Cybersecurity News


Hundreds of millions of cable modems are vulnerable to new Cable Haunt vulnerability

Cable modems using Broadcom chips are vulnerable to a new vulnerability named Cable Haunt, researchers say.
10 January 2020

6 Unique InfoSec Metrics CISOs Should Track in 2020

6 Unique InfoSec Metrics CISOs Should Track in 2020 You might not find these measurements on a standard cybersecurity department checklist. But they can help evaluate risks you haven't even considered yet.
10 January 2020

Cisco Webex Bug Allows Remote Code Execution

Cisco Webex Bug Allows Remote Code Execution Cisco patched two high-severity flaws this week, in its Webex and IOS XE Software products.
10 January 2020

Lifeline Assistance Phone Users Targeted with ‘Uninstallable’ Adware

Lifeline Assistance Phone Users Targeted with ‘Uninstallable’ Adware A Virgin Mobile-branded phone distributed by Assurance Wireless to low-income U.S. citizens has a trojan pre-installed that can download additional malware.
10 January 2020

Indian National Pleads Guilty to Multimillion-Dollar Call Center Scam

The India-based call centers scammed US victims out of millions of dollars between 2013 and 2016.
10 January 2020

Week in security with Tony Anscombe

Some takeaways from CES 2020 – Firefox update plugs a zero-day – Facebook cracks down on deepfakes

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

10 January 2020

Week in security with Tony Anscombe

Some takeaways from CES 2020 – Firefox update plugs a zero-day – Facebook cracks down on deepfakes

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

10 January 2020

5 Tips on How to Build a Strong Security Metrics Framework

The carpentry maxim "measure twice, cut once" underscores the importance of timely, accurate, and regular metrics to inform security leaders' risk decisions.
10 January 2020

Study Points to Lax Focus on Cybersecurity

Despite ranking at the top of respondents' concerns, organizations still show gaps in acting on cybersecurity, Society for Information Management (SIM) report finds.
10 January 2020

Connected cars: How to improve their connection to cybersecurity

As software becomes more important than ever, how can engaging the security industry make the road ahead less winding?

The post Connected cars: How to improve their connection to cybersecurity appeared first on WeLiveSecurity

10 January 2020

Connected cars: How to improve their connection to cybersecurity

As software becomes more important than ever, how can engaging the security industry make the road ahead less winding?

The post Connected cars: How to improve their connection to cybersecurity appeared first on WeLiveSecurity

10 January 2020

TrickBot hackers create new stealthy backdoor for high-value targets

PowerTrick is reserved for the most lucrative targets on the gang’s hit list.
10 January 2020

Oil-and-Gas APT Pivots to U.S. Power Plants

Oil-and-Gas APT Pivots to U.S. Power Plants Researchers say that physically disruptive attacks aren't imminent, but an increased focus on U.S. electrical-grid operators doesn't bode well.
10 January 2020

Man jailed for using data breach info leaks to claim over $12 million in IRS tax refunds

Information leaked due to data breaches was used to file fraudulent tax returns.
10 January 2020

Cybersecurity acquisitions run rampant this week: Who has bought what?

As a new year unfolds, so do portfolio changes and acquisition deals in the cybersecurity sector.
10 January 2020

Skype audio graded by workers in China with 'no security measures'

Skype audio graded by workers in China with 'no security measures'

Exclusive: former Microsoft contractor says he was emailed login after minimal vetting

A Microsoft programme to transcribe and vet audio from Skype and Cortana, its voice assistant, ran for years with “no security measures”, according to a former contractor who says he reviewed thousands of potentially sensitive recordings on his personal laptop from his home in Beijing over the two years he worked for the company.

The recordings, both deliberate and accidentally invoked activations of the voice assistant, as well as some Skype phone calls, were simply accessed by Microsoft workers through a web app running in Google’s Chrome browser, on their personal laptops, over the Chinese internet, according to the contractor.

Continue reading...
10 January 2020

Google details its three-year fight against the Bread (Joker) malware operation

Google says it removed more than 1,700 Android apps infected with Bread (Joker) malware since 2017.
10 January 2020

Reporting an Incident

Bad guys are very persistent, eventually anyone can make a mistake. If a phone call from the "Help Desk" doesn't sound quite right, if an email seems suspicious or if a program you installed starts acting funny, ask for help! In addition, perhaps you lost a work laptop or a USB drive. The sooner you report an incident, the sooner we can help resolve the problem.
10 January 2020

Attackers Increase Focus on North American Electric Utilities: Report

Electric utilities continue to be a target of nation-state attackers, even before the latest tensions between Iran and the United States, says a critical-infrastructure security firm.
09 January 2020

Chinese Malware Found Preinstalled on US Government-Funded Phones

Researchers found unremovable malware preinstalled in the Unimax U686CL, a budget Android device sold by Assurance Wireless.
09 January 2020