Cybersecurity News
My Journey Toward SAP Security
When applications are critical to the business's core functions, the CISO and their staff better get the security right.23 September 2020
Making the Case for Medical Device Cybersecurity
With an increasing number of Internet-connected medical devices in use to manage diabetes, protecting against a variety of wireless network attacks could very well be a matter of life and death.
23 September 2020
Request for Comments: PCI DSS Version 4.0 Draft Standard
From 23 September to 13 November 2020, PCI SSC stakeholders can participate in a Request for Comments (RFC) on a draft of PCI Data Security Standard Version 4.0 (PCI DSS v4.0 Draft v0.2 for RFC). This is the second RFC for the draft of PCI DSS v4.0. The first RFC was held in late 2019, and feedback received during that RFC has been incorporated into the draft.
23 September 2020
179 arrested in massive dark web bust
The sting is said to be the US Government’s largest operation targeting crime in the internet’s seedy underbelly
The post 179 arrested in massive dark web bust appeared first on WeLiveSecurity
23 September 2020
Critical Industrial Flaws Pose Patching Headache For Manufacturers
When it comes to patching critical flaws, industrial firms face various challenges - with some needing to shut down entire factories in order to apply updates.
23 September 2020
CISA: LokiBot Stealer Storms Into a Resurgence
The trojan has seen a big spike in activity since August, the Feds are warning.
23 September 2020
OldGremlin Ransomware Group Bedevils Russian Orgs
The cybercriminal group has plagued firms with ransomware, sent via spear phishing emails with COVID-19 lures, since March.
23 September 2020
FBI, DHS Warn of 'Likely' Disinformation Campaigns About Election Results
Nation-state actors and cybercriminals could wage cyberattacks and spread false information about the integrity of the election results while officials certify the final vote counts.23 September 2020
7 Non-Technical Skills Threat Analysts Should Master to Keep Their Jobs
It's not just technical expertise and certifications that enable analysts to build long-term careers in cybersecurity.23 September 2020
12 Bare-Minimum Benchmarks for AppSec Initiatives
The newly published Building Security in Maturity Model provides the software security basics organizations should cover to keep up with their peers.
23 September 2020
Facebook wipes out Chinese, Filipino misinformation campaigns
Facebook has removed two separate networks flooding the platform with inauthentic content and spam.23 September 2020
Ransomware gang targets Russian businesses in rare coordinated attacks
Group breaks an unofficial rule in the cybercrime underground not to target the former Soviet space.23 September 2020
Shopify discloses security incident caused by two rogue employees
Shopify said two rogue support staffers accessed customer transaction details for less than 200 stores.23 September 2020
Attackers Target Small Manufacturing Firms
The most common tactics include credential stuffing using valid accounts, various forms of deception, and vulnerabilities in third-party software, Rapid7 says in its latest quarterly threat report.22 September 2020
Vulnerability Disclosure Programs See Signups & Payouts Surge
More than $44.75 million in rewards were paid to hackers over the past year, driving total payouts beyond $100 million.22 September 2020
Google deprecates Web Store Payments API, effectively nuking Chrome paid extensions
Move comes after a wave of fraudulent transactions over the winter.22 September 2020
Google Chrome Bugs Open Browsers to Attack
Google's new release of Chrome 85.0.4183.121 for Windows, Mac, and Linux fixes 10 security flaws.
22 September 2020
New Google Search Hacks Push Viruses & Porn
Three incidents demonstrate how cybercriminals leverage the scourge of black-hat search engine optimization to manipulate search results.22 September 2020
Startup Aims to Map and Track All the IT and Security Things
Security service JupiterOne spins off from a healthcare service provider's homegrown technology.22 September 2020
CISA warns of notable increase in LokiBot malware
"CISA has observed a notable increase in the use of LokiBot malware by malicious cyber actors since July 2020."22 September 2020