Cybersecurity News


New CrossTalk attack impacts Intel's mobile, desktop, and server CPUs

Academics detail a new vulnerability named CrossTalk that can be used to leak data across Intel CPU cores.
09 June 2020

Alarm sounded over security risks in online voting system

Bad actors could tamper with ballots cast via OmniBallot without being detected by voters, election officials or the tool’s developer, a study finds

The post Alarm sounded over security risks in online voting system appeared first on WeLiveSecurity

09 June 2020

Will Vote-by-App Ever Be Safe?

Even with strong security measures, Internet voting is still vulnerable to abuse from state-sponsored actors and malicious insiders.
09 June 2020

Microsoft June 2020 Patch Tuesday fixes 129 vulnerabilities

This month's updates have started rolling out earlier today.
09 June 2020

Espionage Group Hits U.S. Utilities with Sophisticated Spy Tool

Espionage Group Hits U.S. Utilities with Sophisticated Spy Tool The FlowCloud modular remote-access trojan (RAT) has overlaps with the LookBack malware.
09 June 2020

Florence, Ala. Hit By Ransomware 12 Days After Being Alerted by KrebsOnSecurity

In late May, KrebsOnSecurity alerted numerous officials in Florence, Ala. that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly $300,000 worth of bitcoin. City officials now say they plan to pay the ransom demand, in hopes of keeping the personal data of their citizens off of the Internet.
09 June 2020

Hack-for-Hire Firm Connected to Attacks on Nonprofits, Journalists

The Dark Basin group behind thousands of phishing and malware attacks is likely an India-based "ethical hacking" firm that works on behalf of commercial clients.
09 June 2020

Adobe Warns of Critical Flaws in Flash Player, Framemaker

Adobe Warns of Critical Flaws in Flash Player, Framemaker Critical Adobe Flash Player and Framemaker flaws could enable arbitrary code execution.
09 June 2020

Honda Pauses Production Due to Cyberattack

The attack reportedly infected internal servers and forced Honda to halt production at plants around the world on Monday.
09 June 2020

Dark Basin Hack-For-Hire Group Targeted Thousands Over 7 Years

Dark Basin Hack-For-Hire Group Targeted Thousands Over 7 Years Thousands of journalists, advocacy groups and politicians worldwide were targeted by Dark Basin.
09 June 2020

CSO's Guide to 'Employee-First' Security Operations During COVID-19 & Beyond

As the work-at-home environment continues to inform new ways of doing business, it's important that security teams remain flexible and ready for change.
09 June 2020

KingMiner botnet brute-forces MSSQL databases to install cryptocurrency miner

The KingMiner gang is brute-forcing the "sa" user, the highest-privileged account on a MSSQL database.
09 June 2020

Malicious Android apps deactivated fraud code to bypass Google's security scans

Trick didn't work. Google banned them anyway.
09 June 2020

DARPA Launches Bug Bounty Program

Unlike most crowdsourced vulnerability-hunting projects, this one is targeted at hardware defenses.
08 June 2020

Chinese and Iranian APT Groups Targeted US Presidential Campaigns

Google analysts report advanced persistent threat groups linked to China and Iran launched phishing attacks against the Biden and Trump campaigns.
08 June 2020

Singapore’s Contact Tracing Wearable Causes Privacy Backlash

Singapore’s Contact Tracing Wearable Causes Privacy Backlash Thousands have signed a petition that underscores data privacy issues with Singapore's newly announced contact-tracing wearable, in development.
08 June 2020

Canada's Fitness Depot Alerts Customers to Data Breach

The retailer reports cybercriminals infected its online store and used a fraudulent form to steal shoppers' information.
08 June 2020

CallStranger vulnerability lets attacks bypass security systems and scan LANs

The CallStranger vulnerability can also be used to launch major DDoS attacks.
08 June 2020

SMBGhost RCE Exploit Threatens Corporate Networks

SMBGhost RCE Exploit Threatens Corporate Networks The release of a PoC for the Windows flaw known as "SMBGhost" could set off cyberattack waves, CISA warned.
08 June 2020

Phishing Attack Hits German Coronavirus Task Force

Phishing Attack Hits German Coronavirus Task Force More than 100 executives at a multinational company that's part of a German task force for creating coronavirus protective gear, were targeted in an ongoing phishing attack.
08 June 2020