Cybersecurity News
Zeus Sphinx revamped as coronavirus relief payment attack wave continues
The financial malware has been upgraded with new C2 setups and encryption keys.11 May 2020
Data leak, phishing security flaws disclosed in Oracle iPlanet Web Server
Security patches will not be issued to fix the problems.11 May 2020
Potential data breach reported at hard-hit Ontario long-term care home
By William Knowles @c4i Senior Editor InfoSec News May 11, 2020 Ontario’s Minister of Long-term Care Dr. Merrilee Fullerton reported a potential data breach at a Pickering, Ontario long-term care home on Saturday evening on Twitter. “I’m learning of disturbing news out of Pickering’s Orchard Villa LTC home. There is a possibility of a significant privacy breach […]11 May 2020
Microsoft and Intel project converts malware into images before analyzing it
Microsoft and Intel Labs work on STAMINA, a new deep learning approach for detecting and classifying malware.10 May 2020
Microsoft adds protection against Reply-All email storms in Office 365
Redmond adds protection against massive "Reply-All" email storms after suffering two internal incidents in 2019 and 2020.09 May 2020
A hacker group is selling more than 73 million user records on the dark web
Hacker group "ShinyHunters" is selling the data of 10 companies on a dark web cybercrime marketplace.09 May 2020
DEF CON 28 in-person conference is CANCELLED
By William Knowles @c4i Senior Editor InfoSec News May 8, 2020 (Via Jeff Moss / The Dark Tangent) Why? It is not safe for people to gather in large groups for conferences, sports ball events, or clubbing now or in the foreseeable future this year. To commemorate this (hopefully) once in a lifetime event we, […]09 May 2020
Black Hat and DEF CON security conferences to take place in a virtual format
"Defcon is canceled" meme becomes reality.08 May 2020
US Marshals Service exposed prisoner details in security breach
Security breach took place in December 2019 and was discovered by the DOJ's JSOC team.08 May 2020
Companies Struggle for Effective Cybersecurity
The money companies are spending on cybersecurity tools doesn't necessarily result in better security, a new survey shows.08 May 2020
Digital Ocean says it exposed customer data after it left an internal document online
Digital Ocean says no customer servers were accessed following this security lapse.08 May 2020
Black Hat USA, DEF CON 28 Go Virtual
Due to the coronavirus pandemic, there will be no in-person Black Hat USA or DEF CON conferences this year.
08 May 2020
Planning Ahead for a Secure SAP S/4HANA Migration
Experts say that the pressure to move to SAP's next-gen platform can be a big opportunity to move the needle on ERP cybersecurity.08 May 2020
As Remote Work Becomes the Norm, Security Fight Moves to Cloud, Endpoints
A majority of firms expect to keep more employees working remotely post-pandemic, forcing businesses to undertake more comprehensive digital and cloud transformations.08 May 2020
Cognizant expects to lose between $50m and $70m following ransomware attack
Cognizant says April ransomware incident will negatively impact Q2 revenue.08 May 2020
Hackers Breach 3.5 Million MobiFriends Dating App Credentials
The emails, hashed passwords and usernames of 3.5 million users of the dating app MobiFriends were put up for sale on an underground forum.
08 May 2020
DocuSign Phishing Campaign Uses COVID-19 as Bait
The newly discovered campaign lures victims with a supposed file concerning the coronavirus pandemic.08 May 2020
Report: Microsoft’s GitHub Account Gets Hacked
The Shiny Hunters hacking group said it stole 500 GB of data from the tech giant’s repositories on the developer platform, which it owns.
08 May 2020
Why DevSecOps Is Critical for Containers and Kubernetes
DevSecOps is a big and sometimes difficult shift for organizations. The key to success? Take small steps.08 May 2020
Podcast: Shifting Cloud Security Left With Infrastructure-as-Code
Companies are looking to "shift left" with Infrastructure-as-Code (IaC) security capabilities to improve developer productivity, avoid misconfigurations and prevent policy violations.
08 May 2020