Cybersecurity News


My Journey Toward SAP Security

When applications are critical to the business's core functions, the CISO and their staff better get the security right.
23 September 2020

Making the Case for Medical Device Cybersecurity

Making the Case for Medical Device Cybersecurity With an increasing number of Internet-connected medical devices in use to manage diabetes, protecting against a variety of wireless network attacks could very well be a matter of life and death.
23 September 2020

Request for Comments: PCI DSS Version 4.0 Draft Standard

 

From 23 September to 13 November 2020, PCI SSC stakeholders can participate in a Request for Comments (RFC) on a draft of PCI Data Security Standard Version 4.0 (PCI DSS v4.0 Draft v0.2 for RFC). This is the second RFC for the draft of PCI DSS v4.0. The first RFC was held in late 2019, and feedback received during that RFC has been incorporated into the draft.

23 September 2020

179 arrested in massive dark web bust

The sting is said to be the US Government’s largest operation targeting crime in the internet’s seedy underbelly

The post 179 arrested in massive dark web bust appeared first on WeLiveSecurity

23 September 2020

Critical Industrial Flaws Pose Patching Headache For Manufacturers

Critical Industrial Flaws Pose Patching Headache For Manufacturers When it comes to patching critical flaws, industrial firms face various challenges - with some needing to shut down entire factories in order to apply updates.
23 September 2020

CISA: LokiBot Stealer Storms Into a Resurgence

CISA: LokiBot Stealer Storms Into a Resurgence The trojan has seen a big spike in activity since August, the Feds are warning.
23 September 2020

OldGremlin Ransomware Group Bedevils Russian Orgs

OldGremlin Ransomware Group Bedevils Russian Orgs The cybercriminal group has plagued firms with ransomware, sent via spear phishing emails with COVID-19 lures, since March.
23 September 2020

FBI, DHS Warn of 'Likely' Disinformation Campaigns About Election Results

Nation-state actors and cybercriminals could wage cyberattacks and spread false information about the integrity of the election results while officials certify the final vote counts.
23 September 2020

7 Non-Technical Skills Threat Analysts Should Master to Keep Their Jobs

It's not just technical expertise and certifications that enable analysts to build long-term careers in cybersecurity.
23 September 2020

12 Bare-Minimum Benchmarks for AppSec Initiatives

12 Bare-Minimum Benchmarks for AppSec Initiatives The newly published Building Security in Maturity Model provides the software security basics organizations should cover to keep up with their peers.
23 September 2020

Facebook wipes out Chinese, Filipino misinformation campaigns

Facebook has removed two separate networks flooding the platform with inauthentic content and spam.
23 September 2020

Ransomware gang targets Russian businesses in rare coordinated attacks

Group breaks an unofficial rule in the cybercrime underground not to target the former Soviet space.
23 September 2020

Shopify discloses security incident caused by two rogue employees

Shopify said two rogue support staffers accessed customer transaction details for less than 200 stores.
23 September 2020

Attackers Target Small Manufacturing Firms

The most common tactics include credential stuffing using valid accounts, various forms of deception, and vulnerabilities in third-party software, Rapid7 says in its latest quarterly threat report.
22 September 2020

Vulnerability Disclosure Programs See Signups & Payouts Surge

More than $44.75 million in rewards were paid to hackers over the past year, driving total payouts beyond $100 million.
22 September 2020

Google deprecates Web Store Payments API, effectively nuking Chrome paid extensions

Move comes after a wave of fraudulent transactions over the winter.
22 September 2020

Google Chrome Bugs Open Browsers to Attack

Google Chrome Bugs Open Browsers to Attack Google's new release of Chrome 85.0.4183.121 for Windows, Mac, and Linux fixes 10 security flaws.
22 September 2020

New Google Search Hacks Push Viruses & Porn

Three incidents demonstrate how cybercriminals leverage the scourge of black-hat search engine optimization to manipulate search results.
22 September 2020

Startup Aims to Map and Track All the IT and Security Things

Security service JupiterOne spins off from a healthcare service provider's homegrown technology.
22 September 2020

CISA warns of notable increase in LokiBot malware

"CISA has observed a notable increase in the use of LokiBot malware by malicious cyber actors since July 2020."
22 September 2020