Cybersecurity News


High-Severity Cisco Webex Flaws Fixed

High-Severity Cisco Webex Flaws Fixed The high-severity flaws, existing in Webex Player and Webex Network Recording Player, can allow arbitrary code execution.
05 March 2020

Advanced Tech Needs More Ethical Consideration & Security

Unintended consequences and risks need board-level attention and action.
05 March 2020

Intel CSME bug is worse than previously thought

Researchers say a full patch requires replacing hardware. Only the latest Intel 10th generation CPUs are not affected.
05 March 2020

T-Mobile says hacker gained access to employee email accounts, user data

This is the second security breach T-Mobile discloses in the last six months, after a first incident in November 2019.
05 March 2020

Backdoor malware is being spread through fake security certificate alerts

Victims of this new technique are invited to install a malicious "security certificate update" when they visit compromised websites.
05 March 2020

Trump, Sanders Are the Top Brands for Cybercriminals

Trump, Sanders Are the Top Brands for Cybercriminals An analysis of spam subject lines and malicious domains shows that attackers have been betting on Trump and Sanders to snag public interest.
05 March 2020

Trump, Sanders Are the Top Brands for Cybercriminals

Trump, Sanders Are the Top Brands for Cybercriminals An analysis of spam subject lines and malicious domains shows that attackers have been betting on Trump and Sanders to snag public interest.
05 March 2020

Let’s Encrypt Pushes Back Deadline to Revoke Some TLS Certificates

Let’s Encrypt Pushes Back Deadline to Revoke Some TLS Certificates While 1.7 million of the certificates potentially affected by a CAA bug have already been replaced, around 1 million are still active.
05 March 2020

Guildma: The Devil drives electric

The fourth installment of our occasional series demystifying Latin American banking trojans

The post Guildma: The Devil drives electric appeared first on WeLiveSecurity

05 March 2020

Chinese hackers use decade-old Bisonal Trojan in cyberespionage campaigns

The RAT’s core functions remain the same but it is unusual that the malware has been rehashed over so many years.
05 March 2020

Ryuk ransomware hits Fortune 500 company EMCOR

Company expects the incident to have an impact on its 2020 earnings, according to its 2019 Q4 financial report.
04 March 2020

Malicious Chrome extension caught stealing Ledger wallet recovery seeds

A Chrome extension named Ledger Live was exposed today as malicious. It is currently heavily promoted via Google search ads.
04 March 2020

Let's Encrypt Revokes Over 3 Million of Its Digital Certs

Domain validation glitch prompts an abrupt decision.
04 March 2020

Browsers to block access to HTTPS sites using TLS 1.0 and 1.1 starting this month

More than 850,000 websites still use outdated TLS 1.0 and 1.1 protocols.
04 March 2020

Most Cyberattacks in 2019 Were Waged Without Malware

If the "malware-free" attack trajectory continues, it could mean major trouble for defenders, according to experts from CrowdStrike and other security companies.
04 March 2020

PCI SSC Statement on COVID-19


PCI SSC is aware of the unprecedented situation caused by the spread of COVID-19. As circumstances evolve, questions have arisen surrounding a variety of issues, including the impact on assessments and trainings. We are actively monitoring the developments and collaborating with our stakeholders and community on response and needed guidance. We have established this webpage for all updates, so please be sure to check regularly as this is a constantly evolving situation.

04 March 2020

CISOs Who Want a Seat at the DevOps Table Better Bring Value

Here are four ways to make inroads with the DevOps team -- before it's too late.
04 March 2020

Critical Netgear Bug Impacts Flagship Nighthawk Router

Critical Netgear Bug Impacts Flagship Nighthawk Router Dozens of routers are patched by Netgear as it snuffs out critical, high and medium severity flaws.
04 March 2020

Microsoft OneNote Used To Sidestep Phishing Detection

Microsoft OneNote Used To Sidestep Phishing Detection A recent phishing campaign used OneNote to distribute the Agent Tesla keylogger.
04 March 2020

EternalBlue Longevity Underscores Patching Problem

Three years after the Shadow Brokers published zero-day exploits stolen from the National Security Agency, the SMB compromise continues to be a popular Internet attack.
04 March 2020