Cybersecurity News


Twitter hires new CISO in industry veteran Rinki Sethi

Sethi previously served in security roles at Rubrik, IBM, Palo Alto Networks, Intuit, and eBay.
29 September 2020

Microsoft: Ransomware & Nation-State Attacks Rise, Get More Sophisticated

Malware-based attacks are out, phishing is in, along with credential stuffing and business email compromise. Microsoft recommends defensive tactics in its new report on rising threats.
29 September 2020

Who’s Behind Monday’s 14-State 911 Outage?

Emergency 911 systems were down for more than an hour on Monday in towns and cities across 14 U.S. states. The outages led many news outlets to speculate the problem was related to Microsoft's Azure web services platform, which also was struggling with a widespread outage at the time. However, multiple sources tell KrebsOnSecurity the 911 issues stemmed from some kind of technical snafu involving Intrado and Lumen, two companies that together handle 911 calls for a broad swath of the United States.
29 September 2020

DDoS Attacks Soar in First Half of 2020

Shorter, faster, multivector attacks had a greater impact on victims.
29 September 2020

New Campaign by China-Linked Group Targets US Orgs for First Time

In a least one instance, the Palmerworm APT group was able to remain undetected on a compromised system for nearly six months, according to Symantec.
29 September 2020

Securing Slack: 5 Tips for Safer Messaging, Collaboration

Securing Slack: 5 Tips for Safer Messaging, Collaboration Remote workers and scattered teams are relying on Slack more and more for messaging and collaboration. Here are a few extra tips for keeping data and systems more secure when using Slack.
29 September 2020

Vulnerability in Wireless Router Chipsets Prompts Advisory

Synopsys issues an advisory for vulnerabilities affecting the chipsets of wireless routers from Qualcomm, Mediatek, and Realtek.
29 September 2020

Zerologon Attacks Against Microsoft DCs Snowball in a Week

Zerologon Attacks Against Microsoft DCs Snowball in a Week The attempted compromises, which could allow full control over Active Directory identity services, are flying thick and fast just a week after active exploits of CVE-2020-1472 were first flagged.
29 September 2020

Shifting Left of Left: Why Secure Code Isn't Always Quality Code

Shifting Left of Left: Why Secure Code Isn't Always Quality Code Enabling engineers to share responsibility for security and empowering them to erase common vulnerabilities are good starting points.
29 September 2020

The Network Perimeter: This Time, It’s Personal

The Network Perimeter: This Time, It’s Personal Botnets and IoT devices are forming a perfect storm for IT staff wrestling with WFH employee security.
29 September 2020

What to Know Before Participating in a PCI SSC RFC

 

The PCI SSC Request for Comments (RFC) process is an avenue for PCI SSC stakeholders to provide feedback on existing and new PCI security standards and programs. This feedback plays a critical role in the ongoing maintenance and development of these resources for the payment card industry.

29 September 2020

FBI, CISA warn of disinformation campaigns about hacked voting systems

Threat actors may spread false claims about compromised voting systems in order to undermine confidence in the electoral process

The post FBI, CISA warn of disinformation campaigns about hacked voting systems appeared first on WeLiveSecurity

29 September 2020

Microsoft: Some ransomware attacks take less than 45 minutes

Microsoft goes over the recent malware trends in its new "Digital Defense Report."
29 September 2020

Las Vegas Students’ Personal Data Leaked, Post-Ransomware Attack

Las Vegas Students’ Personal Data Leaked, Post-Ransomware Attack A researcher said he discovered an open data cache with names, grades, birthdates and more, after the Clark County School District refused to pay the ransom.
29 September 2020

State-Sponsored Hacking Groups Increasingly Use Cloud & Open Source Infrastructure

Microsoft shuts down Azure Active Directory instances used by attackers to evade detection and warns that the use of open source tools by espionage groups is growing.
29 September 2020

The Shared Irresponsibility Model in the Cloud Is Putting You at Risk

Step up, put the architecture and organization in place, and take responsibility. If you don't, who will?
29 September 2020

Telehealth Poll: How Risky Are Remote Doctor Visits?

Telehealth Poll: How Risky Are Remote Doctor Visits? Threatpost's latest poll probes telehealth security risks and asks for IT cures.
29 September 2020

Nevada school district refuses to submit to ransomware blackmail, hacker publishes student data

Thousands of students have reportedly had their private data released online.
29 September 2020

Former Amazon finance manager and family charged with $1.4m insider trading scheme

The charges relate to trading made before Amazon earnings announcements.
29 September 2020

QNAP tells NAS users to update firmware to avoid new type of ransomware

AgeLocker ransomware has been seen infecting QNAP NAS systems since June.
29 September 2020