Cybersecurity News


Joomla team discloses data breach

Joomla says a team member left an unencrypted backup of the JRD portal on a private AWS S3 bucket.
31 May 2020

Hacker leaks database of dark web hosting provider

Leaked data contains email addresses, site admin passwords, and .onion domain private keys.
31 May 2020

Career Choice Tip: Cybercrime is Mostly Boring

When law enforcement agencies tout their latest cybercriminal arrest, the defendant is often cast as a bravado outlaw engaged in sophisticated, lucrative, even exciting activity. But new research suggests that as cybercrime has become dominated by pay-for-service offerings, the vast majority of day-to-day activity needed to support these enterprises is in fact mind-numbingly boring and tedious, and that highlighting this reality may be a far more effective way combat cybercrime and steer offenders toward a better path.
29 May 2020

Bank of America Security Incident Affects PPP Applicants

The incident occurred when Paycheck Protection Program applications were uploaded to a test platform and accidentally shared.
29 May 2020

Steganography Anchors Pinpoint Attacks on Industrial Targets

Steganography Anchors Pinpoint Attacks on Industrial Targets Ongoing spear-phishing attacks aim at stolen Windows credentials for ICS suppliers worldwide.
29 May 2020

Abandoned Apps May Pose Security Risk to Mobile Devices

Mobile providers don't often update users when applications are not supported by developers, security firm says.
29 May 2020

Cisco Announces Patches to SaltStack

The patches came after Cisco was notified by the Salt Open Core team that the vulnerabilities and updates were available.
29 May 2020

NTT Communications Data Breach Affects Customers, Threatens Supply Chain

NTT Communications Data Breach Affects Customers, Threatens Supply Chain Attackers managed to compromise NTT Communication’s Active Directory server and a construction information management server.
29 May 2020

NSA Warns of Sandworm Backdoor Attacks on Mail Servers

NSA Warns of Sandworm Backdoor Attacks on Mail Servers The Russian spy group, a.k.a. BlackEnergy, is actively compromising Exim mail servers via a critical security vulnerability.
29 May 2020

Week in security with Tony Anscombe

New ESET research into Turla's malicious toolkit – GDPR turns two – Critical flaw in Android devices

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

29 May 2020

PCI DSS v4.0: Anticipated Timelines and Latest Updates

 

Industry feedback, together with the changes in payments, technology, and security, is driving our approach to PCI DSS v4.0. In discussions with industry stakeholders, we have received a number of questions about PCI DSS v4.0. Below we interview Lauren Holloway, Director, Data Security Standards, who answers some key questions about what is happening with PCI DSS v4.0.

29 May 2020

Digital Distancing with Microsegmentation

Physical distancing has blunted a virus's impact; the same idea can be applied to computers and networks to minimize breaches, attacks, and infections.
29 May 2020

All Links Are Safe ... Right?

Today is a perfect day for a security breach.
29 May 2020

Request for Comments: PIN v3.1 Standard Draft

 

From 29 May 2020 to 30 June 2020, PCI SSC stakeholders can participate in a Request for Comments (RFC) on PIN v3.1 Standard draft.

29 May 2020

‘Hack-For-Hire’ Firms Spoof WHO To Target Google Credentials

‘Hack-For-Hire’ Firms Spoof WHO To Target Google Credentials Google TAG report reveals that "hack for hire" firms are tapping into the coronavirus pandemic via WHO phishing lures.
29 May 2020

Zscaler Buys Edge Networks

The acquisition is Zscaler's second major buy this quarter.
29 May 2020

ACLU Sues Clearview AI Over Faceprint Collection, Sale

ACLU Sues Clearview AI Over Faceprint Collection, Sale Watchdog group said company has violated the Illinois BIPA and ‘will end privacy as we know it’ without intervention.
29 May 2020

NCA launches UK ad campaign to divert kids searching for cybercrime tools

DDoS-for-hire and Trojan-related searches are on the agency’s radar.
29 May 2020

Judge demands Capital One release Mandiant cyberforensic report on data breach

Attorneys suing the company will now have access to the report in preparation for a potential trial.
29 May 2020

GitHub warns Java developers of new malware poisoning NetBeans projects

The malware's end goal was to install a remote access trojan and grant hackers access to highly sensitive workstations were sensitive projects were being developed.
29 May 2020