Cybersecurity News
Three Texan men jailed after using Grindr to find targets for theft, kidnap, assault
Prosecutors say the men abused the app to perform “bias-motivated violence.”Crackonosh malware abuses Windows Safe mode to quietly mine for cryptocurrency
The malware is thought to have generated millions of dollars in just a few short years.‘Pen tester’ FIN7 hacking group member lands seven-year prison term
The “high-level” member must also pay $2.5 million in damages.Spam Downpour Drips New IcedID Banking Trojan Variant
The primarily IcedID-flavored banking trojan spam campaigns were coming in at a fever pitch: Spikes hit more than 100 detections a day.
74% of Q1 Malware Was Undetectable Via Signature-Based Tools
Attackers have improved on tweaking old malware to continue sneaking it past traditional threat detection controls, researchers report.D3FEND Framework Seeks to Lay Foundation for Cyber Defense
The MITRE project, funded by the National Security Agency, aims to create a foundation for analyzing and discussing cyber defenses and could shake up the vendor community.Oh FCUK! Fashion Label, Medical Diagnostics Firm Latest REvil Victims
The infamous ransomware group hit two big-name companies within hours of each other.
Tulsa Officials Warn Ransomware Attackers Leaked City Files
The group behind the May 2021 attack has shared more than 18,000 files via the Dark Web, mostly internal department files and police citations.Preinstalled Firmware Updater Puts 128 Dell Models at Risk
A feature of the computer maker's update utility does not correctly handle certificates, leaving systems open to firmware-level compromises.Request for Comments: PTS HSM Modular Security Requirements
From 24 June to 26 July 2021, PCI SSC stakeholders are invited to review and provide feedback on the draft PCI PIN Transaction Security (PTS) Hardware Security Module (HSM) Modular Security Requirements during a 30 day request for comments (RFC) period.
The RFC will be available to primary contacts through the PCI SSC portal, including instructions on how to access the document and submit feedback. Eligible stakeholders will also receive instructions via email. As a reminder, participants are required to accept a Non-Disclosure Agreement (NDA) to download the document. Please review the RFC Process Guide for more information.
Please note that PCI SSC can only accept comments that are submitted via the PCI SSC portal and received within the defined RFC period.
Boardroom Perspectives on Cybersecurity: What It Means for You
Because board members are paying close attention to security, security leaders must be able to respond to and alleviate their concerns with data.Gaming industry under siege from cyberattacks during pandemic
Cyberattacks targeting the gaming industry skyrocket, with web attacks more than tripling year-on-year in 2020
The post Gaming industry under siege from cyberattacks during pandemic appeared first on WeLiveSecurity
Musk-Themed ‘$SpaceX’ Cryptoscam Invades YouTube Advertising
Beware: The swindle uses legitimately purchased YouTube ads, real liquidity, legitimate DEX Uniswap, and the real wallet extension MetaMask to create an entirely convincing fake coin gambit.
Critical VMware Carbon Black Bug Allows Authentication Bypass
The 9.4-rated bug in AppC could give attackers admin rights, no authentication required, letting them attack anything from PoS to industrial control systems.
Storms & Silver Linings: Avoiding the Dangers of Cloud Migration
We hear a lot about the sunlit uplands of cloud-powered business, but what about the risks of making information available across the organization?John McAfee, Creator of McAfee Antivirus Software, Dead at 75
McAfee, who was being held in a Spanish jail on US tax-evasion charges, had learned on Monday he would be extradited to the US.Tulsa’s Police-Citation Data Leaked by Conti Gang
A May 6 ransomware attack caused disruption across several of the municipality’s online services and websites.
rMTD: A Deception Method That Throws Attackers Off Their Game
Through a variety of techniques, rotational Moving Target Defense makes existing OS and app vulnerabilities difficult to exploit. Here's how.