Cybersecurity News

AusCERT says alleged DoE hack came from a third-party

AusCERT says a data breach occurred at K7Maths, a company providing services to schools.
02 September 2020

New Threat Activity by Lazarus Group Spells Trouble For Orgs

The North Korea-backed group has launched several campaigns to raise revenue for cash-strapped nation's missile program, security experts say.
01 September 2020

CISA and FBI say they have not seen cyber-attacks this year on voter registration databases

CISA and the FBI issue a joint statement about election and voter database hacking threats after a misleading article in Russian media today.
01 September 2020

Anti-Phishing Startup Pixm Aims to Hook Browser-Based Threats

Pixm visually analyzes phishing websites from a human perspective to detect malicious pages people might otherwise miss.
01 September 2020

Magento Sites Vulnerable to RCE Stemming From Magmi Plugin Flaws

Magento Sites Vulnerable to RCE Stemming From Magmi Plugin Flaws Two flaws - one of them yet to be fixed - are afflicting a third-party plugin used by Magento e-commerce websites.
01 September 2020

Apple Signs Shlayer, Legitimizes Malware

Shlayer, a common macOS Trojan, received Apple's notary certification and place in the App Store -- twice.
01 September 2020

Facebook and Twitter suspend Russian propaganda accounts following FBI tip

The banned accounts belonged to PeaceData, a news website publishing misleading articles about world politics.
01 September 2020

New APT Pioneer Kitten Linked to Iranian Government

The group's targets have primarily been North American and Israeli entities, with a focus on technology, government, defense, and healthcare.
01 September 2020

ISO 27701 Paves the Way for a Strategic Approach to Privacy

As the first certifiable international privacy management standard, ISO 27701 is a welcome addition to the existing set of common security frameworks.
01 September 2020

Norwegian Parliament discloses cyber-attack on internal email system

Norway's Parliament, Stortinget, says hackers gained access and downloaded content for "a small number of parliamentary representatives and employees."
01 September 2020

U.S. Voter Databases Offered for Free on Dark Web, Report

U.S. Voter Databases Offered for Free on Dark Web, Report Some underground forum users said they're monetizing the information through the State Department's anti-influence-campaign effort.
01 September 2020

Magecart Credit-Card Skimmer Adds Telegram as C2 Channel

Magecart Credit-Card Skimmer Adds Telegram as C2 Channel In a rare move, the encrypted messaging service is being used to send stolen payment-card data from websites back to cybercriminals.
01 September 2020

FBI: Ring Smart Doorbells Could Sabotage Cops

FBI: Ring Smart Doorbells Could Sabotage Cops While privacy advocates have warned against Ring's partnerships with police, newly unearthed documents reveal FBI concerns about 'new challenges' smart doorbell footage could create for cops.
01 September 2020

Why Are There Still So Many Windows 7 Devices?

As the FBI warns, devices become more vulnerable to exploitation as time passes, due to a lack of security updates and new, emerging vulnerabilities.
01 September 2020

Poll: Help Wanted

Is your security team hiring?
01 September 2020

Pioneer Kitten APT Sells Corporate Network Access

Pioneer Kitten APT Sells Corporate Network Access The Iran-based APT has infiltrated multiple VPNs using open-source tools and known exploits.
01 September 2020

FBI warned of how Ring doorbell surveillance can be used against police officers

Smart doorbells can provide the police with valuable intelligence -- but the network can also be turned against them.
01 September 2020

AI on the Email Offense

AI on the Email Offense Mass domain purchasing enables email attackers to slip by traditional defenses. Here's how artificial intelligence can stop them.
01 September 2020

Tor launches membership program to secure finance, boost integration

Members include Avast, DuckDuckGo, and Insurgo.
01 September 2020

Iranian hackers are selling access to compromised companies on an underground forum

The Iranian hacker group who's been attacking corporate VPNs for months is now trying to monetize some of the hacked systems by selling access to some networks to other hackers.
31 August 2020