Cybersecurity News


The Race to Hack a Satellite at DEF CON

The Race to Hack a Satellite at DEF CON Eight teams competed to win cash, bragging rights, and the chance to control a satellite in space.
13 August 2020

Boeing's DEF CON Debut a Sign of the Times

In the wake of a stalemate between the airplane manufacturer and a security researcher over vulns found in its 787 aircraft's network, Boeing says it's ready to "embrace" the hacker community.
13 August 2020

Secure Development Takes a (Remote) Village

The shift to work from home isn't just about giving your Dev team the physical tools they need.
13 August 2020

NSA & FBI Disclose New Russian Cyberespionage Malware

APT 28, aka Fancy Bear, is deploying the Drovorub malware designed for Linux systems as part of cyber-espionage operations.
13 August 2020

Zoom Faces More Legal Challenges Over End-to-End Encryption

Zoom Faces More Legal Challenges Over End-to-End Encryption The video-conferencing specialist has yet to roll out full encryption, but it says it's working on it.
13 August 2020

FBI and NSA expose new Linux malware Drovorub, used by Russian state hackers

The FBI and NSA issue joint security alert containing technical details about new Linux malware developed by Russia's military hackers.
13 August 2020

New Global Threat Landscape Report Reveals ‘Unprecedented’ Cyberattacks

New Global Threat Landscape Report Reveals ‘Unprecedented’ Cyberattacks Fortinet's recently released Global Threat Landscape Report shows how the perimeter is extending to the home in the first half of 2020 - and what that means for cybercrime.
13 August 2020

Black Hat USA 2020 Shines Spotlight on the Mental Challenges of Cybersecurity

Infosec practitioners face a variety of mental struggles in areas such as awareness training, problem solving, or general mental health. Several sessions at Black Hat USA 2020 highlighted these challenges and how to overcome them.
13 August 2020

PCI SSC Offers Informational Training via New eLearning Platform

 

PCI Security Standards Council (PCI SSC) has adopted a new eLearning platform to move all informational and certification programs online. With the rise of the COVID-19 pandemic, the Council took important steps earlier this year to protect the health and safety of all involved by canceling face-to-face, instructor-led training courses for the remainder of the calendar year.

13 August 2020

Forcepoint Hopes for Breakout Moment by Hopping on the ZTA Bandwagon

The debut of Forcepoint's two-pronged zero trust access (ZTA) solution delivers much-needed competitive momentum, but it must do more to stand out against a growing field of ZTA competitors.
13 August 2020

With iOS's Privacy Nutrition Label, Apple Upstages Regulators

New iOS privacy features require developers to disclose what data they're collecting, how they're using it, and with whom they share it.
13 August 2020

Security Jobs With a Future -- And Ones on the Way Out

Security Jobs With a Future -- And Ones on the Way Out Some titles are hot, while others are not, amid rapidly shifting business priorities.
13 August 2020

ReVoLTE Attack Allows Hackers to Listen in on Mobile Calls

ReVoLTE Attack Allows Hackers to Listen in on Mobile Calls Rare attack on cellular protocol exploits an encryption-implementation flaw at base stations to record voice calls.
13 August 2020

Adaptive Shield Emerges From Stealth

Israeli startup joins growing number of vendors offering platform for detecting and mitigating common configuration errors in cloud environments.
13 August 2020

Emotet Return Brings New Tactics & Evasion Techniques

Security researchers tracking Emotet report its reemergence brings new tricks, including new evasion techniques to bypass security tools.
13 August 2020

High-Severity TinyMCE Cross-Site Scripting Flaw Fixed

High-Severity TinyMCE Cross-Site Scripting Flaw Fixed The cross-site scripting flaw could enable arbitrary code execution, information disclosure - and even account takeover.
13 August 2020

Signal adds message requests to stop spam and protect user privacy

New feature lets Signal users control who can text or voice call, add them to groups.
13 August 2020

Amazon Alexa ‘One-Click’ Attack Can Divulge Personal Data

Amazon Alexa ‘One-Click’ Attack Can Divulge Personal Data Researchers disclosed flaws in Amazon Alexa that could allow attackers to access personal data and install skills on Echo devices.
13 August 2020

In one click: Amazon Alexa could be exploited for theft of voice history, PII, skill tampering

Subdomains belonging to the service were found to be harboring CORS errors and vulnerable to XSS attacks.
13 August 2020

Mekotio: These aren’t the security updates you’re looking for…

Another in our occasional series demystifying Latin American banking trojans

The post Mekotio: These aren’t the security updates you’re looking for… appeared first on WeLiveSecurity

13 August 2020