1. Nmap Online
  2. Cybersecurity News

Cybersecurity News

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

There's an old adage in information security: "Every company gets penetration tested, whether or not they pay someone for the pleasure." Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in. But judging from the proliferation of help-wanted ads for offensive pentesters in the cybercrime underground, today's attackers have exactly zero trouble gaining that initial intrusion: The real challenge seems to be hiring enough people to help everyone profit from the access already gained.
08 October 2020

Scale Up Threat Hunting to Skill Up Analysts

Security operation centers need to move beyond the simplicity of good and bad software to having levels of "badness," as well as better defining what is good. Here's why.
08 October 2020

US Seizes Domain Names Used in Iranian Disinformation Campaign

The US has seized 92 domain names used by Iran's Islamic Revolutionary Guard Corps to spread a worldwide disinformation campaign.
08 October 2020

Cisco Fixes High-Severity Webex, Security Camera Flaws

Cisco Fixes High-Severity Webex, Security Camera Flaws Three high-severity flaws exist in Cisco's Webex video conferencing system, Cisco’s Video Surveillance 8000 Series IP Cameras and Identity Services Engine.
08 October 2020

HEH P2P Botnet Sports Dangerous Wiper Function

HEH P2P Botnet Sports Dangerous Wiper Function The P2P malware is infecting any and all types of endpoints via brute-forcing, with 10 versions targeting desktops, laptops, mobile and IoT devices.
08 October 2020

Google adds password breach alerts to Chrome for Android, iOS

The feature is part of the browser's security improvements that were first built into its desktop version

The post Google adds password breach alerts to Chrome for Android, iOS appeared first on WeLiveSecurity

08 October 2020

US Election-Related Websites Vulnerable to Fraud, Abuse

New research finds the vast majority of reputable news, political, and donor-oriented sites don't use registry locks.
08 October 2020

Kaspersky Researchers Spot Russia-on-Russia Cyber-Espionage Campaign

Steganography-borne malware used to spy on industrial targets in Russia.
08 October 2020

Microsoft Azure Flaws Open Admin Servers to Takeover

Microsoft Azure Flaws Open Admin Servers to Takeover Two flaws in Microsoft's cloud-based Azure App Services could have allowed server-side forgery request (SSFR) and remote code-execution attacks.
08 October 2020

Key Considerations & Best Practices for Establishing a Secure Remote Workforce

Cybersecurity is challenging but not paralyzing, and now is the moment to educate our employees to overcome these challenges.
08 October 2020

Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks

Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks A spike in phishing and malicious websites aimed at defrauding Amazon.com customers aim to make Prime Day a field day for hackers.
08 October 2020

Waterbear malware used in attack wave against government agencies

The loader has been launched against a number of Taiwanese government entities.
08 October 2020

240+ Android apps caught showing out-of-context ads

The malicious applications were showing ads but making them appear as coming from other, legitimate apps.
08 October 2020

Tesla accuses employee of Californian factory sabotage

This is not the first time the company has been targeted by individuals seeking to disrupt operations.
08 October 2020

MontysThree APT Takes Unusual Aim at Industrial Targets

MontysThree APT Takes Unusual Aim at Industrial Targets The newly discovered APT specializes in espionage campaigns against industrial holdings -- a rare target for spyware.
08 October 2020

US seizes Iranian government domains masked as legitimate news outlets

The web of domains was utilized to spread propaganda and disinformation.
08 October 2020

'Bahamut' Threat Group Targets Government & Industry in Middle East

Researchers say the cyber espionage group was involved in several attacks against government officials and businesses in the Middle East and South Asia.
07 October 2020

New 'HEH' Botnet Targets Exposed Telnet Services

Latest threat is one in a growing list of malware developed in the Go programming language.
07 October 2020

Open Source Threat Intelligence Searches for Sustainable Communities

Open Source Threat Intelligence Searches for Sustainable Communities As long as a community is strong, so will be the intelligence it shares on open source feeds. But if that community breaks down ...
07 October 2020

Rare Firmware Rootkit Discovered Targeting Diplomats, NGOs

Second-ever sighting of a firmware exploit in the wild is a grim reminder of the dangers of these mostly invisible attacks.
07 October 2020