Cybersecurity News
Critical CSRF vulnerability found on Glassdoor company review platform
The critical flaw impacted both job seeker and employer accounts on the web domain.11 December 2020
CISA and FBI warn of rise in ransomware attacks targeting K-12 schools
The percentage of ransomware attacks against K-12 schools increased at the beginning of the 2020 school year11 December 2020
Facebook doxes APT32, links Vietnam's primary hacking group to local IT firm
Facebook suspends accounts linked to APT32, says the group used its platform to spread malware.10 December 2020
Knowing What the Enemy Knows Is Key to Proper Defense
Think like an attacker if you want to understand your attack surface, says security researcher at Black Hat Europe.10 December 2020
Juvenile Pleads Guilty to 2016 DNS Attack
Mirai botnet was used to target Sony in an attack that took down DynDNS and a number of its notable customers.10 December 2020
Tech unicorn UiPath discloses data breach
EXCLUSIVE: UiPath admits to accidentally exposing a file containing the personal details of some of its registered users.10 December 2020
Contact-Tracing Apps Still Expose Users to Security, Privacy Issues
Of nearly 100 apps tested, 40% have significant security issues, using either GPS locations or bespoke Bluetooth proximity detection to determine exposure.10 December 2020
'Fingerprint-Jacking' Attack Technique Manipulates Android UI
Researchers explore fingerprint-jacking, a user interface-based attack that targets fingerprints scanned into Android apps.10 December 2020
Defending the Intelligent Edge from Evolving Attacks
Fortinet's Aamir Lakhani discusses best practices for securing company data against next-gen threats, like edge access trojans (EATs).
10 December 2020
FireEye Breach Fallout Yet to Be Felt
Aftermath of the FireEye breach by Russia's foreign service agency raises concerns over what the attackers could do next - and how to defend against it.10 December 2020
Chinese APT suspected of supply chain attack on Mongolian government agencies
Chinese hackers have compromised the update mechanism of a chat app used by hundreds of Mongolian government agencies.10 December 2020
Pfizer COVID-19 Vaccine Targeted in EU Cyberattack
Threat actors accessed Pfizer vaccine documentation submitted to EU regulators in the latest cyberattack trying to profit off pandemic suffering.
10 December 2020
Cloud Identity and Access Management: Understanding the Chain of Access
Here's where enterprises encounter challenges with cloud IAM and the best practices they should follow to correct these mistakes.10 December 2020
Microsoft exposes Adrozek, malware that hijacks Chrome, Edge, and Firefox
Microsoft says that at its peak, Adrozek had controlled more than 30,000 devices a day.10 December 2020
MoleRats APT Returns with Espionage Play Using Facebook, Dropbox
The threat group is increasing its espionage activity in light of the current political climate and recent events in the Middle East, with two new backdoors.
10 December 2020
Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company
Payment card processing giant TSYS suffered a ransomware attack earlier this month. Since then reams of data stolen from the company have been posted online, with the attackers promising to publish more in the coming days. But the company says the malware did not jeopardize card data, and that the incident was limited to administrative areas of its business.10 December 2020
51% of Edge Readers Plan to Pursue New Cybersecurity Certification in 2021
Demands of the "new normal" won't stop the majority of poll-takers from mastering new skills.
10 December 2020
Pwnie Awards 2020 winners include Zerologon, CurveBall, Checkm8, BraveStarr attacks
The cybersecurity community voted for the best bugs and vulnerabilities discovered over the past year.10 December 2020
PLEASE_READ_ME Ransomware Attacks 85K MySQL Servers
Ransomware actors behind the attack have breached at least 85,000 MySQL servers, and are currently selling at least compromised 250,000 databases.
10 December 2020