Cybersecurity News


Spotify Wrapped 2020 Rollout Marred by Pop Star Hacks

Spotify Wrapped 2020 Rollout Marred by Pop Star Hacks Spotify pages for Dua Lipa, Lana Del Rey, Future and others were defaced by an attacker pledging his love for Taylor Swift and Trump.
02 December 2020

FBI: BEC Scammers Could Abuse Email Auto-Forwarding

Private Industry Notification warns of the role email auto-forwarding could be used in business email compromise attacks.
02 December 2020

Think-Tanks Under Attack by Foreign APTs, CISA Warns

Think-Tanks Under Attack by Foreign APTs, CISA Warns The feds have seen ongoing cyberattacks on think-tanks (bent on espionage, malware delivery and more), using phishing and VPN exploits as primary attack vectors.
02 December 2020

Loyal Employee ... or Cybercriminal Accomplice?

Loyal Employee ... or Cybercriminal Accomplice? Can the bad guys' insider recruitment methods be reverse-engineered to reveal potential insider threats? Let's take a look.
02 December 2020

Xerox DocuShare Bugs Allowed Data Leaks

Xerox DocuShare Bugs Allowed Data Leaks CISA warns the leading enterprise document management platform is open to attack and urges companies to apply fixes.
02 December 2020

Automated Pen Testing: Can It Replace Humans?

These tools have come a long way, but are they far enough along to make human pen testers obsolete?
02 December 2020

Security Slipup Exposes Health Records & Lab Results

NTreatment failed to add password protection to a cloud server, exposing thousands of sensitive medical records online.
02 December 2020

Turla’s ‘Crutch’ Backdoor Leverages Dropbox in Espionage Attacks

Turla’s ‘Crutch’ Backdoor Leverages Dropbox in Espionage Attacks In a recent cyberattack against an E.U. country's Ministry of Foreign Affairs, the Crutch backdoor leveraged Dropbox to exfiltrate sensitive documents.
02 December 2020

Healthcare 2021: Cyberattacks to Center on COVID-19 Spying, Patient Data

Healthcare 2021: Cyberattacks to Center on COVID-19 Spying, Patient Data The post-COVID-19 surge in the criticality level of medical infrastructure, coupled with across-the-board digitalization, will be big drivers for medical-sector cyberattacks next year.
02 December 2020

Account Hijacking Site OGUsers Hacked, Again

For at least the third time in its existence, OGUsers -- a forum overrun with people looking to buy, sell and trade access to compromised social media accounts -- has been hacked.
02 December 2020

Microsoft Revamps ‘Invasive’ M365 Feature After Privacy Backlash

Microsoft Revamps ‘Invasive’ M365 Feature After Privacy Backlash The Microsoft 365 tool that tracked employee usage of applications like Outlook, Skype and Teams was widely condemned by privacy experts.
02 December 2020

Why I'd Take Good IT Hygiene Over Security's Latest Silver Bullet

Why I'd Take Good IT Hygiene Over Security's Latest Silver Bullet Bells and whistles are great, but you can stay safer by focusing on correct configurations, posture management, visibility, and patching.
02 December 2020

DNS Filtering: A Top Battle Front Against Malware and Phishing

DNS Filtering: A Top Battle Front Against Malware and Phishing Peter Lowe with DNSFilter discusses the science behind domain name system (DNS) filtering and how this method is effective in blocking out phishing and malware.
02 December 2020

Open source software security vulnerabilities exist for over four years before detection

GitHub research suggests there is a need to reduce the time between bug detection and fixes.
02 December 2020

Free Mobile App Measures Your Personal Cyber Risk

Free Mobile App Measures Your Personal Cyber Risk New app for Android and Apple iOS uses an algorithm co-developed with MIT to gauge security posture on an ongoing basis.
02 December 2020

iPhone Bug Allowed for Complete Device Takeover Over the Air

iPhone Bug Allowed for Complete Device Takeover Over the Air Researcher Ian Beer from Google Project Zero took six months to figure out the radio-proximity exploit of a memory corruption bug that was patched in May.
02 December 2020

Absa bank embroiled in data leak, rogue employee accused of theft

Personal information belonging to banking customers was compromised.
02 December 2020

Turla Crutch: Keeping the “back door” open

ESET researchers discover a new backdoor used by Turla to exfiltrate stolen documents to Dropbox

The post Turla Crutch: Keeping the “back door” open appeared first on WeLiveSecurity

02 December 2020

Ivanti announces double acquisition of MobileIron, Pulse Secure in zero-trust security push

Ivanti says the deals strengthen the company in the mobile zero-trust security space.
02 December 2020

Unmanaged Devices Heighten Risks for School Networks

Gaming consoles, Wi-Fi Pineapples, and building management systems are among many devices Armis says it discovered on K-12 school networks.
01 December 2020