Cybersecurity News


3 Tips to Stay Secure When You Lose an Employee

Whether they leave for a better job or get fired, and whether they mean to cause problems or do so out of ignorance, ex-workers can pose a threat to your company.
10 March 2020

Microsoft orchestrates coordinated takedown of Necurs botnet

Microsoft and partners in 35 countries move to bring down Necurs, today's largest malware botnet.
10 March 2020

Paradise Ransomware Variant Hides in Office IQY Files

The uncommon Internet Query file format lets attacks slip past defenses to effectively break into target networks.
10 March 2020

Intel CPUs vulnerable to new LVI attacks

Researchers say Intel processors will need another round of silicon chip re-designs to protect against new attack.
10 March 2020

Flaw in popular VPN service may have exposed customer data

NordVPN praised its bug bounty program and said that a fix had been shipped within two days

The post Flaw in popular VPN service may have exposed customer data appeared first on WeLiveSecurity

10 March 2020

What Should I Do About Vulnerabilities Without Fixes?

What Should I Do About Vulnerabilities Without Fixes? With better tools that identify potential threats even before developers address them, a new problem has arisen.
10 March 2020

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

FBI officials last week arrested a Russian computer security researcher on suspicion of operating deer.io, a vast marketplace for buying and selling stolen account credentials for thousands of popular online services and stores. Kirill V. Firsov was arrested Mar. 7 after arriving at New York's John F. Kennedy Airport, according to court documents unsealed Monday. Prosecutors with the U.S. District Court for the Southern District of California allege Firsov was the administrator of deer.io, an online platform that hosted more than 24,000 shops for selling stolen and/or hacked usernames and passwords for a variety of top online destinations.
10 March 2020

How Network Metadata Can Transform Compromise Assessment

Listen more closely and your network's metadata will surrender insights the bad guys counted on keeping secret
10 March 2020

Avast AntiTrack certificate bug allowed others to snoop on your online activities

The vulnerability opened up PCs to browser hijacking and more.
10 March 2020

Over 80% of Medical Imaging Devices Run on Outdated Operating Systems

New data on live Internet of Things devices in healthcare and other organizations shines a light on security risks.
10 March 2020

Variant of Paradise Ransomware Targets Office IQY Files

Variant of Paradise Ransomware Targets Office IQY Files Threat actors can easily infiltrate networks because attacks evade detection by typical security protections.
10 March 2020

Keys to Hiring Cybersecurity Pros When Certification Can't Help

Keys to Hiring Cybersecurity Pros When Certification Can't Help There just aren't enough certified cybersecurity pros to go around -- and there likely never will be enough. So how do you fill out your cybersecurity team? Executives and hiring managers share their top tips on recognizing solid candidates.
10 March 2020

Spear-Phishing Attack Lures Victims With ‘HIV Results’

Spear-Phishing Attack Lures Victims With ‘HIV Results’ Attackers are purporting to send victims HIV test results - but in reality are convincing them to download the Koadic RAT.
10 March 2020

Spear-Phishing Attack Lures Victims With ‘HIV Results’

Spear-Phishing Attack Lures Victims With ‘HIV Results’ Attackers are purporting to send victims HIV test results - but in reality are convincing them to download the Koadic RAT.
10 March 2020

FBI arrests Russian behind Deer.io, a Shopify-like platform for cybercrime

Feds say Deer.io has been hosting hundreds of online shops where hackers are selling hacked accounts.
10 March 2020

Years-long campaign targets hackers through trojanized hacking tools

A group believed to reside in Vietnam has been hacking other hackers for years.
10 March 2020

Spying concerns raised over Iran's official COVID-19 detection app

Google removes Iran's official COVID-19 detection app from the Play Store.
09 March 2020

How Microsoft Disabled Legacy Authentication Across the Company

The process was not smooth or straightforward, employees say in a discussion of challenges and lessons learned during the multi-year project.
09 March 2020

Microsoft: 99.9 percent of hacked accounts lacked MFA

Only 11 percent of all enterprise accounts have multi-factor authentication enabled

The post Microsoft: 99.9 percent of hacked accounts lacked MFA appeared first on WeLiveSecurity

09 March 2020

Microsoft Exchange Server Flaw Exploited in APT Attacks

Microsoft Exchange Server Flaw Exploited in APT Attacks A vulnerability is Microsoft Exchange servers is being actively exploited by multiple APT groups, researchers warn.
09 March 2020