Cybersecurity News


Xfinity, McAfee Brands Abused by Parked Domains in Active Campaigns

Xfinity, McAfee Brands Abused by Parked Domains in Active Campaigns Malicious redirection websites are using typosquatting and impersonation to attack unwary visitors.
29 October 2020

FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals

On Monday, Oct. 27, KrebsOnSecurity began following up on a tip from a reliable source that an aggressive Russian cybercriminal gang known for deploying ransomware was preparing to disrupt information technology systems at hundreds of hospitals, clinics and medical care facilities across the United States. Today, officials from the FBI and the U.S. Department of Homeland Security hastily assembled a conference call with healthcare industry executives warning about an "imminent cybercrime threat to U.S. hospitals and healthcare providers."
28 October 2020

Breaking the Glass Ceiling: Tough for Women, Tougher for Women of Color

Security practitioners shed light on obstacles limiting career growth and the steps businesses can take to achieve their promises of a more diverse workforce.
28 October 2020

More Hospitals Hit by Growing Wave of Ransomware Attacks

More Hospitals Hit by Growing Wave of Ransomware Attacks Hospitals in New York and Oregon were targeted on Tuesday by threat actors who crippled systems and forced ambulances with sick patients to be rerouted, in some cases.
28 October 2020

US Government Issues Warning on Kimsuky APT Group

The joint alert, from CISA, the FBI, and others, describes activities from the North Korean advanced persistent threat group.
28 October 2020

Microsoft’s SMBGhost Flaw Still Haunts 108K Windows Systems

Microsoft’s SMBGhost Flaw Still Haunts 108K Windows Systems While Microsoft patched the bug known as CVE-2020-0796 back in March, more than one 100,000 Windows systems are still vulnerable.
28 October 2020

‘Copyright Violation’ Notices Lead to Facebook 2FA Bypass

‘Copyright Violation’ Notices Lead to Facebook 2FA Bypass Fraudulent Facebook messages allege copyright infringement and threaten to take down pages, unless users enter logins, passwords and 2FA codes.
28 October 2020

6 Ways Passwords Fail Basic Security Tests

6 Ways Passwords Fail Basic Security Tests New data shows humans still struggle with password creation and management.
28 October 2020

Rethinking Security for the Next Normal -- Under Pressure

By making a commitment to a unified approach to security, then doing what's necessary to operationalize it, organizations can establish a better security model for the next normal.
28 October 2020

How the Pandemic is Reshaping the Bug-Bounty Landscape

How the Pandemic is Reshaping the Bug-Bounty Landscape Bugcrowd Founder Casey Ellis talks about COVID-19's impact on bug bounty hunters, bug bounty program adoption and more.
28 October 2020

Russian Espionage Group Updates Custom Malware Suite

Russian Espionage Group Updates Custom Malware Suite Turla has outfitted a trio of backdoors with new C2 tricks and increased interop, as seen in an attack on a European government.
28 October 2020

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. In August, Gunnebo said it had successfully thwarted a ransomware attack, but this week it emerged that the intruders stole and published online tens of thousands of sensitive documents -- including schematics of client bank vaults and surveillance systems. The Gunnebo Group is a Swedish multinational company that provides physical security to a variety of clients globally, including banks, government agencies, airports, casinos, jewelry stores, tax agencies and even nuclear power plants. The company has operations in 25 countries, more than 4,000 employees, and billions in revenue annually.
28 October 2020

Trump Campaign Website Defaced by Unknown Attackers

Individuals behind the brief Tuesday night incident posted anti-Trump sentiments and appeared to solicit cryptocurrency.
28 October 2020

Tracking Down the Web Trackers

Tracking Down the Web Trackers Third-party Web trackers might be following your website visitors' every step. How can new tools like Blacklight help you stop them in their tracks?
28 October 2020

How to Increase Voter Turnout & Reduce Fraud

Digital identity verification has advanced, both technologically and legislatively. Is it the answer to simpler, safer voting?
28 October 2020

Iran-linked APT Targets T20 Summit, Munich Security Conference Attendees

Iran-linked APT Targets T20 Summit, Munich Security Conference Attendees The Phosphorous APT has launched successful attacks against world leaders who are attending the Munich Security Conference and the Think 20 (T20) Summit in Saudi Arabia, Microsoft warns.
28 October 2020

Physical Security Has a Lot of Catching Up to Do

The transformation we need: merging the network operations center with the physical security operations center.
28 October 2020

Election Security: How Mobile Devices Are Shaping the Way We Work, Play and Vote

Election Security: How Mobile Devices Are Shaping the Way We Work, Play and Vote With the election just a week away, cybercriminals are ramping up mobile attacks on citizens under the guise of campaign communications.
28 October 2020

ESET Threat Report Q3 2020

A view of the Q3 2020 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts

The post ESET Threat Report Q3 2020 appeared first on WeLiveSecurity

28 October 2020

North Korea-Backed Spy Group Poses as Reporters in Spearphishing Attacks, Feds Warn

North Korea-Backed Spy Group Poses as Reporters in Spearphishing Attacks, Feds Warn The Kimsuky/Hidden Cobra APT is going after the commercial sector, according to CISA.
28 October 2020