Cybersecurity News


Minneapolis Police Department Hack Likely Fake, Says Researcher

Minneapolis Police Department Hack Likely Fake, Says Researcher Troy Hunt said that the supposed data breach perpetrated by Anonymous is most likely a hoax.
01 June 2020

Bug in ‘Sign in with Apple’ could have allowed account hijacking

The tech giant rewards the bug bounty hunter who found the severe flaw in its login mechanism with US$100,000

The post Bug in ‘Sign in with Apple’ could have allowed account hijacking appeared first on WeLiveSecurity

01 June 2020

Hosting Provider’s Database of Crooked Customers Leaked

Hosting Provider’s Database of Crooked Customers Leaked Database of sensitive info, including emails and passwords, from owners of Daniel’s Hosting portals could be incriminating.
01 June 2020

How AI and Automation Can Help Bridge the Cybersecurity Talent Gap

Without the right tools and with not enough cybersecurity pros to fill the void, the talent gap will continue to widen.
01 June 2020

Researcher lands $100,000 reward for ‘Sign in with Apple’ authentication bypass bug

User accounts could be hijacked through missing validation processes on Apple servers.
01 June 2020

3 things to discuss with your kids before they join social media

What are some of the key things your children should know about before they make their first foray into social media?

The post 3 things to discuss with your kids before they join social media appeared first on WeLiveSecurity

01 June 2020

Joomla team discloses data breach

Joomla says a team member left an unencrypted backup of the JRD portal on a private AWS S3 bucket.
31 May 2020

Hacker leaks database of dark web hosting provider

Leaked data contains email addresses, site admin passwords, and .onion domain private keys.
31 May 2020

Career Choice Tip: Cybercrime is Mostly Boring

When law enforcement agencies tout their latest cybercriminal arrest, the defendant is often cast as a bravado outlaw engaged in sophisticated, lucrative, even exciting activity. But new research suggests that as cybercrime has become dominated by pay-for-service offerings, the vast majority of day-to-day activity needed to support these enterprises is in fact mind-numbingly boring and tedious, and that highlighting this reality may be a far more effective way combat cybercrime and steer offenders toward a better path.
29 May 2020

Bank of America Security Incident Affects PPP Applicants

The incident occurred when Paycheck Protection Program applications were uploaded to a test platform and accidentally shared.
29 May 2020

Steganography Anchors Pinpoint Attacks on Industrial Targets

Steganography Anchors Pinpoint Attacks on Industrial Targets Ongoing spear-phishing attacks aim at stolen Windows credentials for ICS suppliers worldwide.
29 May 2020

Abandoned Apps May Pose Security Risk to Mobile Devices

Mobile providers don't often update users when applications are not supported by developers, security firm says.
29 May 2020

Cisco Announces Patches to SaltStack

The patches came after Cisco was notified by the Salt Open Core team that the vulnerabilities and updates were available.
29 May 2020

NTT Communications Data Breach Affects Customers, Threatens Supply Chain

NTT Communications Data Breach Affects Customers, Threatens Supply Chain Attackers managed to compromise NTT Communication’s Active Directory server and a construction information management server.
29 May 2020

NSA Warns of Sandworm Backdoor Attacks on Mail Servers

NSA Warns of Sandworm Backdoor Attacks on Mail Servers The Russian spy group, a.k.a. BlackEnergy, is actively compromising Exim mail servers via a critical security vulnerability.
29 May 2020

Week in security with Tony Anscombe

New ESET research into Turla's malicious toolkit – GDPR turns two – Critical flaw in Android devices

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

29 May 2020

PCI DSS v4.0: Anticipated Timelines and Latest Updates

 

Industry feedback, together with the changes in payments, technology, and security, is driving our approach to PCI DSS v4.0. In discussions with industry stakeholders, we have received a number of questions about PCI DSS v4.0. Below we interview Lauren Holloway, Director, Data Security Standards, who answers some key questions about what is happening with PCI DSS v4.0.

29 May 2020

Digital Distancing with Microsegmentation

Physical distancing has blunted a virus's impact; the same idea can be applied to computers and networks to minimize breaches, attacks, and infections.
29 May 2020

All Links Are Safe ... Right?

Today is a perfect day for a security breach.
29 May 2020

Request for Comments: PIN v3.1 Standard Draft

 

From 29 May 2020 to 30 June 2020, PCI SSC stakeholders can participate in a Request for Comments (RFC) on PIN v3.1 Standard draft.

29 May 2020