Cybersecurity News


WordPress and Apache Struts account for 55% of all weaponized vulnerabilities

Comprehensive study looks at the most attacked web technologies of the last decade.
17 March 2020

Remote Workforce Jumps 15% In Two Weeks

Netskope reports the total number of remote employees is the highest it has ever observed.
17 March 2020

APT36 Taps Coronavirus as ‘Golden Opportunity’ to Spread Crimson RAT

APT36 Taps Coronavirus as ‘Golden Opportunity’ to Spread Crimson RAT The Pakistani-linked APT has been spotted infecting victims with data exfiltration malware.
17 March 2020

InfoSec Pros Uncertain About Relationships With Partner Security Teams

InfoSec Pros Uncertain About Relationships With Partner Security Teams Only half of respondents to a recent Dark Reading study felt confident that their third-party business partners would, at least, tell them if a compromise occurred.
17 March 2020

Needed: A Cybersecurity Good Samaritan Law

Legislation should protect the good hackers who are helping to keep us safe, not just go after the bad.
17 March 2020

Financial companies leak 425GB in company, client data through open database

Half a million confidential legal and financial documents, at least, were exposed online.
17 March 2020

Many Ransomware Attacks Can be Stopped Before They Begin

The tendency by many attackers to wait for the right time to strike gives defenders an opening, FireEye says.
17 March 2020

Activities of a Nigerian Cybercriminal Uncovered

Activities of a Nigerian Cybercriminal Uncovered Rise and fall of a Nigerian cybercriminal called ‘Dton,’ who made hundreds of thousands of dollars in a 7-year campaign, outlined in new report.
17 March 2020

Most ransomware attacks take place during the night or over the weekend

FireEye: 27% of all ransomware attacks take place during the weekend, 49% after working hours during weekdays.
16 March 2020

Convincing Google Impersonation Opens Door to MiTM, Phishing

Convincing Google Impersonation Opens Door to MiTM, Phishing Using homographic characters is an easy way to execute a convincing fake site.
16 March 2020

Privacy in a Pandemic: What You Can (and Can't) Ask Employees

Businesses struggle to strike a balance between workplace health and employees' privacy rights in the midst of a global health emergency.
16 March 2020

Intel CPUs vulnerable to new 'Snoop' attack

Applying the the patches for the Foreshadow (L1TF) attack disclosed in 2018 also blocks Snoop attacks.
16 March 2020

Five Indicted on Romance and Lottery Fraud Charges

Fraudsters allegedly targeted elderly victims, ultimately wringing more than $4 million from their bank accounts.
16 March 2020

Important Training Schedule Update: Instructor-Led Trainings (ILT) Canceled


With the primary concern for the safety of everyone involved, and the current uncertainty of global travel restrictions, PCI SSC has decided to cancel all instructor-led training (ILT) courses through the end of May 2020. The courses that are impacted by this cancellation are:

16 March 2020

Microsoft Edge Shares Privacy-Busting Telemetry, Research Alleges

Microsoft Edge Shares Privacy-Busting Telemetry, Research Alleges An academic study found Microsoft's Edge browser to be the least private, due to it sending device identifiers and web browsing pages to back-end servers.
16 March 2020

Hellman & Friedman Acquires Checkmarx for $1.15B

The private equity firm will buy Checkmarx from Insight Partners, which will continue to own a minority interest.
16 March 2020

Hellman & Friedman Acquires Checkmarx for $1.5B

The private equity firm will buy Checkmarx from Insight Partners, which will continue to own a minority interest.
16 March 2020

Fewer Vulnerabilities in Web Frameworks, but Exploits Remain Steady

Attackers continue to focus on web and application frameworks, such as Apache Struts and WordPress, fighting against a decline in vulnerabilities, according to an analysis.
16 March 2020

4 Ways Thinking 'Childishly' Can Empower Security Professionals

Younger minds -- more agile and less worried by failure -- provide a useful model for cyber defenders to think more creatively.
16 March 2020

The Web’s Bot Containment Unit Needs Your Help

Anyone who's seen the 1984 hit movie Ghostbusters likely recalls the pivotal scene where a government bureaucrat orders the shutdown of the ghost containment unit, effectively unleashing a pent-up phantom menace on New York City. Now, something similar is in danger of happening in cyberspace: Shadowserver.org, an all-volunteer nonprofit organization that works to help Internet service providers (ISPs) identify and quarantine malware infections and botnets, has lost its longtime primary source of funding.
16 March 2020