---

Card Skimmer Hits Australian Bushfire Donation Site

Magecart groups using automated infection scans infected the site, which was running outdated Magento software.

---

Microsoft Patches Major Crypto Spoofing Bug

January Patch Tuesday tackles 50 bugs, with eight rated critical, all as it pushes out its last regular Windows 7 patches.

---

'Fancy Bear' Targets Ukrainian Oil Firm Burisma in Phishing Attack

The oil & gas company is at the heart of the ongoing US presidential impeachment case.

---

Google: Chrome Will Remove Third-Party Cookies and Tracking

It's "not about blocking" but removing them altogether, the company said.

---

Phishing Attack in Progress Against Ukrainian Oil Firm Burisma

The oil & gas company is at the heart of the ongoing US presidential impeachment process.

---

Attackers Increasingly Focus on Business Disruption

Network intruders are staying undetected for an average of 95 days, enabling them to target critical systems and more completely disrupt business.

---

Google to Nix Chrome Support for Third-Party Cookies by 2022

Google says it has a two-year timeline for phasing out support for third-party cookies in its Chrome web browser.

---

Microsoft rolls out Windows 10 security fix after NSA warning

US agency revealed flaw that could be exploited by hackers to create malicious software

Microsoft is rolling out a security fix to Windows 10 after the US National Security Agency (NSA) warned the popular operating system contained a highly dangerous flaw that could be used by hackers.

The NSA revealed during a press conference on Tuesday that the “serious vulnerability” could be used to create malicious software that appeared to be legitimate.

Continue reading...

---

Global Predictions for Energy Cyber Resilience in 2020

How prepared is the energy sector for an escalating attack surface in the operating technology environment? Here are five trends to watch.

---

Microsoft fixes Windows crypto bug reported by the NSA

Fixes were released today part of the Microsoft's January 2020 Patch Tuesday.

---

Public Bug Bounty Takes Aim at Kubernetes Container Project

The cloud-focused program will pay out $10,000 as its top reward.

---

Google to phase out user-agent strings in Chrome

Chrome will move to a new technology called Client Hints, part of the newer Privacy Sandbox project.

---

Millions of modems at risk of remote hijacking

Multiple cable modem models from various manufacturers found vulnerable to takeover attacks

The post Millions of modems at risk of remote hijacking appeared first on WeLiveSecurity

---

Millions of modems at risk of remote hijacking

Multiple cable modem models from various manufacturers found vulnerable to takeover attacks

The post Millions of modems at risk of remote hijacking appeared first on WeLiveSecurity

---

Adobe Patches Five Critical Illustrator CC Flaws

Overall Adobe patched nine flaws in Illustrator CC and Experience Manager.

---

Consumer Reports Calls for IoT Manufacturers to Raise Security Standards

A letter to 25 companies says Consumer Reports will change ratings to reflect stronger security and privacy standards.

---

Dustman Attack Underscores Iran's Cyber Capabilities

For nearly six months, an attack group linked to Iran reportedly had access to the network of Bahrain's national oil company, Bapco, before it executed a destructive payload.

---

Processor Vulnerabilities Put Virtual Workloads at Risk

Meltdown, Spectre exploits will likely lead to customers making tradeoffs between performance and security of applications, especially virtual and cloud-based apps

---

Processor Vulnerabilites Put Virtual Workloads at Risk

Meltdown, Spectre exploits will likely lead to customers making tradeoffs between performance and security of applications, especially virtual and cloud-based apps

---

Industrial Control System Features at Risk

How some ICS product functions can be weaponized by altering their configurations.