Cybersecurity News


Ubiq Rolls Out Encryption-as-a-Service Platform Aimed at Developers

A few lines of code and two API calls is all that it takes for developers to add encryption to their applications, startup says.
21 October 2020

Bug Parade: NSA Warns on Cresting China-Backed Cyberattacks

Bug Parade: NSA Warns on Cresting China-Backed Cyberattacks The Feds have published a Top 25 exploits list, rife with big names like BlueKeep, Zerologon and other notorious security vulnerabilities.
21 October 2020

As Smartphones Become a Hot Target, Can Mobile EDR Help?

Lookout Security debuts a mobile endpoint detection and response offering that will integrate into its mobile security platform.
21 October 2020

Cisco Warns of Severe DoS Flaws in Network Security Software

Cisco Warns of Severe DoS Flaws in Network Security Software The majority of the bugs in Cisco’s Firepower Threat Defense (FTD) and Adaptive Security Appliance (ASA) software can enable denial of service (DoS) on affected devices.
21 October 2020

Dealing With Insider Threats in the Age of COVID

Dangerous gray areas like new BYOD policies and shadow IT devices have increased, thanks to the rapid shift to remote working.
21 October 2020

Oracle Kills 402 Bugs in Massive October Patch Update

Oracle Kills 402 Bugs in Massive October Patch Update Over half of Oracle's flaws in its quarterly patch update can be remotely exploitable without authentication; 65 are critical, and two have CVSS scores of 10 out of 10.
21 October 2020

How AI Will Supercharge Spear-Phishing

How AI Will Supercharge Spear-Phishing To keep pace with intelligent, unpredictable threats, cybersecurity will have to adopt an intelligent security of its own.
21 October 2020

IASME Consortium to Kick-start New IoT Assessment Scheme

The IASME Consortium has been awarded a DCMS grant, enabling the UK organization to kick-start an Internet of Things (IoT) assessment scheme. IASME is looking for manufacturers interested in getting their IoT device certified cyber secure for free via the new pilot scheme.
21 October 2020

WordPress deploys forced security update for dangerous bug in popular plugin

More than one million WordPress sites were running a vulnerable version of the Loginizer plugin.
21 October 2020

Beware of Account Testing Attack


PCI SSC's Troy Leach and NCFTA's Matt LaVigna share guidance and information on protecting against Account Testing Attacks.

21 October 2020

Are You One COVID-19 Test Away From a Cybersecurity Disaster?

One cybersecurity failure can result in a successful ransomware attack or data breach that could cause tremendous damage. There's no need to panic, but neither is there time to ignore the issue.
21 October 2020

Iranian Cyberattack Group Deploys New PowGoop Downloader Against Mideast Targets

Seedworm Group, aka MuddyWater, is also deploying commodity ransomware as part of espionage attacks on companies and government agencies in the Middle East region.
21 October 2020

Egregor Claims Responsibility for Barnes & Noble Attack, Leaks Data

Egregor Claims Responsibility for Barnes & Noble Attack, Leaks Data The ransomware gang claims to have bought network access to the bookseller's systems before encrypting the networks and stealing "financial and audit data."
21 October 2020

Google patches Chrome zero‑day under attack

In addition to patching the actively exploited bug, the update also brings fixes for another four security loopholes

The post Google patches Chrome zero‑day under attack appeared first on WeLiveSecurity

21 October 2020

Modern Day Insider Threat: Network Bugs That Are Stealing Your Data

Attacks involving an unmanaged device and no malware expose gaps in cybersecurity that must be addressed.
21 October 2020

Cybercriminals Step Up Their Game Ahead of U.S. Elections

Cybercriminals Step Up Their Game Ahead of U.S. Elections Ahead of the November U.S. elections, cybercriminals are stepping up their offensive in both attacks against security infrastructure and disinformation campaigns - but this time, social media giants, the government and citizens are more prepared.
21 October 2020

Google Patches Actively-Exploited Zero-Day Bug in Chrome Browser

Google Patches Actively-Exploited Zero-Day Bug in Chrome Browser The memory-corruption vulnerability exists in the browser’s FreeType font rendering library.
21 October 2020

Adobe releases another out-of-band patch, squashing critical bugs across creative software

10 products are impacted, including Photoshop, Illustrator, Dreamweaver, and InDesign.
21 October 2020

MobileIron enterprise MDM servers under attack from DDoS gangs, nation-states

Threat actors range from DDoS botnets to Chinese state-sponsored hacking groups.
21 October 2020

Ransomware Attacks Show Little Sign of Slowing in 2021

Attackers have little motivation to stop when businesses are paying increasingly larger ransoms, say security experts who foresee a rise in attacks.
20 October 2020