Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how hackers are improving their breach strategies. Also, learn about new spyware attacks via URLs, websites, and mobile apps.
Maintaining protection over an enterprise’s critical data, systems and assets is a continual uphill battle. Hackers are bolstering their capabilities to silently breach platforms and staying under the radar.
In a global survey of 1,125 IT executives, Trend Micro discovered that enterprise cybersecurity staff feels unsupported by their enterprises, with 33 percent feeling isolated in their positions.
As hackers continually shift and improve upon their attack and breach strategies, IT and security stakeholders must do their best to keep up and remain informed of these trends.
Facebook has been secretly paying people to install a “Facebook Research” VPN that lets the company suck in all of a user’s phone and web activity.
Cybercriminals use websites created using the PHP framework to breach web servers via dictionary attacks on default credentials and gain control of these routers for distributed denial of service attacks.
A bug has been discovered that lets you call anyone with FaceTime and immediately hear the audio coming from their phone — before the person on the other end has accepted or rejected the incoming call.
Trend Micro discovered several beauty camera apps on Google Play that are capable of accessing remote ad configuration servers that can be used for malicious purposes.
Microsoft Exchange 2013 and newer versions are vulnerable to a privilege escalation attack that gives anyone with a mailbox a way to gain domain administrator rights at potentially 90% of organizations running Active Directory and Exchange.
Owners and administrators of WordPress websites that use the “Total Donations” plugin are advised to remove the plugin after a zero-day vulnerability and design flaws were seen actively exploited.
A U.S. judge rejected Yahoo’s proposed settlement with millions of people whose email addresses and other personal information were stolen in the largest data breach in history, faulting the Internet services provider for a lack of transparency.
On January 20, a security researcher going by FewAtoms spotted a malicious URL in the wild. The URL is an open directory that leads would-be victims to a malicious self-extracting archive.
Which spyware attack were you most surprised to hear about? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.