Cybersecurity News


PgMiner botnet attacks weakly secured PostgreSQL databases

Only PostgreSQL databases running on Linux servers have been attacked so far.
13 December 2020

FBI, CISA, MS-ISAC: Cybercriminals Increasingly Attacking K-12 Distance Learning

Ransomware attacks reported against US K-12 schools jumped from 28% in January through July to 57% in August and September.
11 December 2020

Security Issues in PoS Terminals Open Consumers to Fraud

Security Issues in PoS Terminals Open Consumers to Fraud Point-of-sale terminal vendors Verifone and Ingenico have issued mitigations after researchers found the devices use default passwords.
11 December 2020

Adrozek Malware Delivers Fake Ads to 30K Devices a Day

Adrozek Malware Delivers Fake Ads to 30K Devices a Day The Adrozek ad-injecting browser modifier malware also extracts device data and steals credentials, making it an even more dangerous threat.
11 December 2020

Zero-day in WordPress SMTP plugin abused to reset admin account passwords

A patch has been released earlier this week but many WordPress sites remained unpatched —as usual.
11 December 2020

Week in security with Tony Anscombe

ESET researchers discovered that chat software called Able Desktop, part of a business management suite popular in Mongolia was used to deliver the HyperBro backdoor (commonly used by LuckyMouse), the Korplug RAT , and a RAT called Tmanger. A Q&A with security researcher Alejandro Hernández, who has unearthed a long list of vulnerabilities in leading online trading platforms that may expose their users to a host of security and privacy

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

11 December 2020

PGMiner, Innovative Monero-Mining Botnet, Surprises Researchers

PGMiner, Innovative Monero-Mining Botnet, Surprises Researchers The malware takes aim at PostgreSQL database servers with never-before-seen techniques.
11 December 2020

Microsoft Warns of Powerful New Adware

The new adware, dubbed Adrozek, is being distributed by large, well organized threat actors, according to Microsoft research.
11 December 2020

Feds: K-12 Cyberattacks Dramatically on the Rise

Feds: K-12 Cyberattacks Dramatically on the Rise Attackers are targeting students and faculty alike with malware, phishing, DDoS, Zoom bombs and more, the FBI and CISA said.
11 December 2020

Facebook Shutters Accounts Used in APT32 Cyberattacks

Facebook Shutters Accounts Used in APT32 Cyberattacks Facebook shut down accounts and Pages used by two separate threat groups to spread malware and conduct phishing attacks.
11 December 2020

7 Security Tips For Gamers

7 Security Tips For Gamers Gamers can expect to be prime targets over the holidays as COVID-19 rages on. Here's some advice on how to keep hackers at bay.
11 December 2020

'Tis the Season to Confront Third-Party Risk

'Tis the Season to Confront Third-Party Risk On any given day it's hard to ensure that outside companies and individuals adhere to an organization's security practices and policies. But when it's the holidays and, oh, a global pandemic, companies need to be extra vigilant.
11 December 2020

Penetration Testing: A Road Map for Improving Outcomes

As cybersecurity incidents gain sophistication, to ensure we are assessing security postures effectively, it is critical to copy real-world adversaries' tools, tactics, and procedures during testing activities.
11 December 2020

Mastercard, Visa cut card payment ties with Pornhub over child abuse, illegal content allegations

Mastercard has terminated services whereas Visa has placed a temporary hold on card payments.
11 December 2020

Is your trading app putting your money at risk?

A Q&A with security researcher Alejandro Hernández, who has unearthed a long list of vulnerabilities in leading trading platforms that may expose their users to a host of security and privacy risks

The post Is your trading app putting your money at risk? appeared first on WeLiveSecurity

11 December 2020

Critical CSRF vulnerability found on Glassdoor company review platform

The critical flaw impacted both job seeker and employer accounts on the web domain.
11 December 2020

CISA and FBI warn of rise in ransomware attacks targeting K-12 schools

The percentage of ransomware attacks against K-12 schools increased at the beginning of the 2020 school year
11 December 2020

Facebook doxes APT32, links Vietnam's primary hacking group to local IT firm

Facebook suspends accounts linked to APT32, says the group used its platform to spread malware.
10 December 2020

Knowing What the Enemy Knows Is Key to Proper Defense

Think like an attacker if you want to understand your attack surface, says security researcher at Black Hat Europe.
10 December 2020

Juvenile Pleads Guilty to 2016 DNS Attack

Mirai botnet was used to target Sony in an attack that took down DynDNS and a number of its notable customers.
10 December 2020