Cybersecurity News
Twitter hires new CISO in industry veteran Rinki Sethi
Sethi previously served in security roles at Rubrik, IBM, Palo Alto Networks, Intuit, and eBay.29 September 2020
Microsoft: Ransomware & Nation-State Attacks Rise, Get More Sophisticated
Malware-based attacks are out, phishing is in, along with credential stuffing and business email compromise. Microsoft recommends defensive tactics in its new report on rising threats.29 September 2020
Who’s Behind Monday’s 14-State 911 Outage?
Emergency 911 systems were down for more than an hour on Monday in towns and cities across 14 U.S. states. The outages led many news outlets to speculate the problem was related to Microsoft's Azure web services platform, which also was struggling with a widespread outage at the time. However, multiple sources tell KrebsOnSecurity the 911 issues stemmed from some kind of technical snafu involving Intrado and Lumen, two companies that together handle 911 calls for a broad swath of the United States.29 September 2020
DDoS Attacks Soar in First Half of 2020
Shorter, faster, multivector attacks had a greater impact on victims.29 September 2020
New Campaign by China-Linked Group Targets US Orgs for First Time
In a least one instance, the Palmerworm APT group was able to remain undetected on a compromised system for nearly six months, according to Symantec.29 September 2020
Securing Slack: 5 Tips for Safer Messaging, Collaboration
Remote workers and scattered teams are relying on Slack more and more for messaging and collaboration. Here are a few extra tips for keeping data and systems more secure when using Slack.
29 September 2020
Vulnerability in Wireless Router Chipsets Prompts Advisory
Synopsys issues an advisory for vulnerabilities affecting the chipsets of wireless routers from Qualcomm, Mediatek, and Realtek.29 September 2020
Zerologon Attacks Against Microsoft DCs Snowball in a Week
The attempted compromises, which could allow full control over Active Directory identity services, are flying thick and fast just a week after active exploits of CVE-2020-1472 were first flagged.
29 September 2020
Shifting Left of Left: Why Secure Code Isn't Always Quality Code
Enabling engineers to share responsibility for security and empowering them to erase common vulnerabilities are good starting points.
29 September 2020
The Network Perimeter: This Time, It’s Personal
Botnets and IoT devices are forming a perfect storm for IT staff wrestling with WFH employee security.
29 September 2020
What to Know Before Participating in a PCI SSC RFC
The PCI SSC Request for Comments (RFC) process is an avenue for PCI SSC stakeholders to provide feedback on existing and new PCI security standards and programs. This feedback plays a critical role in the ongoing maintenance and development of these resources for the payment card industry.
29 September 2020
FBI, CISA warn of disinformation campaigns about hacked voting systems
Threat actors may spread false claims about compromised voting systems in order to undermine confidence in the electoral process
The post FBI, CISA warn of disinformation campaigns about hacked voting systems appeared first on WeLiveSecurity
29 September 2020
Microsoft: Some ransomware attacks take less than 45 minutes
Microsoft goes over the recent malware trends in its new "Digital Defense Report."29 September 2020
Las Vegas Students’ Personal Data Leaked, Post-Ransomware Attack
A researcher said he discovered an open data cache with names, grades, birthdates and more, after the Clark County School District refused to pay the ransom.
29 September 2020
State-Sponsored Hacking Groups Increasingly Use Cloud & Open Source Infrastructure
Microsoft shuts down Azure Active Directory instances used by attackers to evade detection and warns that the use of open source tools by espionage groups is growing.29 September 2020
The Shared Irresponsibility Model in the Cloud Is Putting You at Risk
Step up, put the architecture and organization in place, and take responsibility. If you don't, who will?29 September 2020
Telehealth Poll: How Risky Are Remote Doctor Visits?
Threatpost's latest poll probes telehealth security risks and asks for IT cures.
29 September 2020
Nevada school district refuses to submit to ransomware blackmail, hacker publishes student data
Thousands of students have reportedly had their private data released online.29 September 2020
Former Amazon finance manager and family charged with $1.4m insider trading scheme
The charges relate to trading made before Amazon earnings announcements.29 September 2020
QNAP tells NAS users to update firmware to avoid new type of ransomware
AgeLocker ransomware has been seen infecting QNAP NAS systems since June.29 September 2020