Cybersecurity News


Charming Kitten Uses Fake Interview Requests to Target Public Figures

Charming Kitten Uses Fake Interview Requests to Target Public Figures APT group poses as a former Wall Street Journal journalist to launch phishing campaigns and steal victim email account details.
06 February 2020

Dropbox Passes $1M Milestone for Bug-Bounty Payouts

Dropbox Passes $1M Milestone for Bug-Bounty Payouts The file-sharing service also disclosed details of past notable bugs for the first time.
06 February 2020

Health Share of Oregon discloses data breach, theft of member PII

A break-in and stolen laptop are at the heart of the security incident.
06 February 2020

Academics steal data from air-gapped systems using screen brightness variations

Israeli researchers use quick flickers in LCD screen brightness to encode and exfiltrate data.
06 February 2020

Vixie: The Unintended Consequences of Internet Privacy Efforts

Vixie: The Unintended Consequences of Internet Privacy Efforts Paul Vixie says emerging encryption protocols for endpoints could 'break' security in enterprise - and even home - networks.
05 February 2020

When Your Used Car is a Little Too ‘Mobile’

Many modern vehicles let owners use the Internet or a mobile device to control the car's locks, track location and performance data, and start the engine. But who exactly owns that control is not always clear when these smart cars are sold or leased anew. Here's the story of one former electric vehicle owner who discovered he could still gain remote, online access to his old automobile years after his lease ended.
05 February 2020

Majority of Network, App-Layer DDoS Attacks in 2019 Were Small

Attacks turned to cheaper, shorter attacks to try and disrupt targets, Imperva analysis shows.
05 February 2020

Department of Energy Adds Attivo Decoys for Critical Infrastructure Security

The decoys and lures will help redirect attacks away from devices that can't be protected through traditional means.
05 February 2020

IoT Malware Campaign Infects Global Manufacturing Sites

The infection uses Lemon_Duck PowerShell malware variant to exploit vulnerabilities in embedded devices at manufacturing sites.
05 February 2020

Emotet Preps for Tax Season with New Phishing Campaign

Malicious emails in a new attack campaign contain links and attachments claiming to lead victims to W-9 forms.
05 February 2020

CamuBot Banking Trojan Returns In Targeted Attacks

CamuBot Banking Trojan Returns In Targeted Attacks The malware is back in targeted attacks against Brazilian banking customers, this time using a new technique that involves mobile app authorization.
05 February 2020

What is a Privileged Access Workstation (PAW)?

What is a Privileged Access Workstation (PAW)? Ask the Experts -- about a technological game of keep-away that protects the most precious resources from the greatest dangers.
05 February 2020

Bug hunter finds cryptocurrency-mining botnet on DOD network

Monero-mining botnet infects one of the DOD's Jenkins servers.
05 February 2020

Keeping Compliance Data-Centric Amid Accelerating Regulation

As the regulatory landscape transforms, it's still smart to stay strategically focused on protecting your data.
05 February 2020

New Lemon Duck Malware Campaign Targets IoT, Large Manufacturers

New Lemon Duck Malware Campaign Targets IoT, Large Manufacturers Malware campaign targets global manufacturers that are still dependent on Windows 7 subsystems to run fleets of IoT endpoints.
05 February 2020

Chrome to block intrusive video ads starting August 5, 2020

Google to implement new quality standard for video ads for Chrome, but also YouTube.
05 February 2020

WhatsApp Bug Allows Malicious Code-Injection, One-Click RCE

WhatsApp Bug Allows Malicious Code-Injection, One-Click RCE A high-severity vulnerability could allow cybercriminals to push malware or remotely execute code, using seemingly innocuous messages.
05 February 2020

Critical Cisco ‘CDPwn’ Protocol Flaws Explained: Podcast

Critical Cisco ‘CDPwn’ Protocol Flaws Explained: Podcast The researcher behind the five critical Cisco flaws, collectively called CDPwn, talks about why Layer 2 protocols are under-researched when it comes to security vulnerabilities.
05 February 2020

Critical Cisco ‘CDPwn’ Flaws Break Network Segmentation

Critical Cisco ‘CDPwn’ Flaws Break Network Segmentation Cisco has released patches to address the five vulnerabilities, which could lead to remote code-execution and denial of service.
05 February 2020

CDPwn vulnerabilities impact tens of millions of enterprise devices

CDPwn vulnerabilities can be used to escalate initial access and completely take over entire networks.
05 February 2020