Cybersecurity News
86% of Companies Report Network Disruption Amid Remote Work Shift
Nearly two-thirds say disruptions were at least moderate in severity, and more have seen VPN connectivity issues as employees work from home.29 April 2020
High-Severity Cisco IOS XE Flaw Threatens SD-WAN Routers
Cisco's IOS XE software for SD-WAN routers has a high-severity insufficient input validation flaw.
29 April 2020
Millions of Brute-Force Attacks Hit Remote Desktop Accounts
Automated attacks on Remote Desktop Protocol accounts are aimed at taking over corporate desktops and infiltrating networks.
29 April 2020
Google announces Chrome Web Store crackdown for August 2020
Google plans to remove a bunch of garbage and useless Chrome extensions from the Web Store.29 April 2020
7 Secure Remote Access Services for Today's Enterprise Needs
Secure remote access is a "must" for enterprise computing today, and there are options for you to explore in the dynamic current environment.
29 April 2020
Microsoft Warns of Malware Hidden in Pirated Film Files
An active campaign inserts malicious VBScript into ZIP files posing as downloads for "John Wick 3," "Contagion," and other popular movies.29 April 2020
7 Fraud Predictions in the Wake of the Coronavirus
It's theme and variations in the fraud world, and fraudsters love -- and thrive -- during chaos and confusion29 April 2020
Kaspersky: RDP brute-force attacks have gone up since start of COVID-19
RDP brute-force attack numbers rose in mid-March as quarantines were being imposed over the globe.29 April 2020
ThreatList: Human-Mimicking Bots Spike, Targeting e-Commerce and Travel
Overall bot activity on the web has soared, with a 26 percent growth rate -- attacks on applications, APIs and mobile sites are all on the rise.
29 April 2020
Critical GitLab Flaw Earns Bounty Hunter $20K
A GitLab path traversal flaw could allow attackers to read arbitrary files and remotely execute code.
29 April 2020
Web Shells Continue to Threaten
A decade after their first use, Web shells remain a common tool for all stripes of attackers, from common cybercriminals to sophisticated state actors.29 April 2020
Phishers Start to Exploit Oil Industry Amid COVID-19 Woes
While a massive flood of attacks has yet to materialize, cybersecurity experts say this could be the calm before the storm.29 April 2020
4 Ways to Get to Defensive When Faced by an Advanced Attack
To hold your own against nation-state-grade attacks, you must think and act differently.29 April 2020
EFF: Google, Apple’s Contact-Tracing System Open to Cyberattacks
Malicious actors could potentially harvest data over the air and use it to shake confidence in the public-health system, EFF says.
29 April 2020
Estonia: Foreign hackers breached local email provider for targeted attacks
Hackers hijacked a small number of Mail.ee accounts "belonging to persons of interest to a foreign country."29 April 2020
ESET Threat Report
A view of the Q1 2020 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
The post ESET Threat Report appeared first on WeLiveSecurity
29 April 2020
GitLab awards researcher $20,000, patches remote code execution bug
Engineers jumped on the issue which earned the researcher $1,000 at the point of triage.29 April 2020
Microsoft open-sources in-house library for handling QUIC connections
Microsoft says MsQuic will soon be part of most of its products, like Windows, .NET, Microsoft 365, and others.29 April 2020
National Security Agency releases guide to secure video conferencing
By William Knowles @c4i Senior Editor InfoSec News April 29, 2020 Last Friday, the National Security Agency released a guide aimed mainly towards U.S. Government employees and military service members are working from home, but is also ideal for business professionals on Selecting and Safely Using Collaboration Services for Telework. This cybersecurity guidance contains a […]29 April 2020
Adobe patches critical code, corruption bugs across Bridge, Illustrator, Magento
The company has squashed a range of critical flaws leading to arbitrary code execution.29 April 2020