Cybersecurity News


Configuration snafu exposes passwords for two million marijuana growers

Passwords for GrowDiaries users were stored using the weak MD5 hashing function, putting customer accounts at risk of attacks.
03 November 2020

Women in Payments: Q&A with Gina Gobeyn

 

From businesswoman to cybersecurity chief, Gina Gobeyn took a nontraditional route to the payments space and found that it made all the difference. In this month’s blog series, Gobeyn explains why soft skills are just as important as technical skills when it comes to protecting data and fighting bad guys.

03 November 2020

9 Cyber Disaster Recovery Planning Tips for a Disaster-Prone Time

9 Cyber Disaster Recovery Planning Tips for a Disaster-Prone Time This year has been the ultimate test of business resilience, and if anything has become clear, it's this: Security pros need to get to work and overhaul their playbooks in preparation for multilayered attacks.
03 November 2020

Adobe Warns Windows, MacOS Users of Critical Acrobat and Reader Flaws

Adobe Warns Windows, MacOS Users of Critical Acrobat and Reader Flaws The critical-severity Adobe Acrobat and Reader vulnerabilities could enable arbitrary code execution and are part of a 14-CVE patch update.
03 November 2020

Media Comms Giant Says Ransomware Hit Will Cost Millions

Media Comms Giant Says Ransomware Hit Will Cost Millions Aussie firm Isentia said "remediation and foregone revenue" could total $8.5 million AUS or more.
03 November 2020

Reworking the Taxonomy for Richer Risk Assessments

Reworking the Taxonomy for Richer Risk Assessments By accommodating unique requirements and conditions at different sites, security pros can dig deeper get a clearer sense of organizational risk.
03 November 2020

Oracle Rushes Emergency Fix for Critical WebLogic Server Flaw

Oracle Rushes Emergency Fix for Critical WebLogic Server Flaw The remote code-execution flaw (CVE-2020-14750) is low-complexity and requires no user interaction to exploit.
03 November 2020

6 Cybersecurity Lessons From 2020

6 Cybersecurity Lessons From 2020 The COVID-19 pandemic exposed new weaknesses in enterprise cybersecurity preparedness.
03 November 2020

6 Cybersecurity Lessons From 2020

6 Cybersecurity Lessons From 2020 The COVID-19 pandemic exposed new weaknesses in enterprise cybersecurity preparedness.
03 November 2020

A career in cybersecurity: Is it for you?

There’s no shortage of opportunities for cybersecurity professionals and people looking to break into this field of endeavor. Could this also be the right career path for you?

The post A career in cybersecurity: Is it for you? appeared first on WeLiveSecurity

03 November 2020

FireEye releases ThreatPursuit, a Windows VM for threat intel analysts

ThreatPursuit VM comes packed with more than 50 tools threat intelligence analysts use to hunt adversaries.
03 November 2020

Russian hacker jailed over botnet data scraping scheme that drained victim bank accounts

Prosecutors estimate the scheme has caused financial losses of at least $100 million.
03 November 2020

Oracle publishes rare out-of-band security update for WebLogic servers

Oracle releases additional fix to patch a bug for the second time after the publication of proof-of-concept exploit code.
03 November 2020

Adobe hires new CSO in Mark Adams to guide the company in its post-Flash era

Adams served as CSO for Blizzard Entertainment for four years before joining Adobe today.
02 November 2020

California's Prop. 24 Splits Privacy Advocates

Critics worry that the curatives in Prop. 24 are worse than the disease of privacy-rights violations.
02 November 2020

Microsoft & Others Catalog Threats to Machine Learning Systems

Thirteen organizations worked together to create a dictionary of techniques used to attack ML models and warn that such malicious efforts will become more common.
02 November 2020

Google patches second Chrome zero-day in two weeks

Google Chrome 86.0.4240.183 available for download. Patches 10 security bugs, including an actively-exploited zero-day.
02 November 2020

New Tools Make North Korea's Kimsuky Group More Dangerous

Threat actor actively targeting US organizations in global intelligence-gathering campaign, government says.
02 November 2020

Hacker group uses Solaris zero-day to breach corporate networks

The zero-day appears to have been bought off a black-market website for $3,000.
02 November 2020

Russian National Sentenced to 8 Years in Prison for Role in Botnet Operation

Cybercrime scheme netted more than $100 million.
02 November 2020