Cybersecurity News


Three Ways Your BEC Defense Is Failing & How to Do Better

Three Ways Your BEC Defense Is Failing & How to Do Better Business email compromises cost the economy billions of dollars. Experts have advice on how to stop them from hitting you for millions at a pop.
23 March 2020

538 Million Weibo Users' Info for Sale on Dark Web

The user data, which does not include passwords, purportedly comes from a mid-2019 breach.
23 March 2020

Apache Tomcat Exploit Poised to Pounce, Stealing Files

Apache Tomcat Exploit Poised to Pounce, Stealing Files Researchers said that a working exploit for CVE-2020-1938 leaked on GitHub makes is a snap to compromise webservers.
23 March 2020

Apache Tomcat Exploit Poised to Pounce, Stealing Files

Apache Tomcat Exploit Poised to Pounce, Stealing Files Researchers said that a working exploit for CVE-2020-1938 leaked on GitHub makes is a snap to compromise webservers.
23 March 2020

Hackers Actively Exploit 0-Day in CCTV Camera Hardware

Hackers Actively Exploit 0-Day in CCTV Camera Hardware Criminals behind botnets Chalubo, FBot and Moobot attack unpatched vulnerabilities in the commercial DVRs made by LILIN.
23 March 2020

Hackers Actively Exploit 0-Day in CCTV Camera Hardware

Hackers Actively Exploit 0-Day in CCTV Camera Hardware Criminals behind botnets Chalubo, FBot and Moobot attack unpatched vulnerabilities in the commercial DVRs made by LILIN.
23 March 2020

Who’s Behind the ‘Web Listings’ Mail Scam?

In December 2018, KrebsOnSecurity looked at how dozens of U.S. political campaigns, cities and towns had paid a shady company called Web Listings Inc. after receiving what looked like a bill for search engine optimization (SEO) services rendered on behalf of their domain names. The story concluded that this dubious service had been scamming people and companies for more than a decade, and promised a Part II to explore who was behind Web Listings. What follows are some clues that point to a very convincing answer to that question.
23 March 2020

Microsoft Warns of Critical Windows Zero-Day Flaws

Microsoft Warns of Critical Windows Zero-Day Flaws The unpatched Windows zero day flaws are being exploited in "limited, targeted" attacks, according to Microsoft.
23 March 2020

Microsoft Warns of Critical Windows Zero-Day Flaws

Microsoft Warns of Critical Windows Zero-Day Flaws The unpatched Windows zero day flaws are being exploited in "limited, targeted" attacks, according to Microsoft.
23 March 2020

Microsoft warns of Windows zero-day exploited in the wild

BREAKING: Hackers are exploiting a zero-day in the Adobe Type Manager Library (atmfd.dll) that ships with the Windows OS.
23 March 2020

FBI Warns of Fake CDC Emails in COVID-19 Phishing Alert

Fraudsters exploit concerns by claiming to offer virus-related information or promising stimulus checks.
23 March 2020

FireEye warns about the proliferation of ready-made ICS hacking tools

The growing number of hacking tools targeting industrial equipment is slowly becoming a problem.
23 March 2020

Protecting Payments While Working Remotely


PCI SSC is dedicated to providing necessary guidance to the payments industry during evolving circumstances related to COVID-19. The current climate is forcing more global organizations to a remote-work model. As organization make this shift, it is important to maintain security practices to protect payment card data. The following are excerpts related to remote work best practices taken from the PCI SSC Information Supplement “Protecting Telephone-Based Payment Card Data”.

23 March 2020

Fake Coronavirus ‘Vaccine’ Website Busted in DoJ Takedown

Fake Coronavirus ‘Vaccine’ Website Busted in DoJ Takedown Authorities have cracked down on a website that claimed to give out coronavirus vaccine kits - but that was actually stealing victims' payment card data and personal information.
23 March 2020

Fake Coronavirus ‘Vaccine’ Website Busted in DoJ Takedown

Fake Coronavirus ‘Vaccine’ Website Busted in DoJ Takedown Authorities have cracked down on a website that claimed to give out coronavirus vaccine kits - but that was actually stealing victims' payment card data and personal information.
23 March 2020

8 Infosec Page-Turners for Days Spent Indoors

8 Infosec Page-Turners for Days Spent Indoors Stuck inside and looking for a new read? Check out these titles written be security practitioners and reporters across the industry.
23 March 2020

The good, the bad and the plain ugly

A prolific ransomware gang vows to dial back its campaigns and spare healthcare organizations altogether during the COVID-19 crisis. It’s no cause for celebration.

The post The good, the bad and the plain ugly appeared first on WeLiveSecurity

23 March 2020

From Zero to Hero: CISO Edition

It's time for organizations to realize that an empowered CISO can effectively manage enterprise risk and even grow the business along the way.
23 March 2020

Europol eradicates criminal gangs flogging fake coronavirus medicine, surgical masks

€13 million in potentially dangerous drugs, touted as coronavirus cures or immune system boosters, have been seized so far.
23 March 2020

Hacker selling data of 538 million Weibo users

Data for 538 million Weibo users, including 172 million phone numbers, has been put up for sale on the dark web.
22 March 2020