Cybersecurity News


Attackers Routinely Use Older Vulnerabilities to Exploit Businesses, US Cyber Agency Warns

Security issues in Microsoft products dominate the US government's top 10 list of commonly exploited vulnerabilities, but Apache Struts, Adobe Flash, and Drupal are also routinely targeted.
13 May 2020

PrintDemon vulnerability impacts all Windows versions

PrintDemon vulnerability impacts Windows versions released as far back as 1996. Patches available.
13 May 2020

Ransomware, Data Breach Follow Phishing Attack at Magellan Health

The healthcare company has informed affected employees of a data breach on a single corporate server.
13 May 2020

Ramsay Malware Targets Air-Gapped Networks

Ramsay Malware Targets Air-Gapped Networks The cyber-espionage toolkit is under active development.
13 May 2020

Healthcare Giant Magellan Struck with Ransomware, Data Breach

Healthcare Giant Magellan Struck with Ransomware, Data Breach Logins, personal information and tax info were all exfiltrated ahead of the ransomware attack, thanks to a phishing email.
13 May 2020

CyberArk Acquires Idaptive for Identity-as-a-Service Tech

The $70 million deal is intended to help CyberArk strengthen its portfolio with secure and SaaS-based identity management.
13 May 2020

More Tips for Staying Safe While Working from Home

While some users are up to speed with the WFH protocol, it's worth adding a few more items to your security checklist.
13 May 2020

How Unconventional Professional Backgrounds Can Strengthen a Cybersecurity Team

Getting over the cybersecurity skills gap takes creativity, flexibility, and a willingness to go "off-script" when it comes to picking out candidates.
13 May 2020

Feds Publish Analysis of New Malware Tools Tied to APT ‘Hidden Cobra’

Feds Publish Analysis of New Malware Tools Tied to APT ‘Hidden Cobra’ DHS posts analysis, documentation for new cyber-attack tools on US-CERT on three-year anniversary of WannaCry.
13 May 2020

New Ramsay malware can steal sensitive documents from air-gapped networks

Ramsay can infect air-gapped computers, collect Word, PDF, and ZIP files in a hidden folder, and then wait for exfiltration.
13 May 2020

Adobe issues patches for 36 vulnerabilities in DNG, Reader, Acrobat

May’s patch round includes fixes for remote code execution flaws.
13 May 2020

Ransomware attack disables Texas Supreme Court’s website

  By William Knowles @c4i Senior Editor InfoSec News May 13, 2020 On Friday, May 8th, the Office of Court Administration (OCA), the information technology (IT) provider for the appellate courts and state judicial agencies within the Texas Judicial Branch, identified a serious security event in the branch network, which was later determined to be […]
13 May 2020

Ramsay: A cyber‑espionage toolkit tailored for air‑gapped networks

ESET researchers uncover several instances of malware that uses various attack vectors to target systems isolated by an air gap

The post Ramsay: A cyber‑espionage toolkit tailored for air‑gapped networks appeared first on WeLiveSecurity

13 May 2020

Windows 10 to get PUA/PUP protection feature

New PUA/PUP-blocking security feature to roll out with the Windows 10 May 2020 update.
13 May 2020

DHS CISA and FBI share list of top 10 most exploited vulnerabilities

Office is the most exploited technology, followed by Apache Struts.
13 May 2020

Huawei denies involvement in buggy Linux kernel patch proposal

Huawei says employee submitted code as part of a personal project, not on behalf of the company.
12 May 2020

Website Attacks Become Quieter & More Persistent

Threat actors have pivoted from noisy attacks to intrusions where stealth and ROI are primary goals, new report says.
12 May 2020

Microsoft Fixes 111 Vulnerabilities for Patch Tuesday

This marks the third month in a row that Microsoft patched more than 100 bugs, of which 16 are classified as critical.
12 May 2020

Thunderbolt flaws open millions of PCs to physical hacking

A new attack method enables bad actors to access data on a locked computer via an evil maid attack within 5 minutes

The post Thunderbolt flaws open millions of PCs to physical hacking appeared first on WeLiveSecurity

12 May 2020

Microsoft Patch Tuesday, May 2020 Edition

Microsoft today issued software updates to plug at least 111 security holes in Windows and Windows-based programs. None of the vulnerabilities were labeled as being publicly exploited or detailed prior to today, but as always if you're running Windows on any of your machines it's time once again to prepare to get your patches on.
12 May 2020