Cybersecurity News
Five Password Tips for Securing the New WFH Normal
Darren James, product specialist with Specops Software, warned that password resets, for example, are a particularly vexing issue for sysadmins, as they can often lockout end-users from their accounts.
18 June 2020
Phishing Campaign Targeting Office 365, Exploits Brand Names
Attackers use trusted entities to trick victims into giving up their corporate log-in details as well as to bypass security protections.
18 June 2020
Unpatched vulnerability identified in 79 Netgear router models
Bug lets attackers run code as "root" on vulnerable routers. Impacted routers go back to 2007.18 June 2020
Digging up InvisiMole’s hidden arsenal
ESET researchers reveal the modus operandi of the elusive InvisiMole group, including newly discovered ties with the Gamaredon group
The post Digging up InvisiMole’s hidden arsenal appeared first on WeLiveSecurity
18 June 2020
InvisiMole Group Resurfaces Touting Fresh Toolset, Gamaredon Partnership
InvisiMole is back, targeting Eastern Europe organizations in the military sector and diplomatic missions with an updated toolset and new APT partnership.
18 June 2020
Microsoft: COVID-19 malware attacks were barely a blip in total malware volume
COVID-19-themed malware attacks began in February, peaked in March, and are slowly dying out.18 June 2020
When Security Takes a Backseat to Productivity
"We must care as much about securing our systems as we care about running them if we are to make the necessary revolutionary change." -CIA's Wikileaks Task Force. So ends a key section of a report the U.S. Central Intelligence Agency produced in the wake of a mammoth data breach in 2016 that led to Wikileaks publishing thousands of classified documents stolen from the agency's offensive cyber operations division. The analysis highlights a shocking series of security failures at one of the world's most secretive organizations, but the underlying weaknesses that gave rise to the breach also unfortunately are all too common in many organizations today.17 June 2020
7 Tips for Employers Navigating Remote Recruitment
Hiring experts explain how companies should approach recruitment when employers and candidates are working remotely.
17 June 2020
AcidBox Malware Uncovered Using Repurposed VirtualBox Exploit
A “very rare” malware has been used by an unknown threat actor in cyberattacks against two different Russian organizations in 2017.
17 June 2020
Zoom Changes Course on End-to-End Encryption
The videoconferencing company now says it will offer end-to-end encryption to all users beginning in July.17 June 2020
Premier League’s Return: A Hat Trick of Cyberthreats?
The beautiful game is back on the pitch in the U.K. -- and cyberattackers will be looking to take advantage of fans streaming the games.
17 June 2020
Lazarus Group May Have Been Behind 2019 Attacks on European Targets
Telemetry hints that the North Korean actor was behind major cyber-espionage campaign focused on military and aerospace companies, ESET says.17 June 2020
What's Anonymous Up to Now?
The hacker group recently took credit for two high-profile incidents -- but its actions aren't quite the same as they once were, some say.
17 June 2020
What's Anonymous Up to Now?
The hacker group recently took credit for two high-profile incidents -- but its actions aren't quite the same as they once were, some say.17 June 2020
Ripple20 bugs expose hundreds of millions of devices to attacks
Devices used in the energy, transportation and communications sectors are also affected by the flaws in the TCP/IP software library
The post Ripple20 bugs expose hundreds of millions of devices to attacks appeared first on WeLiveSecurity
17 June 2020
3 Things Wilderness Survival Can Teach Us About Email Security
It's a short hop from shows like 'Naked and Afraid' and 'Alone' to your email server and how you secure it17 June 2020
Shlayer Mac Malware Returns with Extra Sneakiness
Spreading via poisoned Google search results, this new version of Mac's No. 1 threat comes with added stealth.
17 June 2020
Zoom backtracks and plans to offer end-to-end encryption to all users
E2EE calls were initially planned for Zoom paying customers only, but the company has reconsidered following the public's outcry.17 June 2020
AWS said it mitigated a 2.3 Tbps DDoS attack, the largest ever
The previous record for the largest DDoS attack ever recorded was of 1.7 Tbps, recorded in March 2018.17 June 2020
Collaboration Undermined When Security Teams Work Remotely, Some Argue
Knowledge workers are perfectly suited for remote work, but the benefits of collaboration - and the requirements of proving identity - make fully remote security teams problematic.17 June 2020