Cybersecurity News
New York asks domain registrars to crack down on sites used for coronavirus scams
New York Attorney General wants GoDaddy, Namecheap and other domain registrars to crack down on coronavirus scam sites.23 March 2020
Microsoft Publishes Advisory for Windows Zero-Day
There is no available patch for the vulnerabilities, which Microsoft says exist in all supported versions of Windows.23 March 2020
Three Ways Your BEC Defense Is Failing & How to Do Better

23 March 2020
538 Million Weibo Users' Info for Sale on Dark Web
The user data, which does not include passwords, purportedly comes from a mid-2019 breach.23 March 2020
Apache Tomcat Exploit Poised to Pounce, Stealing Files

23 March 2020
Apache Tomcat Exploit Poised to Pounce, Stealing Files

23 March 2020
Hackers Actively Exploit 0-Day in CCTV Camera Hardware

23 March 2020
Hackers Actively Exploit 0-Day in CCTV Camera Hardware

23 March 2020
Who’s Behind the ‘Web Listings’ Mail Scam?
In December 2018, KrebsOnSecurity looked at how dozens of U.S. political campaigns, cities and towns had paid a shady company called Web Listings Inc. after receiving what looked like a bill for search engine optimization (SEO) services rendered on behalf of their domain names. The story concluded that this dubious service had been scamming people and companies for more than a decade, and promised a Part II to explore who was behind Web Listings. What follows are some clues that point to a very convincing answer to that question.23 March 2020
Microsoft Warns of Critical Windows Zero-Day Flaws

23 March 2020
Microsoft Warns of Critical Windows Zero-Day Flaws

23 March 2020
Microsoft warns of Windows zero-day exploited in the wild
BREAKING: Hackers are exploiting a zero-day in the Adobe Type Manager Library (atmfd.dll) that ships with the Windows OS.23 March 2020
FBI Warns of Fake CDC Emails in COVID-19 Phishing Alert
Fraudsters exploit concerns by claiming to offer virus-related information or promising stimulus checks.23 March 2020
FireEye warns about the proliferation of ready-made ICS hacking tools
The growing number of hacking tools targeting industrial equipment is slowly becoming a problem.23 March 2020
Protecting Payments While Working Remotely
PCI SSC is dedicated to providing necessary guidance to the payments industry during evolving circumstances related to COVID-19. The current climate is forcing more global organizations to a remote-work model. As organization make this shift, it is important to maintain security practices to protect payment card data. The following are excerpts related to remote work best practices taken from the PCI SSC Information Supplement “Protecting Telephone-Based Payment Card Data”.
23 March 2020
Fake Coronavirus ‘Vaccine’ Website Busted in DoJ Takedown

23 March 2020
Fake Coronavirus ‘Vaccine’ Website Busted in DoJ Takedown

23 March 2020
8 Infosec Page-Turners for Days Spent Indoors

23 March 2020
The good, the bad and the plain ugly
A prolific ransomware gang vows to dial back its campaigns and spare healthcare organizations altogether during the COVID-19 crisis. It’s no cause for celebration.
The post The good, the bad and the plain ugly appeared first on WeLiveSecurity
23 March 2020
From Zero to Hero: CISO Edition
It's time for organizations to realize that an empowered CISO can effectively manage enterprise risk and even grow the business along the way.23 March 2020