Cybersecurity News
Canon suffers ransomware attack, Maze claims responsibility
Reports based on an internal memo suggest an external security firm has been hired to investigate.07 August 2020
Magecart group uses homoglyph attacks to fool you into visiting malicious websites
A new campaign is utilizing the Inter kit and favicons to hide skimming activities.07 August 2020
Small and medium‑sized businesses: Big targets for ransomware attacks
Why are SMBs a target for ransomware-wielding gangs and what can they do to protect themselves against cyber-extortion?
The post Small and medium‑sized businesses: Big targets for ransomware attacks appeared first on WeLiveSecurity
07 August 2020
Black Hat 2020: Influence Campaigns Are a Cybersecurity Problem
An inside look at how nation-states use social media to influence, confuse and divide -- and why cybersecurity researchers should be involved.
06 August 2020
Getting to the Root: How Researchers Identify Zero-Days in the Wild
Google Project Zero researcher Maddie Stone explains the importance of identifying flaws exploited in the wild and techniques used to do it.06 August 2020
Researchers Create New Framework to Evaluate User Security Awareness
Approaches based on questionnaires and self-evaluation are not always a good indicator of how well a user can mitigate social engineering threats.06 August 2020
A Mix of Optimism and Pessimism for Security of the 2020 Election
DHS CISA's Christopher Krebs and Georgetown University's Matt Blaze at Black Hat USA give the lowdown on where things stand and what still needs to happen to protect the integrity of November's election.06 August 2020
Black Hat: Hackers are using skeleton keys to target chip vendors
Operation Chimera focuses on the theft of valuable intellectual property and semiconductor designs.06 August 2020
Where Dark Reading Goes Next
Dark Reading Editor-in-Chief gives a complete rundown of all the Dark Reading projects you might not even know about, his insight into the future of the security industry, and how we plan to cover it.06 August 2020
Black Hat 2020: Mercedes-Benz E-Series Rife with 19 Bugs
Researchers went into detail about the discovery and disclosure of 19 security flaws they found in Mercedes-Benz vehicles, which have all been fixed.
06 August 2020
On 'Invisible Salamanders' and Insecure Messages
Cornell researcher Paul Grubbs discusses how vulnerabilities found in Facebook Messenger encryption could mean trouble for your secure messages.06 August 2020
Exploiting Google Cloud Platform With Ease
Security engineer Dylan Ayrey and Cruise senior infrastructure security engineer Allison Donovan describe fundamental weaknesses in GCP identity management that enable privilege escalation and lateral movement.06 August 2020
Office 365's Vast Attack Surface & All the Ways You Don't Know You're Being Exploited Through It
Mandiant incident response managers Josh Madeley and Doug Bienstock describe how thoroughly Microsoft 365 (formerly known as Office 365) extends into corporate networks, describe both sophisticated and simple attacks they've detected, and suggest mitigations as businesses rely more heavily on the cloud.06 August 2020
Information Operations Spotlighted at Black Hat as Election Worries Rise
From Russia's "best-in-class" efforts at widening social divides in Western democracies to China's blunt attacks on dissidents, information operations are becoming a greater threat, says a Stanford researcher.06 August 2020
Canon Admits Ransomware Attack in Employee Note, Report
The consumer-electronics giant has suffered partial outages across its U.S. website and internal systems, reportedly thanks to the Maze gang.
06 August 2020
OpenText Blends Security, Data Protection for Greater Cyber Resilience
SPONSORED CONTENT: Infosec professionals are taking advantage of technology hybrids to keep users, data, and their networks more safe, according to Hal Lonas of OpenText's Webroot division. And they're also finding new ways to use artificial intelligence and machine learning to improve security management and reduce risk.06 August 2020
Why Satellite Communication Eavesdropping Will Remain A Problem
Oxford PhD candidate James Pavur shows that SATCOM security has still made no progress since previous Black Hat disclosures, and discusses the physical and economic limitations that slow make it unlikely to improve anytime soon.06 August 2020
Beyond KrØØk: Even more Wi‑Fi chips vulnerable to eavesdropping
At Black Hat USA 2020, ESET researchers delved into details about the KrØØk vulnerability in Wi-Fi chips and revealed that similar bugs affect more chip brands than previously thought
The post Beyond KrØØk: Even more Wi‑Fi chips vulnerable to eavesdropping appeared first on WeLiveSecurity
06 August 2020
Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims
A group of thieves thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts gathered personal data on people and businesses they were impersonating by leveraging several compromised accounts at a little-known U.S. consumer data broker, KrebsOnSecurity has learned.06 August 2020
Using IoT Botnets to Manipulate the Energy Market
Tohid Shekari, phD candidate at Georgia Tech, talks about the session that he and Georgia Tech professor Raheem Beyah gave about a stealthy and adaptable way to use IoT botnets for financial gain or market downfall.06 August 2020