Cybersecurity News
Vulnerabilities Continue Around 2019 Pace
After lagging 2019 numbers in the first quarter, vulnerabilities have surged in the rest of 2020, leading researchers to predict that final numbers for this year will meet or exceed those of last year, report says.09 December 2020
Google open-sources Atheris, a tool for finding security bugs in Python code
Atheris helps developers find bugs in Python-based codebases using a technique called fuzzing.09 December 2020
SideWinder APT Targets Nepal, Afghanistan in Wide-Ranging Spy Campaign
Convincing email-credentials phishing, emailed backdoors and mobile apps are all part of the groups latest effort against military and government targets.
09 December 2020
Former Microsoft Cloud Security Leads Unveil New Startup
Wiz has raised $100 million since its January launch and plans to help businesses with visibility into cloud security threats.09 December 2020
The Holiday Shopping Season: A Prime Opportunity for Triangulation Fraud
As e-commerce sales increase, so does the risk of hard-to-detect online fraud.09 December 2020
Microsoft Patch Tuesday fixes 58 flaws
The last Patch Tuesday of the year brings another fresh batch of fixes for Microsoft products and while the number may be lower the patches are no less important.
The post Microsoft Patch Tuesday fixes 58 flaws appeared first on WeLiveSecurity
09 December 2020
EU agency in charge of COVID-19 vaccine approval says it was hacked
The European Medicines Agency (EMA) says it's investigating a recent cyber-attack.09 December 2020
COVID-19 Vaccine Cyberattacks Steal Credentials, Spread Zebrocy Malware
Cybercriminals are leveraging the recent rollout of the COVID-19 vaccines globally in various cyberattacks - from stealing email passwords to distributing the Zebrocy malware.
09 December 2020
Navigating the Security Maze in a New Era of Cyberthreats
Multiple, dynamic threats have reshaped the cyber-risk landscape; ignore them at your peril.09 December 2020
D-Link Routers at Risk for Remote Takeover from Zero-Day Flaws
Critical vulnerabilities discovered by Digital Defense can allow attackers to gain root access and take over devices running same firmware.
09 December 2020
Black Hat Europe: Dark Reading Video News Desk Coverage
Coming to you from virtual backgrounds and beautifully curated bookcases around the world, Dark Reading brings you video interviews with the leading researchers speaking at this week's Black Hat Europe.09 December 2020
Global Cybercrime Losses Cross $1 Trillion Mark
A shift from attackers targeting individual systems to entire organizations is pushing up cost of cyberattacks sharply, McAfee says.09 December 2020
Hackers hide web skimmer inside a website's CSS files
Previously, security researchers found web skimmers (Magecart scripts) inside favicons, site logos, live chat windows, and, most recently, in social media sharing buttons.09 December 2020
Oblivious DoH: Cloudflare supports new privacy, security-focused DNS standard
Test clients for the new standard have been released to the open source community.09 December 2020
Adobe security update squashes critical vulnerabilities in Lightroom, Prelude
Adobe’s last major patch round of 2020 has dealt with arbitrary code and JavaScript execution bugs.09 December 2020
Four sentenced to prison for planting malware on 20 million Gionee smartphones
Chinese quartet conspired to plant a malicious SDK inside an app that came preinstalled on Gionee devices.08 December 2020
Patch Tuesday, Good Riddance 2020 Edition
Microsoft today issued its final batch of security updates for Windows PCs in 2020, ending the year with a relatively light patch load. Nine of the 58 security vulnerabilities addressed this month earned Microsoft's most-dire "critical" label, meaning they can be abused by malware or miscreants to seize remote control over PCs without any help from users.08 December 2020
Google Patches Critical Wi-Fi and Audio Bugs in Android Handsets
Google updates its mobile OS, fixing ten critical bugs, including one remote code execution flaw.
08 December 2020
Open-Source Developers Still Not Interested in Secure Coding
Security and development are still two different worlds, with open-source developers resistant to spending time finding and fixing vulnerabilities.08 December 2020
Nation-State Hackers Breached FireEye, Stole Its Red Team Tools
"Novel techniques" used by the attackers cheated security tools and forensics, according to FireEye CEO Kevin Mandia.08 December 2020