Cybersecurity News


Some email clients are vulnerable to attacks via 'mailto' links

GNOME Evolution, KDE KMail, IBM/HCL Notes, and older versions of Thunderbird found to be vulnerable.
18 August 2020

Ransomware Attack on Carnival May Have Been Its Second Compromise This Year

Ransomware Attack on Carnival May Have Been Its Second Compromise This Year Security vendor Prevailion says it observed signs of malicious activity on the cruise operator's network between at least February and June.
18 August 2020

Canadian Government Issues Statement on Credential-Stuffing Attacks

The government is responding to threats targeting the GCKey service and CRA accounts, which are used to access federal services.
18 August 2020

New Campaign Combines Extortion, DDoS

Latest attacks bank on the reputation of two prominent APT groups to increase the threat credibility.
18 August 2020

Researchers Warn of Active Malware Campaign Using HTML Smuggling

Researchers Warn of Active Malware Campaign Using HTML Smuggling A recently uncovered, active campaign called "Duri" makes use of HTML smuggling to deliver malware.
18 August 2020

Four Ways to Mitigate Supply Chain Security Risks From Ripple20

Enterprises can significantly alleviate current and long-standing third-party risk by using tactical and strategic efforts to assess and manage them.
18 August 2020

New 'Duri' Campaign Uses HTML Smuggling to Deliver Malware

Researchers who detected the attack explain what businesses should know about the HTML smuggling technique.
18 August 2020

Large Orgs Plagued with Bugs, Face Giant Patch Backlogs

Large Orgs Plagued with Bugs, Face Giant Patch Backlogs Vulnerability management continues to challenge businesses, as they face tens of thousands of bugs with every scan.
18 August 2020

Ritz London clients scammed after apparent data breach

Armed with personal data stolen from the hotel's dining reservation system, fraudsters trick guests into handing over their credit card details

The post Ritz London clients scammed after apparent data breach appeared first on WeLiveSecurity

18 August 2020

How to Stay Secure on GitHub

How to Stay Secure on GitHub GitHub, used badly, can be a source of more vulnerabilities than successful collaborations. Here are ways to keep your development team from getting burned on GitHub.
18 August 2020

AWS Cryptojacking Worm Spreads Through the Cloud

AWS Cryptojacking Worm Spreads Through the Cloud The malware harvests AWS credentials and installs Monero cryptominers.
18 August 2020

Why Quality & Security Both Matter in Software

It's time to position quality and security as equals under the metric of software integrity.
18 August 2020

Make a Difference: Serve on the 2021-2022 PCI SSC Board of Advisors


Every two years, PCI Security Standards Council asks its Participating Organizations to elect its next Board of Advisors. In this election by peers, companies have an opportunity to nominate candidates that they believe will best represent the interests of their organization, industry sector or region. As we enter the fall of 2020, it is election season once again and we begin the process of determining who will serve on the 2021-2022 PCI SSC Board of Advisors.

18 August 2020

Ukraine arrests gang who ran 20 crypto-exchanges and laundered money for ransomware gangs

Gang is believed to have laundered more than $42 million in criminal proceeds.
18 August 2020

IcedID Trojan Rebooted with New Evasive Tactics

IcedID Trojan Rebooted with New Evasive Tactics Juniper identifies phishing campaign targeting business customers with malware using password protection, among other techniques, to avoid detection.
18 August 2020

US Army report says many North Korean hackers operate from abroad

US Army says many North Korean hackers are actually located outside the hermit kingdom, in countries like Belarus, China, India, Malaysia, and Russia.
18 August 2020

World's largest cruise line operator discloses ransomware attack

Carnival Corp says it suffered a ransomware attack on Saturday, August 15, and that hackers stole some of its data.
17 August 2020

Firms Still Struggle to Prioritize Security Vulnerabilities

Security debt continues to pile up, with 42% of organizations attributing remediation backlogs to a breach, a new study shows.
17 August 2020

Advent Completes Forescout Purchase

The purchase by a private equity fund was announced in February and completed today.
17 August 2020

Reported Breach Count for H1 2020 Lowest in Five Years

While reported breach numbers are down, a handful of "mega" breaches resulted in more data records being exposed than ever before, analysis shows.
17 August 2020