Cybersecurity News


Hacking the PLC via Its Engineering Software

Researcher will demonstrate at DEF CON an emerging threat to industrial control networks.
07 August 2020

Attackers Horn in on MFA Bypass Options for Account Takeovers

Attackers Horn in on MFA Bypass Options for Account Takeovers Legacy applications don't support modern authentication -- and cybercriminals know this.
07 August 2020

400+ Qualcomm Chip Vulnerabilities Threaten Millions of Android Phones

Security researchers found hundreds of pieces of vulnerable code in the Qualcomm Snapdragon chips powering Android phones.
07 August 2020

Have I Been Pwned Set to Go Open-Source

Have I Been Pwned Set to Go Open-Source Fully opening the door to allow people to contribute to – and notably, tinker with – the code for the data-breach information service will be an entirely next-level effort, according to founder Troy Hunt.
07 August 2020

Hackers are defacing Reddit with pro-Trump messages

BREAKING: Massive hack hits Reddit.
07 August 2020

Researcher Finds New Office Macro Attacks for MacOS

Building successful macro attacks means getting past several layers of security, but a Black Hat speaker found a way through.
07 August 2020

BEC Campaigns Target Financial Execs via Office 365

A series of business email compromise campaigns has been targeting executives of more than 1,000 companies, most recently in the US and Canada.
07 August 2020

Bulgarian police arrest hacker Instakilla

Hacker accused of hacking and extorting companies, selling stolen data online.
07 August 2020

Facebook open-sources one of Instagram's security tools

In the first half of 2020, Pysa detected 44% of all security bugs in Instagram's server-side Python code.
07 August 2020

Week in security with Tony Anscombe

ESET highlights new research at Black Hat 2020 – What to if your data was stolen in the Blackbaud breach

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

07 August 2020

IoT Security During COVID-19: What We've Learned & Where We're Going

Vigilance and ongoing training combined with an integrated security framework are key aspects of a successful strategy in the fight against the latest crop of pandemic opportunists.
07 August 2020

Hackers Dump 20GB of Intel’s Confidential Data Online

Hackers Dump 20GB of Intel’s Confidential Data Online Chipmaker investigates a leak of intellectual property from its partner and customer resource center.
07 August 2020

Augmenting AWS Security Controls

Augmenting AWS Security Controls Appropriate use of native security controls in AWS and other CSPs is fundamental to managing cloud risk and avoiding costly breaches.
07 August 2020

Stadeo: Deobfuscating Stantinko and more

We introduce Stadeo – a set of scripts that can help fellow threat researchers and reverse engineers to deobfuscate the code of Stantinko and other malware

The post Stadeo: Deobfuscating Stantinko and more appeared first on WeLiveSecurity

07 August 2020

Canon suffers ransomware attack, Maze claims responsibility

Reports based on an internal memo suggest an external security firm has been hired to investigate.
07 August 2020

Magecart group uses homoglyph attacks to fool you into visiting malicious websites

A new campaign is utilizing the Inter kit and favicons to hide skimming activities.
07 August 2020

Small and medium‑sized businesses: Big targets for ransomware attacks

Why are SMBs a target for ransomware-wielding gangs and what can they do to protect themselves against cyber-extortion?

The post Small and medium‑sized businesses: Big targets for ransomware attacks appeared first on WeLiveSecurity

07 August 2020

Black Hat 2020: Influence Campaigns Are a Cybersecurity Problem

Black Hat 2020: Influence Campaigns Are a Cybersecurity Problem An inside look at how nation-states use social media to influence, confuse and divide -- and why cybersecurity researchers should be involved.
06 August 2020

Getting to the Root: How Researchers Identify Zero-Days in the Wild

Google Project Zero researcher Maddie Stone explains the importance of identifying flaws exploited in the wild and techniques used to do it.
06 August 2020

Researchers Create New Framework to Evaluate User Security Awareness

Approaches based on questionnaires and self-evaluation are not always a good indicator of how well a user can mitigate social engineering threats.
06 August 2020