Cybersecurity News


Misconfigured Databases Targeted Hours After Deployment

Researchers left a poorly configured database open on the Internet to learn who would connect to it and what they would steal.
10 June 2020

Rate of Ransomware Attacks in Healthcare Slows in H1 2020

But lull is unlikely to continue for long, some security experts say.
10 June 2020

Employees Stream Entertainment on Enterprise Systems During Pandemic

Employees aren't limiting use of their work computers to business purposes while working from home.
10 June 2020

Helping Remote Workers Overcome Remote Attacks

Helping Remote Workers Overcome Remote Attacks Because remote workers' devices are all connected to a home network, they don’t even need to be attacked directly. Instead, attackers have multiple avenues of attack that can be exploited.
10 June 2020

Snake Ransomware Delivers Double-Strike on Honda, Energy Co.

Snake Ransomware Delivers Double-Strike on Honda, Energy Co. The ICS/SCADA-focused malware is likely behind a duo of attacks this week, on Honda and a South American energy company, researchers said.
10 June 2020

Vast hack‑for‑hire scheme targeted thousands of people, organizations

An obscure Indian company operated a scheme targeting banks, non-profits, politicians and journalists all over the world, a report says

The post Vast hack‑for‑hire scheme targeted thousands of people, organizations appeared first on WeLiveSecurity

10 June 2020

Critical Intel Flaws Fixed in Active Management Technology

Critical Intel Flaws Fixed in Active Management Technology Two critical flaws in Intel AMT, which could enable privilege escalation, were patched along with 20 other bugs in its June security update.
10 June 2020

The Telehealth Attack Surface

Amid the surge in digital healthcare stemming from the coronavirus pandemic, security is taking a backseat to usability.
10 June 2020

What to Know About the Approved Scanning Vendor Program

 

New vulnerabilities, security holes and bugs are being discovered daily. It is vital to have Internet-facing systems scanned regularly for vulnerabilities to help identify new threats so they can be addressed as soon as possible. Gill Woodcock, VP Global Head of Programs, answers common questions about the Approved Scanning Vendor program.

10 June 2020

Fake COVID-19 Contact-Tracing Apps Infect Android Phones

Researchers find 12 Android applications disguised as official COVID-19 contact tracing apps installing malware onto devices.
10 June 2020

Slovak police seize wiretapping devices connected to government network

Slovak police also arrest four people, including the head of the government agency responsible for managing the government network.
10 June 2020

Asset Management Mess? How to Get Organized

Asset Management Mess? How to Get Organized Hardware and software deployments all over the place due to the pandemic scramble? Here are the essential steps to ensure you can find what you need -- and secure it.
10 June 2020

Microsoft ships hefty patch load this month

The latest Patch Tuesday knocks out a record-high number of vulnerabilities, including new bugs in the SMB protocol

The post Microsoft ships hefty patch load this month appeared first on WeLiveSecurity

10 June 2020

Efficient Security Testing Requires Automation, but Humans Are Needed Too

An annual survey of penetration testers finds that although machines can quickly find many classes of vulnerabilities, human analysts are still necessary to gauge the severity of discovered issues.
10 June 2020

Jenkins team avoids security disaster after partial user database loss

Loophole caused by deleted user database could have allowed threat actors to hijack the user accounts of Jenkins plugin authors.
10 June 2020

Encryption Utility Firm Accused of Bundling Malware Functions in Product

Encryption Utility Firm Accused of Bundling Malware Functions in Product The increasingly prevalent GuLoader malware has been traced back to a far-reaching encryption service that attempts to pass as above-board.
10 June 2020

3 Ways the Pandemic Will Affect Enterprise Security in the Future

While CISOs have been focused on immediate threats, it's time to look ahead to what a post-COVID-19 future will look like.
10 June 2020

Thanos Ransomware First to Weaponize RIPlace Tactic

Thanos Ransomware First to Weaponize RIPlace Tactic Thanos is the first ransomware family to feature the weaponized RIPlace tactic, enabling it to bypass ransomware protections.
10 June 2020

Arm CPUs impacted by rare side-channel attack

Arm issues guidance to developers to mitigate new "straight-line speculation" attack.
10 June 2020

Microsoft Patch Tuesday, June 2020 Edition

Microsoft today released software patches to plug at least 129 security holes in its Windows operating systems and supported software, by some accounts a record number of fixes in one go for the software giant. None of the bugs addressed this month are known to have been exploited or detailed prior to today, but there are a few vulnerabilities that deserve special attention -- particularly for enterprises and employees working remotely.
09 June 2020