Cybersecurity News
Hackers Cashing In On Healthcare Industry Security Weaknesses
Between ransomware attacks on healthcare devices, malware-laced “medical” apps, and fraud services available on the dark net, attackers are pushing the boundaries on targeting healthcare.
26 February 2020
Open Cybersecurity Alliance Releases New Language for Security Integration
OpenDXL Ontology is intended to allow security components to interoperate right out of the box.26 February 2020
Next-Gen SOC Is On Its Way and Here's What It Should Contain
The next-gen-SOC starts with the next-gen SIEM, and Jason Mical of Devo Technology and Kevin Golas from OpenText talk about what capabilities are required, including threat hunting and greater automation, and how security professionals should exploit the tools.26 February 2020
Here's how to enable DoH in each browser, ISPs be damned
DoH support is already present in all major browsers. Users just have to enable it and configure it.26 February 2020
Kr00k Wi-Fi Vulnerability Affected a Billion Devices
Routers and devices with Broadcom and Cypress Wi-Fi chipsets could be forced to sometimes use encryption keys consisting of all zeroes. Now patched, the issue affected a billion devices, including those from Amazon, Apple, Google, and Samsung.26 February 2020
New Kr00k vulnerability lets attackers decrypt WiFi packets
Kr00k affects devices using Broadcom and Cypress Wi-Fi chips.26 February 2020
5 Ways to Up Your Threat Management Game
Good security programs start with a mindset that it's not about the tools, it's what you do with them. Here's how to get out of a reactive fire-drill mode with vulnerability management.26 February 2020
KrØØk: Serious vulnerability affected encryption of billion+ Wi‑Fi devices
ESET researchers uncover a previously unknown security flaw allowing an adversary to decrypt some wireless network packets transmitted by vulnerable devices
The post KrØØk: Serious vulnerability affected encryption of billion+ Wi‑Fi devices appeared first on WeLiveSecurity
26 February 2020
Zyxel 0day Affects its Firewall Products, Too
On Monday, networking hardware maker Zyxel released security updates to plug a critical security hole in its network attached storage (NAS) devices that is being actively exploited by crooks who specialize in deploying ransomware. Today, Zyxel acknowledged the same flaw is present in many of its firewall products.26 February 2020
Iranian APT Targets Govs With New Malware
A new campaign is targeting governments with the ForeLord malware, which steals credentials.
26 February 2020
Unpatched Security Flaws Open Connected Vacuum to Takeover
A connected, robotic vacuum cleaner has serious vulnerabilities that could allow remote hackers to view its video footage and launch denial of service attacks.
26 February 2020
Raccoon malware targets massive range of browsers to steal your data and cryptocurrency
Every browser you can think of is a target of the popular malware.26 February 2020
Emotet Resurfaces to Drive 145% of Threats in Q4 2019
Analysis of 92 billion rejected emails reveals a range of simple and complex attack techniques for the last quarter of 2019.26 February 2020
Cryptographers Panel Tackles Espionage, Elections & Blockchain
Encryption experts gave insights into the Crypto AG revelations, delved into complexities of the "right to be forgotten," and more at RSA Conference.26 February 2020
Stalkerware Attacks Increased 50 Percent Last Year, Report
Research puts the emerging mobile threat—which monitors the whereabouts and device activity of devices users as well as collects personal data—into clearer focus.
26 February 2020
Former Microsoft engineer convicted of 18 felonies for digital currency fraud scam
After scamming Microsoft, the software expert treated himself to a Tesla vehicle and a lakefront home.26 February 2020
Samsung says Find my Mobile glitch not connected to recent data leak
The strange Find my Mobile ‘1’ glitch experienced by users is thought to be wholly separate from recent customer data exposure.26 February 2020
Chrome 80 update cripples top cybercrime marketplace
90% of all stolen credentials on the Genesis Store came from the AZORult malware. Now, the malware doesn't work in Chrome 80.26 February 2020
Cloud Security
One of the most effective steps you can take to protect your cloud account is to make sure you are using two-step verification. In addition, always be sure you know exactly whom you are sharing files with. It is very easy to accidently share your files with the entire Internet when you think you are only sharing them with specific individuals.26 February 2020
Australian banks targeted by DDoS extortionists
Hackers are sending emails to banks asking for large payments in Monero, and threatening DDoS attacks if their demands aren't met.25 February 2020