracking, Tracing

As governments broaden use of digital technologies to stem pandemic, sensitive health and location data need to be protected, company says.
21 April 2020

Deepfakes and AI: Fighting Cybersecurity Fire with Fire

Deepfakes and AI: Fighting Cybersecurity Fire with Fire To successfully mitigate evolving attacks, security teams must use the exact same AI tools that create those attacks in the first place.
21 April 2020

Work-from-Home Exposes Already-Infected Machines in 50K US Organizations

Researchers find massive spike in infected enterprises worldwide.
21 April 2020