Cybersecurity News


D-Link Routers at Risk for Remote Takeover from Zero-Day Flaws

D-Link Routers at Risk for Remote Takeover from Zero-Day Flaws Critical vulnerabilities discovered by Digital Defense can allow attackers to gain root access and take over devices running same firmware.
09 December 2020

Black Hat Europe: Dark Reading Video News Desk Coverage

Coming to you from virtual backgrounds and beautifully curated bookcases around the world, Dark Reading brings you video interviews with the leading researchers speaking at this week's Black Hat Europe.
09 December 2020

Global Cybercrime Losses Cross $1 Trillion Mark

A shift from attackers targeting individual systems to entire organizations is pushing up cost of cyberattacks sharply, McAfee says.
09 December 2020

Hackers hide web skimmer inside a website's CSS files

Previously, security researchers found web skimmers (Magecart scripts) inside favicons, site logos, live chat windows, and, most recently, in social media sharing buttons.
09 December 2020

Oblivious DoH: Cloudflare supports new privacy, security-focused DNS standard

Test clients for the new standard have been released to the open source community.
09 December 2020

Adobe security update squashes critical vulnerabilities in Lightroom, Prelude

Adobe’s last major patch round of 2020 has dealt with arbitrary code and JavaScript execution bugs.
09 December 2020

Four sentenced to prison for planting malware on 20 million Gionee smartphones

Chinese quartet conspired to plant a malicious SDK inside an app that came preinstalled on Gionee devices.
08 December 2020

Patch Tuesday, Good Riddance 2020 Edition

Microsoft today issued its final batch of security updates for Windows PCs in 2020, ending the year with a relatively light patch load. Nine of the 58 security vulnerabilities addressed this month earned Microsoft's most-dire "critical" label, meaning they can be abused by malware or miscreants to seize remote control over PCs without any help from users.
08 December 2020

Google Patches Critical Wi-Fi and Audio Bugs in Android Handsets

Google Patches Critical Wi-Fi and Audio Bugs in Android Handsets Google updates its mobile OS, fixing ten critical bugs, including one remote code execution flaw.
08 December 2020

Open-Source Developers Still Not Interested in Secure Coding

Security and development are still two different worlds, with open-source developers resistant to spending time finding and fixing vulnerabilities.
08 December 2020

Nation-State Hackers Breached FireEye, Stole Its Red Team Tools

"Novel techniques" used by the attackers cheated security tools and forensics, according to FireEye CEO Kevin Mandia.
08 December 2020

FireEye Cyberattack Compromises Red-Team Security Tools

FireEye Cyberattack Compromises Red-Team Security Tools An attacker stole FireEye's Red Team assessment tools that the company uses to test its customers’ security.
08 December 2020

FireEye, one of the world's largest security firms, discloses security breach

FireEye suspects it was the victim of a nation-state actor.
08 December 2020

Microsoft Fixes 58 CVEs for December Patch Tuesday

The last Patch Tuesday of 2020 brings fixes for Critical vulnerabilities in Microsoft SharePoint and Exchange.
08 December 2020

Divers Pull Rare Surviving WWII Enigma Cipher Machine from Bottom of the Baltic

Divers Pull Rare Surviving WWII Enigma Cipher Machine from Bottom of the Baltic This sealogged Nazi machine will undergo restoration.
08 December 2020

Microsoft Wraps Up a Lighter Patch Tuesday for the Holidays

Microsoft Wraps Up a Lighter Patch Tuesday for the Holidays Nine critical bugs and 58 overall fixes mark the last scheduled security advisory of 2020.
08 December 2020

Apple Manufacturer Foxconn Confirms Cyberattack

Apple Manufacturer Foxconn Confirms Cyberattack Manufacturing powerhouse confirmed North American operations impacted by November cyberattack.
08 December 2020

The Internal Revenue Service expands identity protection to all tax‑payers

U.S. tax-payers will be able to enroll in the Identity Protection PIN program that was previously available only to certain users starting mid-January.

The post The Internal Revenue Service expands identity protection to all tax‑payers appeared first on WeLiveSecurity

08 December 2020

Dragos Nets $110M in Series C Led by Major Global Energy, Manufacturing, Oil & Gas Company Investors

National Grid Partners, Saudi Aramco Energy Ventures, and Hewlett Packard Enterprise led the latest funding round for the ICS/OT security company.
08 December 2020

Gula Tech Foundation to Award $1M in Grants to Infosec Nonprofits

The first Gula Tech Foundation competitive grant program will focus on increasing African American engagement in cybersecurity.
08 December 2020