Cybersecurity News


PonyFinal Ransomware Targets Enterprise Servers Then Bides Its Time

PonyFinal Ransomware Targets Enterprise Servers Then Bides Its Time Microsoft has warned on a new breed of patient ransomware attacks that lurk in networks for weeks before striking.
28 May 2020

NSA warns of new Sandworm attacks on email servers

NSA says Russia's military hackers have been attacking Exim email servers to plant backdoors since August 2019.
28 May 2020

Data Loss Spikes Under COVID-19 Lockdowns

Two new reports suggest a massive gap between how organizations have prepared their cybersecurity defenses and the reality of their efficacy.
28 May 2020

People know reusing passwords is risky – then do it anyway

And most people don’t change their password even after hearing about a breach, a survey finds

The post People know reusing passwords is risky – then do it anyway appeared first on WeLiveSecurity

28 May 2020

How Elite Protectors Operationalize Security Protection

There is no silver bullet for cybersecurity. It takes the right people, with the right mindset, applying the right elements of good security from the data center to the SOC.
28 May 2020

Valak Loader Revamped to Rob Microsoft Exchange Servers

Valak Loader Revamped to Rob Microsoft Exchange Servers Phishing campaigns targeting enterprises in U.S. and Germany have been used to nab enterprise mailing info, passwords and certificates.
28 May 2020

All the security features added in the Windows 10 May 2020 update

Windows 10 v2004 comes with Windows Sandbox improvements, WiFi 6, WPA3, and Windows Hello in Safe Mode.
28 May 2020

Valak targets Microsoft Exchange servers to steal enterprise data

The malware has been “dramatically changed” in the past six months.
28 May 2020

Michigan State University hit by ransomware gang

The operators of the NetWalker ransomware gang have given MSU officials seven days to pay the ransom or they will leak stolen university files.
27 May 2020

Google highlights Indian 'hack-for-hire' companies in new TAG report

Google also discloses seven coordinated political influence campaigns that took place on its platforms during Q1 2020.
27 May 2020

Stay-at-Home Orders Coincide With Massive DNS Surge

A variety of sites saw as much as seven times the number of domain requests in late March and early April, suggesting attackers attempted massive denial-of-service attacks.
27 May 2020

Cloud Security Architect Proves Hardest Infosec Role to Fill

Nearly 70% of businesses struggle to recruit, hire, and retain cybersecurity talent, and many link security incidents to lack of skills.
27 May 2020

DoubleGun Group Builds Massive Botnet Using Cloud Services

DoubleGun Group Builds Massive Botnet Using Cloud Services The latest campaign spread malware via pirate gaming portals.
27 May 2020

Security 101: SQL Injection

Security 101: SQL Injection A carefully crafted attack can convince a database to reveal all its secrets. Understanding the basics of what the attack looks like and how to protect against it can go a long way toward limiting the threat.
27 May 2020

HackerOne Bounties Hit $100M Milestone

The bug-hunting platform has now paid more than $100 million in bounties since October 2013.
27 May 2020

Standing Privilege: The Attacker's Advantage

Standing Privilege: The Attacker's Advantage The credential is a commodity and will continue to be breached. As a result, focus and spending must shift toward the access that the credentials provide.
27 May 2020

‘[F]Unicorn’ Ransomware Impersonates Legit COVID-19 Contact-Tracing App

‘[F]Unicorn’ Ransomware Impersonates Legit COVID-19 Contact-Tracing App The new malware family was seen pretending to be an official Italian app, called Immuni.
27 May 2020

GDPR Enforcement Loosens Amid Pandemic

The European Union has given some organizations more breathing room to remedy violations, yet no one should think regulators are planning to abandon the privacy legislation in the face of COVID-19.
27 May 2020

Microsoft warns about attacks with the PonyFinal ransomware

PonyFinal infections have been reported in India, Iran, and the US.
27 May 2020

Microsoft Shares PonyFinal Threat Data, Warns of Delivery Tactics

PonyFinal is deployed in human-operated ransomware attacks, in which adversaries tailor their techniques based on knowledge of a target system.
27 May 2020