Cybersecurity News
Tesla Model X hacked and stolen in minutes using new key fob hack
Tesla is rolling out over-the-air software updates this week to prevent the attack from hijacking owner key fobs.23 November 2020
Manchester United: IT Systems Disrupted in Cyberattack

23 November 2020
Joe Biden Campaign Subdomain Down After Hacktivist Defacement

23 November 2020
Vote Now for 2020 Special Interest Group Projects
From now through 21 December 2020, PCI SSC Participating Organizations are invited to vote on proposals for 2021 Special Interest Group (SIG) projects.
23 November 2020
Malware creates scam online stores on top of hacked WordPress sites
The malware gang also poisoned the victims' XML sitemaps with thousands of scammy entries, lowering the sites' SERP ranking.23 November 2020
3 Steps CISOs Can Take to Convey Strategy for Budget Presentations
Answering these questions will help CISOs define a plan and take the organization in a positive direction.23 November 2020
How Retailers Can Fight Fraud and Abuse This Holiday Season
Online shopping will be more popular than ever with consumers... and with malicious actors too.23 November 2020
GoDaddy staff fall prey to social engineering scam in cryptocurrency exchange attack wave
The domain registrar has confirmed that employees became embroiled in wider attacks.23 November 2020
10 Undergraduate Security Degree Programs to Explore

23 November 2020
TikTok patches reflected XSS bug, one-click account takeover exploit
The vulnerabilities impacted the video platform’s website.23 November 2020
Manchester United football club discloses security breach
Football club said it's not "currently aware of any breach of personal data associated with our fans or customers."21 November 2020
GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services
Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. The attacks were facilitated by scams targeting employees at GoDaddy, the world's largest domain name registrar, KrebsOnSecurity has learned.21 November 2020
Botnets have been silently mass-scanning the internet for unsecured ENV files
Threat actors are looking for API tokens, passwords, and database logins usually stored in ENV files.21 November 2020
Google Services Weaponized to Bypass Security in Phishing, BEC Campaigns

20 November 2020
VMware Fixes Critical Flaw in ESXi Hypervisor

20 November 2020
Good Heavens! 10M Impacted in Pray.com Data Exposure

20 November 2020
Facebook Messenger Flaw Enabled Spying on Android Callees
A critical flaw in Facebook Messenger on Android would let someone start an audio or video call without the victim's knowledge.20 November 2020
How Industrial IoT Security Can Catch Up With OT/IT Convergence

20 November 2020
Security Pros Push for More Pervasive Threat Modeling
With the release of the "Threat Modeling Manifesto," a group of 16 security professionals hope to prompt more companies to consider the threats to software.20 November 2020
Drupal sites vulnerable to double-extension attacks
The 90s called. They want their vulnerability back.20 November 2020