Cybersecurity News


Spear-Phishers Leverage Office 365 Ecosystem to Validate Stolen Creds in Real Time

New attack technique uses Office 365 APIs to cross-check credentials against Azure Active Directory as victim types them in.
11 September 2020

Fraud Prevention During the Pandemic

When the economy is disrupted, fraud goes up, so let's not ignore the lessons we can learn from previous downturns.
11 September 2020

Adult site users targeted with malicious ads redirecting to exploit kits, malware

Adult ad networks abused in last hurrah attacks before Flash and IE near EOL.
11 September 2020

IRS offers grants for software to trace privacy-focused cryptocurrency trades

Grants of up to $625,000 will be issued in exchange for cryptocurrency tracking technologies.
11 September 2020

ThreatConnect acquires enterprise risk management firm Nehemiah Security

ThreatConnect aims to create a full security lifestyle solutions portfolio suitable for enterprise players.
11 September 2020

Porn site users targeted with malicious ads redirecting to exploit kits, malware

Adult ad networks abused in last hurrah attacks before Flash and IE near EOL.
11 September 2020

Cyber-Risks Explode With Move to Telehealth Services

The hasty shift to online delivery of primary care services since the COVID-19 outbreak has attracted significant attacker interest.
10 September 2020

US Sanctions Russian Attackers for 2020 Election Interference

The move comes as Microsoft publishes research on attack groups and activity attempting to target the Biden and Trump campaigns.
10 September 2020

6 Lessons IT Security Can Learn From DevOps

6 Lessons IT Security Can Learn From DevOps DevOps has taken over enterprise software development. The discipline has lessons for IT security -- here are a quick half-dozen.
10 September 2020

Two Years on from GDPR: Has It Driven Growth in Cybersecurity Insurance?

Whilst GDPR has put the spotlight on data privacy and cyber issues, there are other more prominent trends that are driving a greater take-up of cyber insurance, says Ben Maidment, Class Underwriter - Cyber, Physical & Technology at Brit Insurance.
10 September 2020

ThreatConnect Buys Nehemiah Security

Threat intelligence firm adds Nehemiah's Risk Quantifier to its platform.
10 September 2020

Microsoft Warns of Cyberattacks on Trump, Biden Election Campaigns

Microsoft Warns of Cyberattacks on Trump, Biden Election Campaigns Just months before the U.S. presidential election, hackers from Russia, China and Iran are ramping up phishing and malware attacks against campaign staffers.
10 September 2020

Razer Gaming Fans Caught Up in Data Leak

Razer Gaming Fans Caught Up in Data Leak A cloud misconfiguration at the gaming-gear merchant potentially exposed 100,000 customers to phishing and fraud.
10 September 2020

Zoom Brings Two-Factor Authentication to All Users

This marks the latest step Zoom has taken to improve user security as more employees work from home.
10 September 2020

Microsoft confirms Chinese, Iranian, and Russian cyber-attacks on Biden and Trump campaigns

Microsoft said the "majority of these attacks" were detected and blocked.
10 September 2020

Think You're Spending Enough on Security?

Think You're Spending Enough on Security? While the amount will vary from organization to organization, here are four ways for everyone to evaluate whether they're allocating the right amount of money and resources.
10 September 2020

Portland passes the strictest facial recognition technology ban in the US yet 

Oregon’s largest city aims to be a trailblazer when it comes to facial recognition legislation .

The post Portland passes the strictest facial recognition technology ban in the US yet  appeared first on WeLiveSecurity

10 September 2020

Managed IT Providers: The Cyber-Threat Actors' Gateway to SMBs

Criminals have made MSPs a big target of their attacks. That should concern small and midsize businesses a great deal.
10 September 2020

Bluetooth Bug Opens Devices to Man-in-the-Middle Attacks

Bluetooth Bug Opens Devices to Man-in-the-Middle Attacks The "BLURtooth" flaw allows attackers within wireless range to bypass authentication keys and snoop on devices utilizing implementations of Bluetooth 4.0 through 5.0.
10 September 2020

NIST and PCI SSC Find Common Ground in Development of Software Frameworks


The National Institute of Standards and Technology (NIST) and the PCI Security Standards Council (PCI SSC) have recently announced complementary frameworks for secure software development. There are numerous mature, secure software lifecycle management methodologies and frameworks available that, when properly implemented and maintained, can produce secure software.

10 September 2020