Cybersecurity News
Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work
There's an old adage in information security: "Every company gets penetration tested, whether or not they pay someone for the pleasure." Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in. But judging from the proliferation of help-wanted ads for offensive pentesters in the cybercrime underground, today's attackers have exactly zero trouble gaining that initial intrusion: The real challenge seems to be hiring enough people to help everyone profit from the access already gained.08 October 2020
Scale Up Threat Hunting to Skill Up Analysts
Security operation centers need to move beyond the simplicity of good and bad software to having levels of "badness," as well as better defining what is good. Here's why.08 October 2020
US Seizes Domain Names Used in Iranian Disinformation Campaign
The US has seized 92 domain names used by Iran's Islamic Revolutionary Guard Corps to spread a worldwide disinformation campaign.08 October 2020
Cisco Fixes High-Severity Webex, Security Camera Flaws

08 October 2020
HEH P2P Botnet Sports Dangerous Wiper Function

08 October 2020
Google adds password breach alerts to Chrome for Android, iOS
The feature is part of the browser's security improvements that were first built into its desktop version
The post Google adds password breach alerts to Chrome for Android, iOS appeared first on WeLiveSecurity
08 October 2020
US Election-Related Websites Vulnerable to Fraud, Abuse
New research finds the vast majority of reputable news, political, and donor-oriented sites don't use registry locks.08 October 2020
Kaspersky Researchers Spot Russia-on-Russia Cyber-Espionage Campaign
Steganography-borne malware used to spy on industrial targets in Russia.08 October 2020
Microsoft Azure Flaws Open Admin Servers to Takeover

08 October 2020
Key Considerations & Best Practices for Establishing a Secure Remote Workforce
Cybersecurity is challenging but not paralyzing, and now is the moment to educate our employees to overcome these challenges.08 October 2020
Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks

08 October 2020
Waterbear malware used in attack wave against government agencies
The loader has been launched against a number of Taiwanese government entities.08 October 2020
240+ Android apps caught showing out-of-context ads
The malicious applications were showing ads but making them appear as coming from other, legitimate apps.08 October 2020
Tesla accuses employee of Californian factory sabotage
This is not the first time the company has been targeted by individuals seeking to disrupt operations.08 October 2020
MontysThree APT Takes Unusual Aim at Industrial Targets

08 October 2020
US seizes Iranian government domains masked as legitimate news outlets
The web of domains was utilized to spread propaganda and disinformation.08 October 2020
'Bahamut' Threat Group Targets Government & Industry in Middle East
Researchers say the cyber espionage group was involved in several attacks against government officials and businesses in the Middle East and South Asia.07 October 2020
New 'HEH' Botnet Targets Exposed Telnet Services
Latest threat is one in a growing list of malware developed in the Go programming language.07 October 2020
Open Source Threat Intelligence Searches for Sustainable Communities

07 October 2020
Rare Firmware Rootkit Discovered Targeting Diplomats, NGOs
Second-ever sighting of a firmware exploit in the wild is a grim reminder of the dangers of these mostly invisible attacks.07 October 2020