---

Cisco patches incoming to address Kr00k vulnerability impacting routers, firewall products

There are no workarounds for the Wi-Fi communications bug.

---

US government authorities fail to train employees on ransomware detection, prevention

New research suggests that the majority of state and local governments are not rising to the challenge of mitigating ransomware threats.

---

Did someone file your taxes before you?

With tax season – and tax scams – in full swing, here’s how fraudsters can steal your tax refund, and how you can avoid becoming a victim

The post Did someone file your taxes before you? appeared first on WeLiveSecurity

---

Android malware can steal Google Authenticator 2FA codes

A new version of the "Cerberus" Android banking trojan will be able to steal one-time codes generated by the Google Authenticator app and bypass 2FA-protected accounts.

---

'Cloud Snooper' Attack Circumvents AWS Firewall Controls

Possible nation-state supply chain attack acts like a "wolf in sheep's clothing," Sophos says.

---

State of Cybersecurity Incident Response

Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.

---

Got Backups?

Eventually, we all have an accident or get hacked. And when we do, backups are often the only way to recover. Backups are cheap and easy; make sure you are backing up all of your personal information at home (such as family photos) on a regular basis.

---

Billions of Devices Open to Wi-Fi Eavesdropping Attacks

The Kr00k bug arises from an all-zero encryption key in Wi-Fi chips that reveals communications from devices from Amazon, Apple, Google, Samsung and others.

---

RSAC 2020: Smart Baby Monitor Vulnerable to Remote Hackers

A popular baby monitor has been found riddled with vulnerabilities that give attackers full access to personal information and sensitive video footage.

---

Tufin: How to Make Better Sense of the Cloud Security Equation

CEO Reuven Harrison examines how cloud services have changed how enterprises manage their apps and data, and also offers some tips for security pros tasked with managing either hybrid- or multi-cloud implementations. Harrison also takes on Kubernetes and container security in this News Desk interview.

---

RSAC 2020: Lack of Machine Learning Laws Open Doors To Attacks

When it comes to machine learning, research and cybercriminal activity is full speed ahead - but legal policy has not yet caught up.

---

How Should I Answer a Nontech Exec Who Asks, 'How Secure Are We?'

Consider this your opportunity to educate.

---

US State Dept. Shares Insider Tips to Fight Insider Threats

The insider threat is a technology, security, and personnel issue, officials said in explaining an approach that addresses all three factors.

---

Six suspected drug dealers went free after police lost evidence in ransomware attack

Seventh incident of its kind when police investigations were impacted by a ransomware infection.

---

Sophos Boosts Threat Hunting, Managed Detection and Response Capabilities

JJ Thompson, senior director of managed threat response for Sophos digs deep into how organizations can start to make sense of the seemingly unlimited data that's available from endpoints, cloud, and on-premises networks. And that's a critical capability as attacker behaviors start to change.

---

Elastic Security Makes Case For Blending 'Human Element,' Election Security

Nate Fick, general manager of Elastic and former CEO of Endgame, talks about the impact of AI and machine learning on security professionals, and how what technologies can be tapped to improve security in the runup to November's election.

---

How to Prevent an AWS Cloud Bucket Data Leak

Misconfigured AWS buckets have led to huge data breaches. Following a handful of practices will help keep you from becoming the next news story.

---

How to Prevent a AWS Cloud Bucket Data Leak

Misconfigured AWS buckets have led to huge data breaches. Following a handful of practices will help keep you from becoming the next news story.

---

Commonsense Security: Leveraging Dialogue & Collaboration for Better Decisions

Sometimes, good old-fashioned tools can help an enterprise create a cost-effective risk management strategy.

---

Is bug hunting a viable career choice?

With earnings of top ethical hackers surpassing hundreds of thousands of dollars, some would say yes

The post Is bug hunting a viable career choice? appeared first on WeLiveSecurity