Cybersecurity News


Attackers Can Exploit Critical Cisco Jabber Flaw With One Message

Attackers Can Exploit Critical Cisco Jabber Flaw With One Message An attacker can execute remote code with no user interaction, thanks to CVE-2020-3495.
03 September 2020

Google Ups Product-Abuse Bug Bounties

Google Ups Product-Abuse Bug Bounties The top award for flaws that allow cybercriminals to abuse legitimate services has increased by 166 percent.
03 September 2020

Microsoft debuts deepfake detection tool

As the US presidential election nears, the company’s new tech should also help assure people that an image or video is authentic

The post Microsoft debuts deepfake detection tool appeared first on WeLiveSecurity

03 September 2020

Python-based Spy RAT Emerges to Target FinTech

Python-based Spy RAT Emerges to Target FinTech The Evilnum APT has added the RAT to its arsenal as part of a big change-up in its TTPs.
03 September 2020

European ISPs report mysterious wave of DDoS attacks

Over the past week, multiple ISPs in Belgium, France, and the Netherlands reported DDoS attacks that targeted their DNS infrastructure.
03 September 2020

Registration Now Open for Software Security Framework New Assessor Training


Registration is now open for Software Security Framework (SSF) New Assessor Training. PCI Security Standards Council (PCI SSC) recently announced the first training dates for its remote, instructor-led Secure Software Assessor and Secure Software Lifecycle Assessor classes, now available on the new eLearning platform.

03 September 2020

NSA Mass Surveillance Program Illegal, U.S. Court Rules

NSA Mass Surveillance Program Illegal, U.S. Court Rules The NSA argued its mass surveillance program stopped terrorist attacks - but a new U.S. court ruling found that this is not, and may have even been unconstitutional.
03 September 2020

5 Ways for Cybersecurity Teams to Work Smarter, Not Harder

Burnout is real and pervasive, but some common sense tools and techniques can help mitigate all that.
03 September 2020

India Blocks High-Profile Chinese Apps on Political, Privacy Concerns

India Blocks High-Profile Chinese Apps on Political, Privacy Concerns Technology minister bans, Baidu, WeChat Work, AliPay and 115 others for capturing using data and transmitting it to servers outside of the country without authorization.
03 September 2020

MIT SCRAM: a new analysis platform for prioritizing enterprise security investments

The platform shows that data analysis can provide actionable insight for enterprise security.
03 September 2020

Inter: a ‘low bar’ kit for Magecart credit card skimmer attacks on e-commerce websites

Researchers say that any attacker with a “little cash to burn” can join the attack trend.
03 September 2020

Houseparty – should I stay or should I go now?

What’s the benefit of deleting your Houseparty – or any other unused – account, rather than just uninstalling the app?

The post Houseparty – should I stay or should I go now? appeared first on WeLiveSecurity

03 September 2020

WordPress File Manager plugin flaw causing website hijack exploited in the wild

The critical vulnerability has been utilized in hundreds of thousands of attacks.
03 September 2020

Former IT director gets jail time for selling government's Cisco gear on eBay

Former Horry County IT security director sentenced to two years in federal prison.
03 September 2020

The Joys of Owning an ‘OG’ Email Account

When you own a short email address at a popular email provider, you are bound to get gobs of spam, and more than a few alerts about random people trying to seize control over the account. If your account name is short and desirable enough, this kind of activity can make the account less reliable for day-to-day communications because it tends to bury emails you do want to receive. But there is also a puzzling side to all this noise: Random people tend to use your account as if it were theirs, and often for some fairly sensitive services online.
02 September 2020

Most IoT Hardware Dangerously Easy to Crack

Manufacturers need to invest more effort into protecting root-level access to connected devices, security researcher says.
02 September 2020

55% of Cybersquatted Domains Are Malicious or Potentially Fraudulent

The largest online companies, such as Apple and PayPal, and banks are being targeted by cybersquatters, who are also taking advantage of the pandemic, a study finds.
02 September 2020

Facebook & Twitter Remove Russian Accounts Spreading Disinformation

The Russia-backed Internet Research Agency has returned with new strategies to sway voters ahead of the 2020 presidential election.
02 September 2020

Google removes Android app that was used to spy on Belarusian protesters

App mimicked a popular anti-government news site and collected location and device owner details.
02 September 2020

U.S. Agencies Must Adopt Vulnerability-Disclosure Policies by March 2021

U.S. Agencies Must Adopt Vulnerability-Disclosure Policies by March 2021 U.S. agencies must implement vulnerability-disclosure policies by March 2021, according to a new CISA mandate.
02 September 2020