Cybersecurity News


Researchers warn of internet security risks connected to Tesla Backup Gateway

Hundreds of Tesla gateway systems have been found, exposed and open, online.
17 November 2020

Some Apple Apps on macOS Big Sur Bypass Content Filters, VPNs

Some Apple Apps on macOS Big Sur Bypass Content Filters, VPNs Attackers can exploit the feature and send people’s data directly to remote servers, posing a privacy and security risk, researchers said.
17 November 2020

Twitter hires veteran hacker Mudge as head of security

Twitter hires veteran hacker Mudge as head of security

Peiter Zatko’s appointment follows mass attack on social media platform in July

Twitter has appointed one of the world’s most respected hackers as its new head of security in the wake of a humiliating mass attack in July.

The company has placed Peiter Zatko in charge of protecting its platform from threats of all varieties, poaching him from the payments startup Stripe. Zatko is better known as Mudge, his handle for more than 20 years of operation on both sides of the information security arena.

Related: Why are public thinkers flocking to Substack? | Sean Monahan

Continue reading...
17 November 2020

Firefox 83 released with 'HTTPS-Only Mode' that only loads HTTPS sites

Mozilla expects that HTTPS-Only Mode will soon become the default browsing state for most web browsers.
17 November 2020

Cryptocurrency platform dangles ‘bug bounty’ carrot to hacker who stole $2 million

Akropolis has not yet gone to law enforcement, giving the hacker time to consider the proposal.
17 November 2020

More than 200 systems infected by new Chinese APT 'FunnyDream'

New Chinese APT discovered targeting Southeast Asian governments.
17 November 2020

More than 245,000 Windows systems still remain vulnerable to BlueKeep RDP bug

Millions of computers and servers across the globe remain unpatched for some of today's most dangerous bugs.
17 November 2020

Breakdown of a Break-in: A Manufacturer's Ransomware Response

The analysis of an industrial ransomware attack reveals common tactics and proactive steps that businesses can take to avoid similar incidents.
16 November 2020

Dating Site Bumble Leaves Swipes Unsecured for 100M Users

Dating Site Bumble Leaves Swipes Unsecured for 100M Users An API bug exposed personal information of users like political leanings, astrological signs, education, and even height and weight, and their distance away in miles.
16 November 2020

Global Pandemic Fuels Cyber-Threat Workload for National Cyber Security Centre, Shows Annual Review

From securing the Nightingale hospitals to tackling threats to vaccine research and production, a large part of the National Cyber Security Centre's (NCSC) recent work in the UK has been related to the coronavirus pandemic, as Ron Alalouff discovered when reporting on its Annual Review.
16 November 2020

Attackers Target Porn Site Goers in ‘Malsmoke’ Zloader Attack

Attackers Target Porn Site Goers in ‘Malsmoke’ Zloader Attack A fake Java update found on various porn sites actually downloads the well-known Zloader malware.
16 November 2020

Twitter Taps Mudge

Noted security researcher Peiter Zatko joins the social network as head of security.
16 November 2020

Citrix SD-WAN Bugs Allow Remote Code Execution

Citrix SD-WAN Bugs Allow Remote Code Execution The bugs tracked as CVE-2020–8271, CVE-2020–8272 and CVE-2020–8273 exist in the Citrix SD-WAN Center.
16 November 2020

New Zoom feature can alert room owners of possible Zoombombing disruptions

The new "At-Risk Meeting Notifier" Zoom feature scans the internet and alerts conference organizers when a link to their Zoom meeting has been posted online.
16 November 2020

Zoom Debuts New Tools to Fight Meeting Disruptions

Two new capabilities in version 5.4.3 let hosts and co-hosts pause Zoom meetings to remove and report disruptive attendees.
16 November 2020

Hacked Security Software Used in Novel South Korean Supply-Chain Attack

Hacked Security Software Used in Novel South Korean Supply-Chain Attack Lazarus Group is believed to be behind a spate of attacks that leverage stolen digital certificates tied to browser software that secures communication with government and financial websites in South Korea.
16 November 2020

Exposed Database Reveals 100K+ Compromised Facebook Accounts

Exposed Database Reveals 100K+ Compromised Facebook Accounts Cybercriminals left an ElasticSearch database exposed, revealing a global attack that compromised Facebook accounts and used them to scam others.
16 November 2020

A Call for Change in Physical Security

We're at an inflection point. The threats we face are dynamic, emerging, and global. Are you ready?
16 November 2020

The ransomware landscape is more crowded than you think

More than 25 Ransomware-as-a-Service (RaaS) portals are currently renting ransomware to other criminal groups.
16 November 2020

Cybercrime Moves to the Cloud to Accelerate Attacks Amid Data Glut

Cybercrime Moves to the Cloud to Accelerate Attacks Amid Data Glut A report on the underground economy finds that malicious actors are offering cloud-based troves of stolen data, accessible with handy tools to slice and dice what's on offer.
16 November 2020