Cybersecurity News


TrickBot Adds BazarBackdoor to Malware Arsenal

TrickBot Adds BazarBackdoor to Malware Arsenal The stealthy backdoor is delivered via mass-market phishing emails that are well-crafted to appear convincing.
03 June 2020

Critical SAP ASE Flaws Allow Complete Control of Databases

Critical SAP ASE Flaws Allow Complete Control of Databases Researchers warn of critical flaws in SAP's Sybase Adaptive Server Enterprise software.
03 June 2020

Large-scale attack tries to steal configuration files from WordPress sites

Attackers tried to download configuration files from WordPress sites so they could steal database credentials.
03 June 2020

Many Exchange Servers Are Still Vulnerable to Remote Exploit

A privilege-escalation vulnerability patched in February by Microsoft continues to affect Exchange servers, with more than 80% of Internet-connected servers remaining vulnerable, one firm reports.
03 June 2020

Facebook now lets you delete old posts in bulk

Dealing with skeletons lurking in your Facebook closet has never been easier

The post Facebook now lets you delete old posts in bulk appeared first on WeLiveSecurity

03 June 2020

Social Distancing for Healthcare's IoT Devices

Security pros need to double down around prevention of lateral movement by attackers, especially if IoT devices are connected to the network.
03 June 2020

Enterprise Mobile Phishing Attacks Skyrocket Amidst Pandemic

Enterprise Mobile Phishing Attacks Skyrocket Amidst Pandemic Increase of 37 percent from Q4 2019 to Q1 2020 attributed to creation of remote workforce due to COVID-19 stay-at-home orders.
03 June 2020

Facebook software engineer resigns with scathing criticism of the network’s refusal to act on ‘weaponized hatred’

The former Facebook employee accuses the social network of allowing “politicians to radicalize individuals and glorify violence.”
03 June 2020

Tor’s latest release makes it easier to find secure onion services

Tor Browser 9.5 is also working towards making Dark Web addresses easier to remember.
03 June 2020

Google opens up Advanced Protection Program to Nest devices

The move follows integration with services including Android and Chrome.
03 June 2020

Joomla Resources Directory Users Exposed in Leaky AWS Bucket

Joomla Resources Directory Users Exposed in Leaky AWS Bucket Full backup copies of website, including all user data, was exposed for 2,700 JRD users.
03 June 2020

Ransomware gang says it breached one of NASA's IT contractors

DopplePaymer ransomware gang claims to have breached DMI, a major US IT and cybersecurity provider, and one of NASA IT contractors.
02 June 2020

10 Tips for Maintaining Information Security During Layoffs

10 Tips for Maintaining Information Security During Layoffs Insider cyber threats are always an issue during layoffs -- but with record numbers of home office workers heading for the unemployment line, it's never been harder to maintain cybersecurity during offboarding.
02 June 2020

Mobile Phishing Attacks Increase Sharply

Organizations need to include smartphones and tablets in their phishing mitigation strategies, a new report suggests.
02 June 2020

New cold boot attack affects seven years of LG Android smartphones

LG has released a firmware fix in May 2020. Attack requires physical access.
02 June 2020

Companies Fall Short on Mandatory Reporting of Cybercrimes

Understaffed and under fire, companies fail to report cybercrimes even when they are legally obligated to notify authorities, results of a new survey show.
02 June 2020

Amtrak Breach Rolls Over Frequent Travelers

The breach exposed usernames and passwords of an undisclosed number of program members.
02 June 2020

REvil Ransomware Gang Starts Auctioning Victim Data

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. The move marks an escalation in tactics aimed at coercing victims to pay up -- and publicly shaming those don't. But it may also signal that ransomware purveyors are searching for new ways to profit from their crimes as victim businesses struggle just to keep the lights on during the unprecedented economic slowdown caused by the COVID-19 pandemic.
02 June 2020

Risk Assessment & the Human Condition

Five lessons the coronavirus pandemic can teach security professionals to better assess, monitor, manage, and mitigate organizational risk.
02 June 2020

Two Critical Android Bugs Open Door to RCE

Two Critical Android Bugs Open Door to RCE Google and Qualcomm both addressed significant vulnerabilities in their June updates.
02 June 2020