Cybersecurity News
7 Non-Technical Skills Threat Analysts Should Master to Keep Their Jobs
It's not just technical expertise and certifications that enable analysts to build long-term careers in cybersecurity.23 September 2020
12 Bare-Minimum Benchmarks for AppSec Initiatives
The newly published Building Security in Maturity Model provides the software security basics organizations should cover to keep up with their peers.
23 September 2020
Facebook wipes out Chinese, Filipino misinformation campaigns
Facebook has removed two separate networks flooding the platform with inauthentic content and spam.23 September 2020
Ransomware gang targets Russian businesses in rare coordinated attacks
Group breaks an unofficial rule in the cybercrime underground not to target the former Soviet space.23 September 2020
Shopify discloses security incident caused by two rogue employees
Shopify said two rogue support staffers accessed customer transaction details for less than 200 stores.23 September 2020
Attackers Target Small Manufacturing Firms
The most common tactics include credential stuffing using valid accounts, various forms of deception, and vulnerabilities in third-party software, Rapid7 says in its latest quarterly threat report.22 September 2020
Vulnerability Disclosure Programs See Signups & Payouts Surge
More than $44.75 million in rewards were paid to hackers over the past year, driving total payouts beyond $100 million.22 September 2020
Google deprecates Web Store Payments API, effectively nuking Chrome paid extensions
Move comes after a wave of fraudulent transactions over the winter.22 September 2020
Google Chrome Bugs Open Browsers to Attack
Google's new release of Chrome 85.0.4183.121 for Windows, Mac, and Linux fixes 10 security flaws.
22 September 2020
New Google Search Hacks Push Viruses & Porn
Three incidents demonstrate how cybercriminals leverage the scourge of black-hat search engine optimization to manipulate search results.22 September 2020
Startup Aims to Map and Track All the IT and Security Things
Security service JupiterOne spins off from a healthcare service provider's homegrown technology.22 September 2020
CISA warns of notable increase in LokiBot malware
"CISA has observed a notable increase in the use of LokiBot malware by malicious cyber actors since July 2020."22 September 2020
Known Citrix Workspace Bug Open to New Attack
Windows MSI files provide an opening for attackers even though the bug was mostly patched in July.
22 September 2020
Can Schools Pass Their Biggest Cybersecurity Test Yet?
Understaffed, underfunded, and underequipped, IT teams in the K-12 sector face a slew of challenges amid remote and hybrid learning models. Here's where they can begin to protect their schools against cyberattacks.
22 September 2020
New tool helps companies assess why employees click on phishing emails
NIST’s tool can help organizations improve the testing of their employees’ phish-spotting prowess
The post New tool helps companies assess why employees click on phishing emails appeared first on WeLiveSecurity
22 September 2020
Microsoft Overhauls Patch Tuesday Security Update Guide
Microsoft announced a new Security Guide to help cybersecurity profession more quickly untangle relevant bugs in its monthly security bulletins.
22 September 2020
Healthcare lags behind in critical vulnerability management, banks hold their ground
New research sheds light on which industries are performing well when it comes to patching high-risk bugs.22 September 2020
Microsoft Extends Data Loss Prevention to Cloud App Security
The update, one of several announced today, is intended to help employees remain compliant when handling data across cloud applications.22 September 2020
Firefox 81 Release Kills High-Severity Code-Execution Bugs
Mozilla has fixed three high-severity flaws with the release of Firefox 81 and Firefox ESR 78.3.
22 September 2020
Activision Refutes Claims of 500K-Account Hack
The Call of Duty behemoth said that the reports of widespread hacks are false.
22 September 2020