Cybersecurity News


Social Distancing for Healthcare's IoT Devices

Security pros need to double down around prevention of lateral movement by attackers, especially if IoT devices are connected to the network.
03 June 2020

Enterprise Mobile Phishing Attacks Skyrocket Amidst Pandemic

Enterprise Mobile Phishing Attacks Skyrocket Amidst Pandemic Increase of 37 percent from Q4 2019 to Q1 2020 attributed to creation of remote workforce due to COVID-19 stay-at-home orders.
03 June 2020

Facebook software engineer resigns with scathing criticism of the network’s refusal to act on ‘weaponized hatred’

The former Facebook employee accuses the social network of allowing “politicians to radicalize individuals and glorify violence.”
03 June 2020

Tor’s latest release makes it easier to find secure onion services

Tor Browser 9.5 is also working towards making Dark Web addresses easier to remember.
03 June 2020

Google opens up Advanced Protection Program to Nest devices

The move follows integration with services including Android and Chrome.
03 June 2020

Joomla Resources Directory Users Exposed in Leaky AWS Bucket

Joomla Resources Directory Users Exposed in Leaky AWS Bucket Full backup copies of website, including all user data, was exposed for 2,700 JRD users.
03 June 2020

Ransomware gang says it breached one of NASA's IT contractors

DopplePaymer ransomware gang claims to have breached DMI, a major US IT and cybersecurity provider, and one of NASA IT contractors.
02 June 2020

10 Tips for Maintaining Information Security During Layoffs

10 Tips for Maintaining Information Security During Layoffs Insider cyber threats are always an issue during layoffs -- but with record numbers of home office workers heading for the unemployment line, it's never been harder to maintain cybersecurity during offboarding.
02 June 2020

Mobile Phishing Attacks Increase Sharply

Organizations need to include smartphones and tablets in their phishing mitigation strategies, a new report suggests.
02 June 2020

New cold boot attack affects seven years of LG Android smartphones

LG has released a firmware fix in May 2020. Attack requires physical access.
02 June 2020

Companies Fall Short on Mandatory Reporting of Cybercrimes

Understaffed and under fire, companies fail to report cybercrimes even when they are legally obligated to notify authorities, results of a new survey show.
02 June 2020

Amtrak Breach Rolls Over Frequent Travelers

The breach exposed usernames and passwords of an undisclosed number of program members.
02 June 2020

REvil Ransomware Gang Starts Auctioning Victim Data

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. The move marks an escalation in tactics aimed at coercing victims to pay up -- and publicly shaming those don't. But it may also signal that ransomware purveyors are searching for new ways to profit from their crimes as victim businesses struggle just to keep the lights on during the unprecedented economic slowdown caused by the COVID-19 pandemic.
02 June 2020

Risk Assessment & the Human Condition

Five lessons the coronavirus pandemic can teach security professionals to better assess, monitor, manage, and mitigate organizational risk.
02 June 2020

Two Critical Android Bugs Open Door to RCE

Two Critical Android Bugs Open Door to RCE Google and Qualcomm both addressed significant vulnerabilities in their June updates.
02 June 2020

Severe Cisco DoS Flaw Can Cripple Nexus Switches

Severe Cisco DoS Flaw Can Cripple Nexus Switches Cisco has patched a high-severity flaw that could lead to denial-of-service attacks on its Nexus switch lineup.
02 June 2020

REvil ransomware gang launches auction site to sell stolen data

Ransomware gang takes extortion to a whole new level. Threatens to auction Madonna's legal documents in a future auction.
02 June 2020

Thycotic Buys Onion ID to Extend PAM Portfolio

The acquisition brings three new products into Thycotic's privileged access management lineup.
02 June 2020

Women in Payments: Q&A with Diane Rogerson


Diane Rogerson didn’t choose a career in cybersecurity; rather, it chose her. In this month’s blog series, find out how Rogerson’s transferrable skillsets were more valuable than her subject matter expertise around cybersecurity, and how she thinks other women can be successful in this regard, too.  

02 June 2020

Octopus Scanner Sinks Tentacles into GitHub Repositories

Octopus Scanner Sinks Tentacles into GitHub Repositories At least 26 different open-source code repositories were found to be infected with an unusual attack on the open-source software supply chain.
02 June 2020