Cybersecurity News
Microsoft Teams Vulnerable to Patch Workaround, Researchers Report
Attackers could work around an earlier patch and use Microsoft Teams Updater to download binaries and payloads.05 August 2020
High-Severity Android RCE Flaw Fixed in August Security Update
Google addressed high-severity and critical flaws tied to 54 CVEs in this month's Android security bulletin.
05 August 2020
NSA shares advice on how to limit location tracking
The intelligence agency warns of location tracking risks and offers tips for how to reduce the amount of data shared
The post NSA shares advice on how to limit location tracking appeared first on WeLiveSecurity
05 August 2020
Microsoft Teams Patch Bypass Allows RCE
An attacker can hide amidst legitimate traffic in the application's update function.
05 August 2020
NSA Warns Smartphones Leak Location Data
The agency known for its own questionable surveillance activity advised how mobile users can limit others’ ability to track where they are.
05 August 2020
Cybersecurity Budget Rose in 2019, Uncertainty Prevails in 2020
Budgets rise as IT complexity continued to challenge companies, with identity and access management technology an increasingly common focus.05 August 2020
Microsoft Paid $13.7M in Bug Bounty Rewards in 2019-2020
The 2019-2020 program year awarded 327 security researchers through 15 bounty programs, with a largest reward of $200,000.05 August 2020
Why Confidential Computing Is a Game Changer
Confidential Computing is a transformational technology that should be part of every enterprise cloud deployment. It's time to start unlocking the possibilities together.05 August 2020
DDoS Attacks Doubled in Q2 Compared with Prior Quarter
Most attacks were small, but the big ones got bigger than ever, Cloudflare says.05 August 2020
A Cyber ‘Vigilante’ is Sabotaging Emotet’s Return
During Black Hat USA 2020, Threatpost talks to Sherrod DeGrippo, with Proofpoint, about Emotet's recent return -and how a cyber vigilante is attempting to thwart the malware's comeback.
05 August 2020
Less Than Half of Security Pros Can Identify Their Organization's Level of Risk
Just 51% work with the business side of the house on risk reduction objectives, new study shows.05 August 2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Coalfire's Gary De Mercurio and Justin Wynn share the details of their physical penetration-testing engagement gone wrong, as well as recommendations for protecting all red teamers.05 August 2020
FBI issues warning over Windows 7 end-of-life
The FBI says companies running Windows 7 systems are now in greater risk of getting hacked due to a lack of security updates.05 August 2020
Cluster of 295 Chrome extensions caught hijacking Google and Bing search results
The malicious Chrome extensions have been installed by more than 80 million users.04 August 2020
Hacker leaks passwords for 900+ enterprise VPN servers
EXCLUSIVE: The list has been shared on a Russian-speaking hacker forum frequented by multiple ransomware gangs.04 August 2020
How Ransomware Threats Are Evolving & How to Spot Them
A series of new reports explains how ransomware attackers are changing techniques and how organizations can spot stealthy criminals.04 August 2020
NetWalker Ransomware Rakes in $29M Since March
The ransomware has surged since moving to a RaaS model.
04 August 2020
New Spin on a Longtime DNS Intel Tool
Domain Name Service database service Farsight Security, the brainchild of DNS expert Paul Vixie, celebrates 10 years with new modern features.04 August 2020
6 Dangerous Defaults Attackers Love (and You Should Know)
Default configurations can be massive vulnerabilities. Here are a half dozen to check on for your network.
04 August 2020
Newsletter WordPress Plugin Opens Door to Site Takeover
An XSS bug and a PHP object-injection vulnerability are present in a plugin used by hundreds of thousands of websites.
04 August 2020