Cybersecurity News
Phishers Try 'Text Direction Deception' Technique to Bypass Email Filters
With COVID-19 concerns running high, attackers are trying new tactics to get to users.A Day in The Life of a Pen Tester
Two penetration testers share their day-to-day responsibilities, challenges they encounter, and the skills they value most on the job.Google Squashes High-Severity Flaws in Chrome Browser
Google is rolling out the newest Chrome browser version, 80.0.3987.162, in the coming days.
Bad Bots Build Presence Across the Web
Bots that mimic human behavior are driving a growing percentage of website traffic while contributing to an avalanche of misinformation.Work from home: Securing RDP and remote access
As work from home is the new norm in the coronavirus era, you’re probably thinking of enabling remote desktop connections for your off-site staff. Here’s how to do it securely.
The post Work from home: Securing RDP and remote access appeared first on WeLiveSecurity
Companies Are Failing to Deploy Key Solution for Email Security
A single -- albeit complex-to-deploy -- technology could stop the most expensive form of fraud, experts say. Why aren't more companies adopting it?Prioritizing High-Risk Assets: A 4-Step Approach to Mitigating Insider Threats
Sound insider threat detection programs combine contextual data and a thorough knowledge of employee roles and behaviors to pinpoint the biggest risks.5 Ways Enterprises Inadvertently Compromise Their Network Security
Is your organization carelessly leaving its networks vulnerable to invasion? Check out these five common oversights to see if your resources are at risk.Twitter discloses Firefox bug that cached private files sent or received via DMs
Private files sent via DMs were cached inside Firefox browsers for as long as a week, even after users logged off.A Hacker's Perspective on Securing VPNs As You Go Remote
As organizations rush to equip and secure their newly remote workforce, it's important to keep things methodical and purposefulZoom Removes Data-Mining LinkedIn Feature
The feature, criticized for "undisclosed data-mining," is only the latest privacy faux pas for Zoom this month.
Name That Toon: The Devil You Know?
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
In COVID-19 Scam Scramble, Cybercrooks Recycle Phishing Kits
Old phishing kits are being pressed into service to keep up with the unprecedented volume of new scams that exploit the pandemic.
‘War Dialing’ Tool Exposes Zoom’s Password Problems
As the Coronavirus pandemic continues to force people to work from home, countless companies are now holding daily meetings using videoconferencing services from Zoom. But without the protection of a password, there's a decent chance your next Zoom meeting could be "Zoom bombed" -- attended or disrupted by someone who doesn't belong. And according to data gathered by a new automated Zoom meeting discovery tool dubbed "zWarDial," a crazy number major corporations are setting up meetings without passwords enabled.‘Zoom is malware’: why experts worry about the video conferencing platform
The company has seen a 535% rise in daily traffic in the past month, but security researchers say the app is a ‘privacy disaster’
As coronavirus lockdowns have moved many in-person activities online, the use of video conferencing platform Zoom has quickly escalated. So, too, have concerns about its security.
In the last month, there was a 535% rise in daily traffic to the Zoom.us download page, according to an analysis from web analytics firm SimilarWeb. Its app for iPhone has been the most downloaded app in the country for weeks, according to the mobile app market research firm Sensor Tower. Even politicians and other high-profile figures, including the British prime minister, Boris Johnson, and the former US federal reserve chair Alan Greenspan, use it for conferencing as they work from home.
Related: Coronavirus and app downloads: what you need to know about protecting your privacy
Continue reading...44M Digital Wallet Items Exposed in Key Ring Cloud Misconfig
Millions of IDs, charge cards, loyalty cards, gift cards, medical marijuana ID cards and personal information was left exposed to the open internet.
Best Practices to Manage Third-Party Cyber-Risk Today
Bold new thinking is needed to solve the rapidly evolving challenge of third-party risk management.New Magecart Skimmer Infects 19 Victim Websites
MakeFrame, named for its ability to make iframes for skimming payment data, is attributed to Magecart Group 7.Emerging MakeFrame Skimmer from Magecart Sets Sights on SMBs
Attacks using a brand-new card-harvesting code is targeting small- to medium-sized businesses, claiming 19 sites so far.