Cybersecurity News


Polish police shut down hacker super-group involved in bomb threats, ransomware, SIM swapping

The hackers also distributed Windows and Android malware, and even ran 50 fake online stores where they defrauded buyers.
24 September 2020

Alien Android Banking Trojan Sidesteps 2FA

Alien Android Banking Trojan Sidesteps 2FA A new 'fork' of the Cerberus banking trojan, called Alien, targets victims' credentials from more than 200 mobile apps, including Bank of America and Microsoft Outlook.
24 September 2020

Since Remote Work Isn't Going Away, Security Should Be the Focus

These three steps will help organizations reduce long-term work-from-home security risks.
24 September 2020

ICO fines profiteering UK firm for touting coronavirus products over spam texts

The UK company sent cold texts offering products “effective against coronavirus.”
24 September 2020

Next-generation police dogs now sniff out your electronics

Drugs and weapons are not the only criminal evidence police dogs are on the hunt for.
24 September 2020

Instagram bug opened a path for hackers to hijack app, turn smartphones into spies

The RCE vulnerability, now patched, took nothing more than an image file to trigger.
24 September 2020

Microsoft says it detected active attacks leveraging Zerologon vulnerability

Zerologon patching window is slowly closing as Microsoft warns of attacks in the wild.
24 September 2020

New 'Alien' malware can steal passwords from 226 Android apps

Most targets are banking apps, but Alien can also show phishing pages for social, instant messaging, and cryptocurrency apps.
24 September 2020

Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack

Tyler Technologies, a Texas-based company that bills itself as the largest provider of software and technology services to the United States public sector, is battling a network intrusion that has disrupted its operations. The company declined to discuss the exact cause of the disruption, but their response so far is straight out of the playbook for responding to ransomware incidents.
23 September 2020

Gaming Industry Hit With 10B+ Attacks In Past Two Years

Gaming Industry Hit With 10B+ Attacks In Past Two Years Criminals scored big with credential stuffing and web app attacks, yet many gamers seem unfazed.
23 September 2020

Zerologon Patches Roll Out Beyond Microsoft

Zerologon Patches Roll Out Beyond Microsoft A Samba patch and a micropatch for end-of-life servers have debuted in the face of the critical vulnerability.
23 September 2020

Shopify's Employee Data Theft Underscores Risk of Rogue Insiders

The e-commerce platform has alerted more than 100 merchants of a data breach, highlighting the danger of malicious insiders.
23 September 2020

Google Cloud Debuts Threat-Detection Service

Lockdown economics are driving a threat-intelligence business boom. Chronicle Detect is Google's answer to monitoring so much log data created by the distributed workforce.
23 September 2020

Microsoft, Italy, and the Netherlands warn of increased Emotet activity

New alerts about a spike in Emotet activity come after France, Japan, New Zealand issued similar warnings at the start of the month.
23 September 2020

India's Cybercrime and APT Operations on the Rise

Growing geopolitical tensions with China in particular are fueling an increase in cyberattacks between the two nations, according to IntSights.
23 September 2020

Gamer Credentials Now a Booming, Juicy Target for Hackers

Gamer Credentials Now a Booming, Juicy Target for Hackers Credential abuse drives illicit market for in-game rare skins, special weapons and unique tools.
23 September 2020

Microsoft's Azure Defender for IoT Uses CyberX Tech

Azure Defender for IoT is built to help IT and OT teams discover IoT and OT assets, identify critical flaws, and detect malicious behavior.
23 September 2020

My Journey Toward SAP Security

When applications are critical to the business's core functions, the CISO and their staff better get the security right.
23 September 2020

Making the Case for Medical Device Cybersecurity

Making the Case for Medical Device Cybersecurity With an increasing number of Internet-connected medical devices in use to manage diabetes, protecting against a variety of wireless network attacks could very well be a matter of life and death.
23 September 2020

Request for Comments: PCI DSS Version 4.0 Draft Standard

 

From 23 September to 13 November 2020, PCI SSC stakeholders can participate in a Request for Comments (RFC) on a draft of PCI Data Security Standard Version 4.0 (PCI DSS v4.0 Draft v0.2 for RFC). This is the second RFC for the draft of PCI DSS v4.0. The first RFC was held in late 2019, and feedback received during that RFC has been incorporated into the draft.

23 September 2020