Cybersecurity News
Hackers Exploit Autodesk Flaw in Recent Cyberespionage Attack
The popular Autodesk software was exploited in a recent cyberespionage campaign against an international architectural company.
26 August 2020
New Chrome, Firefox versions fix security bugs, bring productivity features
Chrome gets a new way of managing tabs while Firefox now features a new add-ons blocklist
The post New Chrome, Firefox versions fix security bugs, bring productivity features appeared first on WeLiveSecurity
26 August 2020
Two members of movie piracy group 'Sparks' arrested in Cyprus and the US
Investigators said the group posed as real-world DVD/Blu-Ray retailers to obtain and leak unreleased movies and TV shows.26 August 2020
Disinformation Spurs a Thriving Industry as U.S. Election Looms
Threat actors are becoming increasingly sophisticated in launching disinformation campaigns - and staying under the radar to avoid detection from Facebook, Twitter and other platforms.
26 August 2020
With More Use of Cloud, Passwords Become Even Weaker Link
Slow patching provides vulnerabilities to exploit. A lack of network segmentation allows unrestricted lateral movement. Yet a report surveying a year of penetration tests finds that passwords still top the list of what attackers use to compromise systems.26 August 2020
PCI DSS in Practice Case Study: Cielo
In this PCI DSS in Practice Case Study, Brazil Regional Engagement Board Member Cielo shares the challenge of dealing with legacy systems that did not have adequate controls to meet PCI DSS. The company recognized that training employees on security awareness and the support of senior management were essential to address these challenges.
26 August 2020
Deep Fake: Setting the Stage for Next-Gen Social Engineering
Humans are susceptible to normalcy bias, which may leave us vulnerable to disinformation that reinforces our beliefs.26 August 2020
Medical Data Leaked on GitHub Due to Developer Errors
Up to 200,000 patient records from Office 365 and Google G Suite exposed by hardcoded credentials and other improper access controls.
26 August 2020
How to Write a Cybersecurity Playbook During a Pandemic
IT teams have had to learn to be dynamic as workforces continue to shift strategies while COVID-19 drags on.
26 August 2020
Mercenary hacker group targets companies with 3Ds Max malware
Hacker-for-hire group uses a malicious 3Ds Max plugin to infect companies with malware and steal proprietary information.26 August 2020
Russian arrested for trying to recruit an insider and hack a Nevada company
A Russian national traveled to the US to recruit and convince an employee of a Nevada company to install malware on the company's network.25 August 2020
Four More Bugs Patched in Microsoft’s Azure Sphere IoT Platform
Researchers have unearthed more vulnerabilities in Microsoft’s IoT security solution.
25 August 2020
FBI informant provides a glimpse into the inner workings of tech support scams
Court documents expose how tech support scammers operate.25 August 2020
Election Security's Sticky Problem: Attackers Who Don't Attack Votes
If election defenders are protecting votes, and adversaries are attacking something else entirely, both sides might claim success, "Operation BlackOut" simulation shows.
25 August 2020
Phishing Attack Used Box to Land in Victim Inboxes
A phishing attack targeting government and security organizations used a legitimate Box page with Microsoft 365 branding to trick victims.25 August 2020
Online Business Fraud Down, Consumer Fraud Up
Criminals are changing tactics to match changing business conditions in the coronavirus pandemic, according to a new report.25 August 2020
FBI, CISA warn of spike in vishing attacks
Cybercriminals increasingly take aim at teleworkers, setting up malicious duplicates of companies' internal VPN login pages
The post FBI, CISA warn of spike in vishing attacks appeared first on WeLiveSecurity
25 August 2020
Three Easy Ways to Avoid Meow-like Database Attacks
The largest problem facing database security today is the disconnect between security teams and DBAs beginning from the moment of configuration and continuing throughout the database lifecycle.25 August 2020
Palo Alto Networks to Acquire The Crypsis Group for $265M
This is the latest in a series of acquisitions that Palo Alto has made since 2018.25 August 2020
Conti (Ryuk) joins the ranks of ransomware gangs operating data leak sites
More and more ransomware gangs are now operating sites where they leak sensitive data from victims who refuse to pay the ransom demand.25 August 2020