Cybersecurity News


Intel Fixes High-Severity Flaws in NUC, Discontinues Buggy Compute Module

Intel Fixes High-Severity Flaws in NUC, Discontinues Buggy Compute Module Intel fixed nine high- and medium-severity flaws in its April security update, which could enable privilege escalation and denial of service attacks.
15 April 2020

PPE, COVID-19 Medical Supplies Targeted by BEC Scams

PPE, COVID-19 Medical Supplies Targeted by BEC Scams FBI said that government agencies aiming to buy critical items like ventilators have unknowingly transferred funds to threat actors.
15 April 2020

Cybersecurity Prep for the 2020s

The more things change, the more they stay the same. Much of the world is still behind on the basics.
15 April 2020

Rapid7 launches AttackerKB, a service for crowdsourcing vulnerability assessments

AttackerKB portal enters public beta.
15 April 2020

New tool detects AWS intrusions where hackers abuse self-replicating tokens

New SkyWrapper tool generates Excel spreadsheets so AWS account owners can easily spot compromised tokens.
15 April 2020

Nemty ransomware operation shuts down

Another ransomware operation bites the dust. Good riddance!
15 April 2020

Phishing kit prices skyrocketed in 2019 by 149%

The average price for a phishing kit in 2019 was $304, up from $122 recorded in 2018.
15 April 2020

Patch-a-Palooza: More Than 560 Flaws Fixed in a Single Day

Software vendors keep pushing patches to the same Tuesday once a month, or once a quarter, and the result can be overwhelming. Six enterprise software makers issued patches for 567 issues in April.
14 April 2020

Microsoft Patch Tuesday, April 2020 Edition

Microsoft today released updates to fix 113 security vulnerabilities in its various Windows operating systems and related software. Those include at least three flaws that are actively being exploited, as well as two others which were publicly detailed prior to today, potentially giving attackers a head start in figuring out how to exploit the bugs.
14 April 2020

Microsoft opens AccountGuard to healthcare providers on the COVID-19 front lines

Microsoft says the service will remain free for all healthcare organizations "until the COVID-19 pandemic subsides."
14 April 2020

Will Gentler HIPAA Rules on Telehealth Now Protect Us From Breach Litigation Later?

Will Gentler HIPAA Rules on Telehealth Now Protect Us From Breach Litigation Later? To enable medical care while encouraging social distancing during the COVID-19 pandemic, the Department of Health and Human Services temporarily loosened up on some of its HIPAA noncompliance enforcement on telehealth. But what happens if there's a PHI slip-up?
14 April 2020

Microsoft Patches 113 Bugs, 3 Under Active Attack

Microsoft has seen a 44% jump in the number of CVEs fixed between January and April 2020 compared with the same period in 2019.
14 April 2020

Insecure Home Office Networks Heighten Work-at-Home Risks

Nearly one in two organizations has one or more devices accessing its corporate network from a home network with at least one malware infection, BitSight says.
14 April 2020

April Patch Tuesday: Microsoft Battles 4 Bugs Under Active Exploit

April Patch Tuesday: Microsoft Battles 4 Bugs Under Active Exploit Microsoft issued 113 patches in a big update, unfortunately for IT staff already straining under WFH security concerns.
14 April 2020

TikTok Vulnerability Leaves Users Open to Fake News

A vulnerability in the way TikTok requests and receives video content could leave users streaming video from bogus servers.
14 April 2020

Microsoft April 2020 Patch Tuesday comes with fixes for four zero-days

Microsoft fixes another 113 bugs this month after patching a whopping 115 last month.
14 April 2020

Microsoft April 2020 Patch Tuesday comes with fixes for three zero-days

Microsoft fixes another 113 bugs this month after patching a whopping 115 last month.
14 April 2020

Adobe Fixes ‘Important’ Flaws in ColdFusion, After Effects and Digital Editions

Adobe Fixes ‘Important’ Flaws in ColdFusion, After Effects and Digital Editions While Adobe's regularly scheduled security updates were light this month, they fixed "important" severity vulnerabilities.
14 April 2020

Exclusive: Google removes 49 Chrome extensions caught stealing crypto-wallet keys

The Chrome extensions were mimicking cryptocurrency wallet apps like Ledger, MyEtherWallet, Trezor, Electrum, and others, but, in reality, they were stealing users' private keys and mnemonic phrases.
14 April 2020

How Company Cultures Dictated Work-from-Home Readiness

Companies large and small are discovering just how prepared they were for all employees to work remotely
14 April 2020