Cybersecurity News


Twitter removes 130 Iranian accounts for trying to disrupt the US Presidential Debate

Twitter says it removed the accounts following a tip from the FBI.
30 September 2020

The No Good, Very Bad Week for Iran's Nation-State Hacking Ops

A look at the state of Iran's cyber operations as the US puts the squeeze on it with a pile of indictments and sanctions.
30 September 2020

GitHub Tool Spots Security Vulnerabilities in Code

Scanner, which just became generally available, lets developers spot problems before code gets into production.
30 September 2020

Cloud Misconfiguration Mishaps Businesses Must Watch

Cloud security experts explain which misconfigurations are most common and highlight other areas of the cloud likely to threaten businesses.
30 September 2020

OAuth Consent Phishing Ramps Up with Microsoft Office 365 Attacks

OAuth Consent Phishing Ramps Up with Microsoft Office 365 Attacks Attackers gain read-only permissions to snoop around Office 365 accounts, including emails, contacts and more.
30 September 2020

What Legal Language Should I Look Out for When Selecting Cyber Insurance?

What Legal Language Should I Look Out for When Selecting Cyber Insurance? At times, vague coverage can actually work for you.
30 September 2020

A Guide to the NIST Cybersecurity Framework

A Guide to the NIST Cybersecurity Framework With cybersecurity threats growing exponentially, it has never been more important to put together an efficient cyber-risk management policy, and NIST's framework can help.
30 September 2020

IDaaS: A New Era of Cloud Identity

As identity-as-a-service becomes the standard for enterprise identity management, upstarts and established competitors are competing to define the market's future. Participate in Omdia's IDaaS research.
30 September 2020

North Korea has tried to hack 11 officials of the UN Security Council

New UN Security Council report reveals repeated targeting of UN Security Council officials over the past year.
30 September 2020

North Korea has tried to hack 11 officials on the UN Security Council

New UN Security Council report reveals repeated targeting of UN Security Council officials over the past year.
30 September 2020

Android Spyware Variant Snoops on WhatsApp, Telegram Messages

Android Spyware Variant Snoops on WhatsApp, Telegram Messages The Android malware comes from threat group APT-C-23, also known as Two-Tailed Scorpion and Desert Scorpion.
30 September 2020

COVID-19 Creates Opening for OT Security Reform

Operations technology was once considered low risk, at least until the virus came along and re-arranged the threat landscape.
30 September 2020

Phishing Attack Targets Microsoft 365 Users With Netflix & Amazon Lures

Cyberattacker TA2552 primarily targets Spanish speakers with messages that leverage a narrow range of themes and popular brands.
30 September 2020

Facebook Small Business Grants Spark Identity-Theft Scam

Facebook Small Business Grants Spark Identity-Theft Scam The cybercrooks spread the COVID-19 relief scam via Telegram and WhatsApp, and ultimately harvest account credentials and even pics of IDs.
30 September 2020

Windows XP leak confirmed after user compiles the leaked code into a working OS

The Windows XP source code that leaked last week is incomplete, lacking some components, but is authentic.
30 September 2020

GitHub rolls out new Code Scanning security feature to all users

New Code Scanning feature will tell GitHub users when they've added known security flaws in their code
30 September 2020

Linkury adware caught distributing full-blown malware

Linkury (SafeFinder) installations linked to infections with the Socelars and Kpot infostealer trojans.
30 September 2020

Microsoft 365 services back online after hours‑long outage

Microsoft resolves a service disruption that affected Office 365, Outlook.com, Teams and other cloud-based services

The post Microsoft 365 services back online after hours‑long outage appeared first on WeLiveSecurity

30 September 2020

Microsoft Exchange Servers Still Open to Actively Exploited Flaw

Microsoft Exchange Servers Still Open to Actively Exploited Flaw Despite Microsoft issuing patches almost eight months ago, 61 percent of Exchange servers are still vulnerable.
30 September 2020

The Value of the PCI Secure Software Lifecycle Standard for Software Vendors


The PCI Secure Software Lifecycle (Secure SLC) Standard is part of the PCI Software Security Framework, which addresses security for software operating in payment environments. In this blog, we interview PCI Security Standards Council’s VP, Global Head of Programs, Gill Woodcock, about the Secure SLC Standard, what it is, and the value of adoption.

30 September 2020