Security News > 2020

A new variant of the the NetWire remote access trojan is hitching a ride on IRS-themed phishing ploys targeting taxpayers in hopes of snatching victims' credentials and tax information. The NetWire variant's payload has also been given a facelift, with improved keylogger and credential-collecting features.

Router biz Linksys has reset all its customers' Smart Wi-Fi account passwords after cybercrims accessed a bunch and redirected hapless users to COVID-19 themed malware. Hackers with access to Linksys Smart Wi-Fi accounts were changing home routers' DNS server settings.

Ai launched on Wednesday with a new software development and security platform. Ai, has acquired application security provider Arxan, enabling it to provide a platform that offers agile planning, software delivery and application security capabilities.

Threat actors working for North Korea have also been hired by others to hack websites and extort targets, the U.S. government says in a new cyber alert. A joint advisory published on Wednesday by the U.S. Department of State, the Department of Treasury, the DHS, and the FBI provides guidance on the North Korean cyber threat and summarizes associated activities.

SafeBreach has raised a further $19 million to improve and expand its breach-and-attack simulation platform, which allows customers to assess their security posture against a continuous barrage of genuine, but safe, hacker behaviors. The SafeBreach BAS platform allows users to continually test and assess their security posture by delivering simulated breach methods from an extensive playbook of more than 13,000 breach behaviors.

The Tencent Security Response Center is launching an expanded bug-bounty program, via the HackerOne white-hat platform - and the company has increased its top reward to $15,000. Tencent, a China-based global internet service provider, is opening up its existing bug-bounty program to HackerOne's community of 600,000+ bug hunters, to widen the company's vulnerability reporting and technical sharing efforts, it said in a launch notice on Tuesday.

Contact tracing has been an often-used method of trying to curb the spread of an infectious disease by finding the people who have contracted it. As the coronavirus outbreak continues to spread, Apple and Google have come up with a plan to more easily implement contact tracing by building the necessary technology into their respective operating systems.

You've almost certainly heard of Zoom over the past few weeks - Zoom, more properly Zoom Video Communications, Inc., lets you run remote meetings and webinars, with audio and video for all participants, right from your browser. The biggest problems that many new users seem to be having with Zoom have nothing to do with Zoom's programming or its service - in other words, they're mistakes that Zoom itself can't easily stop people from making.

Using threat intelligence feeds donated by dozens of cybersecurity companies, the CTC is poring over more than 100 million pieces of data about potential threats each day, running those indicators through security products from roughly 70 different vendors. Among the more mature organizations working to counter the threat from COVID-19 scammers is the Cyber Threat Alliance, a industry group founded in 2017 that counts among its members more than two dozen major cybersecurity firms that are all required to regularly share threat intelligence with other members.

Email security biz Mimecast has warned of a flight refund scam doing the rounds amid a general uptick in coronavirus-related online crime. It works by offering a fake flight refund form via email.