Cybersecurity News
Who is Tech Investor John Bernard?
John Bernard, the subject of a story here last week about a self-proclaimed millionaire investor who has bilked countless tech startups, appears to be a pseudonym for John Clifton Davies, a U.K. man who absconded from justice before being convicted on multiple counts of fraud in 2015. Prior to his conviction, Davies served 16 months in jail before being cleared of murdering his wife on their honeymoon in India.25 September 2020
Verizon, AT&T settle overcharging whistleblower case for $116 million
Updated: The lawsuit alleged that both telecoms giants overcharged government agencies for over a decade.25 September 2020
Airbnb may be exposing private host inbox messages, bookings and earnings data
Airbnb hosts report that they are able to access inboxes that do not belong to them.25 September 2020
5 tips for better Google Drive security
As cloud storage solutions are becoming more and more popular, we look at several simple steps you can take to secure your files on Google Drive
The post 5 tips for better Google Drive security appeared first on WeLiveSecurity
25 September 2020
Malware Attacks Declined But Became More Evasive in Q2
Most of the malware used in attacks last quarter were designed to evade signature-based detection tools, WatchGuard says.24 September 2020
CISA says a hacker breached a federal agency
CISA didn't name the attacker but it published an in-depth incident report detailing the hacker's every step.24 September 2020
Bluetooth Security Weaknesses Pile Up, While Patching Remains Problematic
Turns out, creating wireless ecosystems for a vast number of different architectures, configurations, and use cases is hard.24 September 2020
Microsoft removed 18 Azure AD apps used by Chinese state-sponsored hacker group
Azure AD apps were abused by the Gadolinium (APT40) group to attack Microsoft Azure customers.24 September 2020
Feds Hit with Successful Cyberattack, Data Stolen
The attack featured a unique, multistage malware and a likely PulseSecure VPN exploit.
24 September 2020
Cisco Patch-Palooza Tackles 29 High-Severity Bugs
Patches and workaround fixes address flaws on networking hardware running Cisco IOS XE software.
24 September 2020
Critical Instagram Flaw Could Let Attackers Spy on Victims
A now-patched remote code execution vulnerability could be exploited with a specially sized image file, researchers report.24 September 2020
Free Apple iPhone 12? Chatbot Scam Spreads Via Texts
Convincing SMS messages tell victims that they've been selected for a pre-release trial for the soon-to-be-launched device.
24 September 2020
Solving the Problem With Security Standards
More explicit threat models can make security better and open the door to real and needed innovation.24 September 2020
Twitter prepares for US election with new security training, penetration tests
Twitter has also rolled out hardware security keys to all employees to prevent social engineering and phishing attacks.24 September 2020
Microsoft: Attackers Exploiting ‘ZeroLogon’ Windows Flaw
Microsoft warned on Wednesday that malicious hackers are exploiting a particularly dangerous flaw in Windows Server systems that could be used to give attackers the keys to the kingdom inside a vulnerable corporate network. Microsoft's warning comes just days after the U.S. Department of Homeland Security issued an emergency directive instructing all federal agencies to patch the vulnerability by Sept. 21 at the latest.24 September 2020
CrowdStrike Agrees to Acquire Preempt Security for $96M
CrowdStrike plans to use Preempt Security's conditional access technology to strengthen its Falcon platform.24 September 2020
CrowdStrike Agrees to Acquire Preemptive Security for $96M
CrowdStrike plans to use Preemptive Security's conditional access technology to strengthen its Falcon platform.24 September 2020
Microsoft Warns of Attackers Now Exploiting 'Zerologon' Flaw
The Security Intelligence team at Microsoft is tracking newly waged exploits in the wild.24 September 2020
Ray‑Ban parent company reportedly suffers major ransomware attack
There is no evidence that cybercriminals were also able to steal customer data
The post Ray‑Ban parent company reportedly suffers major ransomware attack appeared first on WeLiveSecurity
24 September 2020
Polish police shut down hacker super-group involved in bomb threats, ransomware, SIM swapping
The hackers also distributed Windows and Android malware, and even ran 50 fake online stores where they defrauded buyers.24 September 2020