Cybersecurity News


U.S. Govt. Makes it Harder to Get .Gov Domains

The federal agency in charge of issuing .gov domain names is enacting new requirements for validating the identity of people requesting them. The additional measures come less than four months after KrebsOnSecurity published research suggesting it was relatively easy for just about anyone to get their very own .gov domain. In November's piece It's Way Too Easy to Get a .gov Domain Name, an anonymous source detailed how he obtained one by impersonating an official at a small town in Rhode Island that didn't already have its own .gov.
07 March 2020

Google could have fixed 2FA code-stealing flaw in Authenticator app years ago

Google Authenticator app lets other apps take screenshots of its code. Issue was first reported to Google in October 2014, but it was never addressed.
07 March 2020

New Ransomware Variant Developed Entirely as Shellcode

PwndLocker is harder to detect than other crypto-malware, Crypsis Group says.
06 March 2020

7 Cloud Attack Techniques You Should Worry About

7 Cloud Attack Techniques You Should Worry About Security pros detail the common and concerning ways attackers target enterprise cloud environments.
06 March 2020

Next-Gen Ransomware Packs a ‘Human’ Punch, Microsoft Warns

Next-Gen Ransomware Packs a ‘Human’ Punch, Microsoft Warns Ryuk, DoppelPaymer, Parinacota and other ransomware groups are getting more sophisticated, Microsoft warns.
06 March 2020

Next-Gen Ransomware Packs a ‘Human’ Punch, Microsoft Warns

Next-Gen Ransomware Packs a ‘Human’ Punch, Microsoft Warns Ryuk, DoppelPaymer, Parinacota and other ransomware groups are getting more sophisticated, Microsoft warns.
06 March 2020

Former Acting Inspector General Charged in Federal Fraud Scheme

A federal grand jury has indicted Charles K. Edwards on 16 counts related to a conspiracy to steal software from one department and sell an enhanced version to another.
06 March 2020

Out at Sea, With No Way to Navigate: Admiral James Stavridis Talks Cybersecurity

Out at Sea, With No Way to Navigate: Admiral James Stavridis Talks Cybersecurity The former Supreme Allied Commander of NATO gives Dark Reading his take on the greatest cyber threats our nation and its businesses face today.
06 March 2020

Spread of Coronavirus-Themed Cyberattacks Persists with New Attacks

Spread of Coronavirus-Themed Cyberattacks Persists with New Attacks In cybersecurity circles, the Coronavirus is spurring anxiety over the virtual abuse of the deadly disease by scammers.
06 March 2020

Spread of Coronavirus-Themed Cyberattacks Persists with New Attacks

Spread of Coronavirus-Themed Cyberattacks Persists with New Attacks In cybersecurity circles, the Coronavirus is spurring anxiety over the virtual abuse of the deadly disease by scammers.
06 March 2020

Siemens Shares Incident Response Playbook for Energy Infrastructure

The playbook simulates a cyberattack on the energy industry to educate regulators, utilities, and IT and OT security experts.
06 March 2020

Former DHS official charged with theft of confidential government software, databases

Former DHS Acting Inspector General accused of stealing DHS software in an attempt to make a profit by reselling it back to the US government.
06 March 2020

Critical Zoho Zero-Day Flaw Disclosed

Critical Zoho Zero-Day Flaw Disclosed A Zoho zero day vulnerability and proof of concept (PoC) exploit code was disclosed on Twitter.
06 March 2020

Critical Zoho Zero-Day Flaw Disclosed

Critical Zoho Zero-Day Flaw Disclosed A Zoho zero day vulnerability and proof of concept (PoC) exploit code was disclosed on Twitter.
06 March 2020

Week in security with Tony Anscombe

ESET research into the Guildma banking trojan – What can you do to stay safe from online fraud – Why become a cybersecurity professional

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

06 March 2020

Securing Our Elections Requires Change in Technology, People & Attitudes

Increasing security around our election process and systems will take a big effort from many different parties. Here's how.
06 March 2020

Physical Flaws: Intel's Root-of-Trust Issue Mostly Mitigated

An insider, or security expert with physical access, can compromise the hardware protections of Intel chips sold in the past five years.
06 March 2020

Virgin Media data leak exposes details of almost 1 million people

The misconfigured database was accessed by an unauthorized party on at least one occasion

The post Virgin Media data leak exposes details of almost 1 million people appeared first on WeLiveSecurity

06 March 2020

Zoho zero-day published on Twitter

Security experts fear the bug may be soon exploited by ransomware gangs.
06 March 2020

Microsoft: 99.9% of compromised accounts did not use multi-factor authentication

Only 11% of all enterprise accounts use a MFA solution overall.
06 March 2020