Cybersecurity News


PoC Exploits Published For Microsoft Crypto Bug

PoC Exploits Published For Microsoft Crypto Bug Two proof-of-concept exploits were publicly released for the major Microsoft crypto-spoofing vulnerability.
16 January 2020

Active Directory Needs an Update: Here's Why

AD is still the single point of authentication for most companies that use Windows. But it has some shortcomings that should be addressed.
16 January 2020

‘Fleeceware’ Apps Downloaded 600M Times from Google Play

‘Fleeceware’ Apps Downloaded 600M Times from Google Play New research shows apps that dupe users into being charged excessively with little reward persist on the Android app store.
16 January 2020

Cyberawareness in Australia: The good and the bad

An ESET-commissioned survey sheds light on the browsing habits of Australians and how they protect themselves online

The post Cyberawareness in Australia: The good and the bad appeared first on WeLiveSecurity

16 January 2020

Cyberawareness in Australia: The good and the bad

An ESET-commissioned survey sheds light on the browsing habits of Australians and how they protect themselves online

The post Cyberawareness in Australia: The good and the bad appeared first on WeLiveSecurity

16 January 2020

Israeli spyware firm fails to get hacking case dismissed

Israeli spyware firm fails to get hacking case dismissed

Judge orders NSO Group to fight case brought by Saudi activist and pay his legal costs

An Israeli judge has rejected an attempt by the spyware firm NSO Group to dismiss a case brought against it by a prominent Saudi activist who alleged that the company’s cyberweapons were used to hack his phone.

The decision could add pressure on the company, which faces multiple accusations that it sold surveillance technology, named Pegasus, to authoritarian regimes and other governments that have allegedly used it to target political activists and journalists.

Continue reading...
16 January 2020

Proof-of-concept exploits published for the Microsoft-NSA crypto bug

Two proof-of-concept exploits published for the CurveBall (CVE-2020-0601) vulnerability.
16 January 2020

I’m still on Windows 7 – what should I do?

I’m still on Windows 7 – what should I do?

Support for Windows 7 has ended, leaving Marcy wondering how they can protect themselves

I do a lot of work on a Windows 7 desktop PC that is about five years old. I’m a widow and can’t afford to run out and get a new PC at this time, or pay for Windows 10. If I do stay with Windows 7, what should I worry about, and how can I protect myself? I have been running Kaspersky Total Security for several years, which has worked well so far. Marcy

Microsoft Windows 7 – launched in 2009 – came to the end of its supported life on Tuesday. Despite Microsoft’s repeated warnings to Windows 7 users, there may still be a couple of hundred million users, many of them in businesses. What should people do next?

Continue reading...
16 January 2020

What is Malware

Malware is software--a computer program--used to perform malicious actions. In fact, the term malware is a combination of the words malicious and software. Cyber criminals install malware on your computers or devices to gain control over them or gain access to what they contain. Once installed, these attackers can use malware to spy on your online activities, steal your passwords and files, or use your system to attack others.
16 January 2020

Chinese man arrested after making $1.6 million from selling VPN services

Chinese authorities continue their crackdown against unauthorized VPN services with what appears to be their biggest catch so far.
15 January 2020

2017 Data Breach Will Cost Equifax at Least $1.38 Billion

Company agrees to set aside a minimum of $380.5 million as breach compensation and spend another $1 billion on transforming its information security over the next five years. The 147 million US consumers affected by the breach have one week from today to file a claim.
15 January 2020

Critical WordPress Bug Leaves 320,000 Sites Open to Attack

Critical WordPress Bug Leaves 320,000 Sites Open to Attack Authentication bypass bugs in WordPress plugins InfiniteWP Client and WP Time Capsule leave hundreds of thousands of sites open to attack.
15 January 2020

A Practical Guide to Zero-Trust Security

A Practical Guide to Zero-Trust Security There are five different pillars to implement when moving to a modern, zero-trust security model.
15 January 2020

Google Lets iPhone Users Turn Device into Security Key

The iPhone can now be used in lieu of a physical security key as a means of protecting Google accounts.
15 January 2020

Podcast: NSA Reports Major Crypto-Spoofing Bug to Microsoft

Podcast: NSA Reports Major Crypto-Spoofing Bug to Microsoft Threatpost talks to Venafi about the recently-disclosed Microsoft vulnerability and whether the hype around the flaw was warranted.
15 January 2020

Why Firewalls Aren't Going Anywhere

Written off multiple times as obsolete, firewalls continue to elude demise by adding features and ensuring that VPNs keep humming.
15 January 2020

U.N. Weathers Storm of Emotet-TrickBot Malware

U.N. Weathers Storm of Emotet-TrickBot Malware A concerted, targeted phishing campaign took aim at 600 different staffers and officials, using Norway as a lure.
15 January 2020

Equifax Settles Class-Action Breach Lawsuit for $380.5M

Equifax Settles Class-Action Breach Lawsuit for $380.5M Class members have until Jan. 22, next week, to claim benefits.
15 January 2020

How to Comprehend the Buzz About Honeypots

How to Comprehend the Buzz About Honeypots Honeypots are crucial tools for security researchers and security teams. Understanding what they are and what they can do can be critical for making them safe and useful for your organization.
15 January 2020

New Report Spotlights Changes in Phishing Techniques

Common and evolving strategies include the use of zero-font attacks, homograph attacks, and new tactics for fake attachments.
15 January 2020