Cybersecurity News


Texas School District Loses $2.3M to Phishing Attack

The Manor Independent School District is investigating a phishing email scam that led to three separate fraudulent transactions.
13 January 2020

‘Cable Haunt’ Bug Plagues Millions of Home Modems

‘Cable Haunt’ Bug Plagues Millions of Home Modems The issue lies in underlying reference software used by multiple cable-modem manufacturers to create device firmware.
13 January 2020

Unpatched Citrix Flaw Now Has PoC Exploits

Unpatched Citrix Flaw Now Has PoC Exploits Over 25,000 servers globally are vulnerable to the critical Citrix remote code execution vulnerability.
13 January 2020

Will This Be the Year of the Branded Cybercriminal?

Threat actors will continue to grow enterprise-style businesses that evolve just like their legitimate counterparts.
13 January 2020

Texas school district falls for email scam, hands over $2.3 million

There are “strong” leads but no real indication of who is responsible.
13 January 2020

‘Rosegold’ National Lottery hacker steals £5, lands prison sentence

The Sentry MBA brute-force account cracking tool was used to compromise user accounts.
13 January 2020

US troops deploying to the Middle East told to leave personal devices at home

US military officials fear operational security (OpSec) failures in handling personal devices might put soldiers in danger.
13 January 2020

Don't Lose That Device

Did you know you are 100 times more likely to lose a laptop or mobile devices than have it stolen? When you are traveling, always double-check to make sure you have your devices with you, such as when leaving airport security, exiting your taxi or check out of your hotel.
13 January 2020

The five: ransomware attacks

The five: ransomware attacks Software that demands money with menaces has hit the big time. Here are some of its most lucrative forms

Cyber-attacks that threaten to publish a victim’s data or block access to it unless a ransom is paid have grown internationally since 2012.

Continue reading...
12 January 2020

Academic research finds five US telcos vulnerable to SIM swapping attacks

Researchers find that 17 of 140 major online services are vulnerable to SIM swapping attacks.
11 January 2020

Proof-of-concept code published for Citrix bug as attacks intensify

Two Citrix bug (CVE-2019-19781) exploits have been published on GitHub yesterday, making future attacks trivial for most hackers.
11 January 2020

Alleged Member of Neo-Nazi Swatting Group Charged

Federal investigators on Friday arrested a Virginia man accused of being part of a neo-Nazi group that targeted hundreds of people in "swatting" attacks, wherein fake bomb threats, hostage situations and other violent scenarios were phoned in to police as part of a scheme to trick them into visiting potentially deadly force on a target's address.
10 January 2020

Synopsys Buys Tinfoil

Tinfoil Security's dynamic application and API security testing capabilities will be added to Synopsys Software Integrity Group.
10 January 2020

Major Brazilian Bank Tests Homomorphic Encryption on Financial Data

The approach allowed researchers to use machine learning on encrypted data without first decrypting it.
10 January 2020

Hundreds of millions of cable modems are vulnerable to new Cable Haunt vulnerability

Cable modems using Broadcom chips are vulnerable to a new vulnerability named Cable Haunt, researchers say.
10 January 2020

6 Unique InfoSec Metrics CISOs Should Track in 2020

6 Unique InfoSec Metrics CISOs Should Track in 2020 You might not find these measurements on a standard cybersecurity department checklist. But they can help evaluate risks you haven't even considered yet.
10 January 2020

Cisco Webex Bug Allows Remote Code Execution

Cisco Webex Bug Allows Remote Code Execution Cisco patched two high-severity flaws this week, in its Webex and IOS XE Software products.
10 January 2020

Lifeline Assistance Phone Users Targeted with ‘Uninstallable’ Adware

Lifeline Assistance Phone Users Targeted with ‘Uninstallable’ Adware A Virgin Mobile-branded phone distributed by Assurance Wireless to low-income U.S. citizens has a trojan pre-installed that can download additional malware.
10 January 2020

Indian National Pleads Guilty to Multimillion-Dollar Call Center Scam

The India-based call centers scammed US victims out of millions of dollars between 2013 and 2016.
10 January 2020

Week in security with Tony Anscombe

Some takeaways from CES 2020 – Firefox update plugs a zero-day – Facebook cracks down on deepfakes

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

10 January 2020