Cybersecurity News


WordPress deploys forced security update for dangerous bug in popular plugin

More than one million WordPress sites were running a vulnerable version of the Loginizer plugin.
21 October 2020

Beware of Account Testing Attack


PCI SSC's Troy Leach and NCFTA's Matt LaVigna share guidance and information on protecting against Account Testing Attacks.

21 October 2020

Are You One COVID-19 Test Away From a Cybersecurity Disaster?

One cybersecurity failure can result in a successful ransomware attack or data breach that could cause tremendous damage. There's no need to panic, but neither is there time to ignore the issue.
21 October 2020

Iranian Cyberattack Group Deploys New PowGoop Downloader Against Mideast Targets

Seedworm Group, aka MuddyWater, is also deploying commodity ransomware as part of espionage attacks on companies and government agencies in the Middle East region.
21 October 2020

Egregor Claims Responsibility for Barnes & Noble Attack, Leaks Data

Egregor Claims Responsibility for Barnes & Noble Attack, Leaks Data The ransomware gang claims to have bought network access to the bookseller's systems before encrypting the networks and stealing "financial and audit data."
21 October 2020

Google patches Chrome zero‑day under attack

In addition to patching the actively exploited bug, the update also brings fixes for another four security loopholes

The post Google patches Chrome zero‑day under attack appeared first on WeLiveSecurity

21 October 2020

Modern Day Insider Threat: Network Bugs That Are Stealing Your Data

Attacks involving an unmanaged device and no malware expose gaps in cybersecurity that must be addressed.
21 October 2020

Cybercriminals Step Up Their Game Ahead of U.S. Elections

Cybercriminals Step Up Their Game Ahead of U.S. Elections Ahead of the November U.S. elections, cybercriminals are stepping up their offensive in both attacks against security infrastructure and disinformation campaigns - but this time, social media giants, the government and citizens are more prepared.
21 October 2020

Google Patches Actively-Exploited Zero-Day Bug in Chrome Browser

Google Patches Actively-Exploited Zero-Day Bug in Chrome Browser The memory-corruption vulnerability exists in the browser’s FreeType font rendering library.
21 October 2020

Adobe releases another out-of-band patch, squashing critical bugs across creative software

10 products are impacted, including Photoshop, Illustrator, Dreamweaver, and InDesign.
21 October 2020

MobileIron enterprise MDM servers under attack from DDoS gangs, nation-states

Threat actors range from DDoS botnets to Chinese state-sponsored hacking groups.
21 October 2020

Ransomware Attacks Show Little Sign of Slowing in 2021

Attackers have little motivation to stop when businesses are paying increasingly larger ransoms, say security experts who foresee a rise in attacks.
20 October 2020

Ransomware Group Makes Splashy $20K Donation to Charities

Ransomware Group Makes Splashy $20K Donation to Charities Cybercriminal gang Darkside sent $20K in donations to charities in a ‘Robin Hood’ effort that’s likely intended to draw attention to future data dumps, according to experts.
20 October 2020

Google releases Chrome security update to patch actively exploited zero-day

Google Chrome 86.0.4240.111 released with a fix.
20 October 2020

Microsoft says it took down 94% of TrickBot's command and control servers

TrickBot survived an initial takedown attempt, but Microsoft and its partners are countering TrickBot operators after every move, taking down any new infrastructure the group is attempting to bring up online.
20 October 2020

Do Standards Exist That Certify Secure IoT Systems?

Do Standards Exist That Certify Secure IoT Systems? The IoT industry remains fragmented with a lot of players, big and small, churning out a lot of products.
20 October 2020

NSA Reveals the Top 25 Vulnerabilities Exploited by Chinese Nation-State Hackers

Officials urge organizations to patch the vulnerabilities most commonly scanned for, and exploited by, Chinese attackers.
20 October 2020

Adobe Fixes 16 Critical Code-Execution Bugs Across Portfolio

Adobe Fixes 16 Critical Code-Execution Bugs Across Portfolio The out-of-band patches follow a lighter-than-usual Patch Tuesday update earlier this month.
20 October 2020

The Cybersecurity Maturity Model Certification: Are You in Compliance?

Not only can this framework help companies remain solvent, but it will also protect critical information from getting into the wrong hands.
20 October 2020

Making a Difference: Accor

 

The PCI Security Standards Council (PCI SSC) recently announced the nomination period for the next PCI SSC Board of Advisors. The Board of Advisors represents PCI SSC Participating Organizations worldwide to ensure global industry involvement in the development of PCI Security Standards. As strategic partners, they bring industry, geographical and technical insight to PCI Council plans and projects. In this post, we talk with 2018 - 2020 PCI SSC Board of Advisor Member Marie-Christine Vittet, Vice President Compliance, at Accor about the role of the PCI SSC Board of Advisors in shaping payment security globally.

20 October 2020