Cybersecurity News


Compromised Credentials Show That Abuse Happens in Multiple Phases

The third stage, when threat actors rush to use stolen usernames and password pairs in credential-stuffing attacks, is the most damaging for organizations, F5 says.
16 February 2021

Centreon says only 15 entitites were targeted in recent Russian hacking spree

Hacked companies were using very outdated versions of Centreon's open-source IT monitoring software.
16 February 2021

Firms Patch Greater Number of Systems, but Still Slowly

Fewer systems have flaws; however, the time to remediate vulnerabilities stays flat, and many issues targeted by in-the-wild malware remain open to attack.
16 February 2021

Complaint Blasts TikTok’s ‘Misleading’ Privacy Policies

Complaint Blasts TikTok’s ‘Misleading’ Privacy Policies TikTok is again in hot water for how the popular video-sharing app collects and shares data - particularly from its underage userbase.
16 February 2021

Let’s Encrypt Gears Up to Replace 200M Certificates a Day

Let’s Encrypt Gears Up to Replace 200M Certificates a Day The open CA prepares for ‘worst scenarios’ with new fiber, servers, cryptographic signing and more.
16 February 2021

DDoS Attacks Wane in Q4 Amid Cryptomining Resurgence

DDoS Attacks Wane in Q4 Amid Cryptomining Resurgence The volume of attacks fell 31 percent in the last part of 2020, as Bitcoin values skyrocketed. But there were still several notable trends, such as a rise in Linux botnets.
16 February 2021

Malvertiser abused WebKit zero-day to redirect iOS & macOS users to shady sites

Malicious ad campaigns have taken place all last year. Patches shipped on February 1, 2021.
16 February 2021

Strata Identity Raises $11M in Series A Round

The series A round of funding, led by Menlo Ventures, will help Strata scale its distributed identity technology.
16 February 2021

Under Attack: Hosting & Internet Service Providers

The digital universe depends on always-on IT networks and services, so ISPs and hosting providers have become favorite targets for cyberattacks.
16 February 2021

Romance scams in 2020: Breaking hearts, wallets – and records

As dating apps experience a boom amid COVID-19, losses to romance scams soar too

The post Romance scams in 2020: Breaking hearts, wallets – and records appeared first on WeLiveSecurity

16 February 2021

Misconfigured Baby Monitors Allow Unauthorized Viewing

Misconfigured Baby Monitors Allow Unauthorized Viewing Hundreds of thousands of individuals are potentially affected by this vulnerability.
16 February 2021

Microsoft Pulls Bad Windows Update After Patch Tuesday Headaches

Microsoft Pulls Bad Windows Update After Patch Tuesday Headaches Microsoft released a new servicing stack update (KB5001078) after an older one caused problems for Windows users installing Patch Tuesday security updates.
16 February 2021

Palo Alto Networks Plans to Acquire Cloud Security Firm

Most of Fortune 100 firms have used Bridgecrew's service in their application development processes.
16 February 2021

Fighting Fileless Malware, Part 3: Mitigations

Fighting Fileless Malware, Part 3: Mitigations Attackers can dodge the countermeasures you employ against fileless malware. So how do you mitigate the damage?
16 February 2021

Black History Month 2021: Time to Talk Diversity and Cybersecurity

In an industry that consistently needs new ideas, it's essential to have individuals who think, speak, and act in diverse ways.
16 February 2021

Unpatched Android App with 1 Billion Downloads Threatens Spying, Malware

Unpatched Android App with 1 Billion Downloads Threatens Spying, Malware Attackers can exploit SHAREit permissions to execute malicious code through vulnerabilities that remain unpatched three months after app makers were informed.
16 February 2021

Beware of COVID‑19 vaccine scams and misinformation

The vaccination push provides a vital shot in the arm for the world’s battle against the pandemic, but it's also a topic ripe for exploitation by fraudsters and purveyors of misinformation

The post Beware of COVID‑19 vaccine scams and misinformation appeared first on WeLiveSecurity

16 February 2021

Losses to romance scams reached a record $304 million in 2020

The FTC believes the pandemic limited people's ability to meet in person, which contributed to a spike in successful online romance scams.
16 February 2021

Security bugs left unpatched in Android app with one billion downloads

The vulnerabilities impact SHAREit, an app used for sharing files between users and their devices.
15 February 2021

Bluetooth Overlay Skimmer That Blocks Chip

As a total sucker for anything skimming-related, I was interested to hear from a reader working security for a retail chain in the United States that recently found bluetooth-enabled skimming devices placed over top of payment card terminals at several stores. Interestingly, these skimmers interfered with the terminal's ability to read chip-based cards, forcing customers to swipe the stripe instead.
15 February 2021