Cybersecurity News


Protecting Sensitive Cardholder Data in Today’s Hyper-Connected World

Protecting Sensitive Cardholder Data in Today’s Hyper-Connected World Retailers that lacked significant digital presence pre-COVID are now reaching new audiences through e-commerce sites that are accessible anytime, from anywhere, on any device.
26 February 2021

Go malware is now common, having been adopted by both APTs and e-crime groups

There's been a 2,000% increase of new malware written in Go over the past few years.
26 February 2021

Oxford University lab with COVID-19 research links targeted by hackers

Compromised machines included those used in sample analysis.
26 February 2021

Championing worthy causes: How ESET gives a helping hand

A snapshot of some of the ways ESET makes an impact supporting the well-being of people, communities and the environment

The post Championing worthy causes: How ESET gives a helping hand appeared first on WeLiveSecurity

26 February 2021

TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit

The video platform was accused of collecting biometric data without consent.
26 February 2021

How $100M in Jobless Claims Went to Inmates

The U.S. Labor Department's inspector general said this week that roughly $100 million in fraudulent unemployment insurance claims were paid in 2020 to criminals who are already in jail. That's a tiny share of the estimated tens of billions of dollars in jobless benefits states have given to identity thieves in the past year. To help reverse that trend, many states are now turning to a little-known private company called ID.me. This post examines some of what that company is seeing in its efforts to stymie unemployment fraud.
25 February 2021

Inside Strata's Plans to Solve the Cloud Identity Puzzle

Strata Identity was founded to change businesses' approach to identity management as multicloud environments become the norm.
25 February 2021

Microsoft Releases Free Tool for Hunting SolarWinds Malware

Meanwhile, researchers at SecurityScorecard say the "fileless" malware loader in the attack - Teardrop - actually dates back to 2017.
25 February 2021

North Korea's Lazarus Group Expands to Stealing Defense Secrets

Several gigabytes of sensitive data stolen from one restricted network, with organizations in more than 12 countries impacted, Kaspersky says.
25 February 2021

Ransomware, Phishing Will Remain Primary Risks in 2021

Attackers have doubled down on ransomware and phishing -- with some tweaks -- while deepfakes and disinformation will become more major threats in the future, according to a trio of threat reports.
25 February 2021

Cyberattacks Launch Against Vietnamese Human-Rights Activists

Cyberattacks Launch Against Vietnamese Human-Rights Activists Vietnam joins the ranks of governments using spyware to crack down on human-rights defenders.
25 February 2021

Thousands of VMware Servers Exposed to Critical RCE Bug

Security experts report scanning activity targeting vulnerable vCenter servers after a researcher published proof-of-concept code.
25 February 2021

5 Key Steps Schools Can Take to Defend Against Cyber Threats

Educational institutions have become prime targets, but there are things they can do to stay safer.
25 February 2021

Chinese cyberspies targeted Tibetans with a malicious Firefox add-on

The Chinese hacking group used the malicious add-on to collect Gmail and Firefox data from their victims.
25 February 2021

Facebook ramps up fight against child abuse content

Two new tools will warn users about the risks of searching for and sharing content that exploits children, including the potential legal consequences of doing so

The post Facebook ramps up fight against child abuse content appeared first on WeLiveSecurity

25 February 2021

Health Website Leaks 8 Million COVID-19 Test Results

Health Website Leaks 8 Million COVID-19 Test Results A teenaged ethical hacker discovered a flawed endpoint associated with a health-department website in the state of Bengal, which exposed personally identifiable information related to test results.
25 February 2021

Malicious Mozilla Firefox Extension Allows Gmail Takeover

Malicious Mozilla Firefox Extension Allows Gmail Takeover The malicious extension, FriarFox, snoops in on both Firefox and Gmail-related data.
25 February 2021

How to Avoid Falling Victim to a SolarWinds-Style Attack

A multilayered, zero-trust security posture provides a better chance of fending off sophisticated supply chain attackers before it's too late.
25 February 2021

Cisco Warns of Critical Auth-Bypass Security Flaw

Cisco Warns of Critical Auth-Bypass Security Flaw Cisco also stomped out a critical security flaw affecting its Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches.
25 February 2021

This chart shows the connections between cybercrime groups

CrowdStrike puts together a list of connections and how cybercrime groups cooperate with each other.
25 February 2021