Cybersecurity News


Data Breaches Exposes Vets, COVID-19 Patients

Data Breaches Exposes Vets, COVID-19 Patients Social engineering and employee mistakes lead to breach Veteran's Administration and the National Health Service.
15 September 2020

More Cyberattacks in the First Half of 2020 Than in All of 2019

The pandemic-related shift to remote work and the growing availability of ransomware-as-a-service were two major drivers, CrowdStrike says.
15 September 2020

Billions of devices vulnerable to new 'BLESA' Bluetooth security flaw

New BLESA attack goes after the often ignored Bluetooth reconnection process, unlike previous vulnerabilities, most found in the pairing operation.
15 September 2020

5 Security Lessons Humans Can Learn From Their Dogs

5 Security Lessons Humans Can Learn From Their Dogs Without the right reinforcements, you could be barking at the moon.
15 September 2020

QR Codes Serve Up a Menu of Security Concerns

QR Codes Serve Up a Menu of Security Concerns QR code usage is soaring in the pandemic -- but malicious versions aren't something that most people think about.
15 September 2020

IBM Spectrum Protect Plus Security Open to RCE

IBM Spectrum Protect Plus Security Open to RCE Two bugs (CVE-2020-4703 and CVE-2020-4711) in IBM's Spectrum Protect Plus data-storage protection solution could enable remote code execution.
15 September 2020

US charges two hackers for defacing US websites following Soleimani killing

US authorities have tracked down the two hackers behind a January 2020 mass-defacement campaign.
15 September 2020

CISA Issues Alert for Microsoft Netlogon Vulnerability

CISA has issued an alert following the discovery of publicly available exploit code for Windows elevation of privilege flaw CVE-2020-1472.
15 September 2020

Taking Security With You in the WFH Era: What to Do Next

As many organizations pivot to working from home, here are some considerations for prioritizing the new security protocols.
15 September 2020

Research Finds Nearly 800,000 Access Keys Exposed Online

The keys were primarily for access to databases and cloud services.
15 September 2020

PCI SSC to Host its 2020 Community Meetings Online as Virtual Events

 

In an unprecedented year, PCI Security Standards Council (PCI SSC) will host its 2020 Community Meetings online, as virtual events, for the first time in the Council’s history. The annual North America, Europe and Asia-Pacific Community Meetings offer an opportunity to bring the PCI SSC community together to network with colleagues, share regional insights, and hear important Council updates.

15 September 2020

Encrypted Traffic Inference: An Alternative to Enterprise Network Traffic Decryption

Finding threats in encrypted inbound network traffic is complex and expensive for enterprises, but a fascinating new approach could eliminate the need for decryption.
15 September 2020

Windows Exploit Released For Microsoft ‘Zerologon’ Flaw

Windows Exploit Released For Microsoft ‘Zerologon’ Flaw Security researchers and U.S. government authorities alike are urging admins to address Microsoft's critical privilege escalation flaw.
15 September 2020

MITRE releases emulation plan for FIN6 hacking group, more to follow

New MITRE project to provide free emulation plans that mimic major threat actors in order to train and help defenders.
15 September 2020

Simplify Your Privacy Approach to Overcome CCPA Challenges

By building a privacy-forward culture from the ground up and automating processes, organizations can simplify their approach to privacy and be prepared for any upcoming regulations.
15 September 2020

MFA Bypass Bugs Opened Microsoft 365 to Attack

MFA Bypass Bugs Opened Microsoft 365 to Attack Vulnerabilities ‘that have existed for years’ in WS-Trust could be exploited to attack other services such as Azure and Visual Studio.
15 September 2020

US reaches $1.5 billion settlement with Daimler over emissions scandal

Daimler must also recall and repair Mercedes-Benz diesel cars that cheat the system.
15 September 2020

Zoom makes 2FA available for all its users

Zoom now supports phone calls, text messages and authentication apps as forms of two-factor authentication  

The post Zoom makes 2FA available for all its users appeared first on WeLiveSecurity

15 September 2020

Department of Veteran Affairs discloses breach impacting 46,000 veterans

Hackers accessed a VA online app and diverted payments meant for healthcare providers.
14 September 2020

Researchers, Companies Slam Mobile Voting Firm Voatz for 'Bad Faith' Attacks

In a letter, almost 70 different security firms and individual researchers criticize Voatz for misrepresenting to the US Supreme Court widely accepted security research practices.
14 September 2020