Cybersecurity News
MFA Mistakes: 6 Ways to Screw Up Multifactor Authentication
Fearful of messing up its implementation, many enterprises are still holding out on MFA. Here's what they need to know.
20 August 2020
Google fixes major Gmail bug seven hours after exploit details go public
Attackers could have sent spoofed emails mimicking any Gmail or G Suite customer.20 August 2020
Black Hat USA 2020 Musings: Weird and Wonderful Virtual Events are Here to Stay
Black Hat USA 2020 was nothing like an in-person event, but it was incredibly useful for all involved, providing even the most grizzled industry veterans with fresh perspectives.20 August 2020
Senate Bill Would Expand Facial-Recognition Restrictions Nationwide
The proposed law comes as police departments around the country for their use of facial recognition to identify allegedly violent Black Lives Matter protesters.
20 August 2020
Black Hat USA 2020 Recap: Experts Discuss Election Security Questions, but Offer Few Answers
The U.S. election in November is once again expected to be a target of digital adversaries. Experts at Black Hat USA 2020 highlighted the many election security questions authorities must address.20 August 2020
Banks and the New Abnormal
Banks have hesitated to adopt many strong security practices, and for understandable reasons. But now is the time to be bold.20 August 2020
Cisco Critical Flaw Patched in WAN Software Solution
Cisco has issued a fix for a critical flaw in its Virtual Wide Area Application Services (vWAAS), software for optimizing WAN on virtual private cloud infrastructure.
20 August 2020
Transparent Tribe APT targets government, military by infecting USB devices
The hacking group is focused on campaigns in India and Afghanistan.20 August 2020
IBM AI-Powered Data Management Software Subject to Simple Exploit
A low-privileged process on a vulnerable machine could allow data harvesting and DoS.
20 August 2020
Bug bounty platform ZDI awarded $25m to researchers over the past 15 years
Bug bounty platform pioneer Zero-Day Initiative (ZDI) is celebrating its 15-year-old birthday this year.20 August 2020
Working from home causes surge in security breaches, staff 'oblivious' to best practices
The coronavirus pandemic is thought to be at the heart of a rise in security incidents this year.20 August 2020
Experian South Africa discloses data breach impacting 24 million customers
Experian said the attacker was identified and its data deleted from the fraudster's devices.19 August 2020
10 Resume and Interview Tips from Security Pros
Experts from the DEF CON Career Hacking Village explain how job seekers can build a resume and rock an interview.
19 August 2020
Fuzzing Services Help Push Technology into DevOps Pipeline
As part of a continuous testing approach, fuzzing has evolved to provide in-depth code checks for unknown vulnerabilities before deployment.19 August 2020
Researchers Warn of Flaw Affecting Millions of IoT Devices
A patch has been issued for the flaw in a widely-used module, and researchers are urging IoT manufacturers to update their devices ASAP.
19 August 2020
FritzFrog Botnet Attacks Millions of SSH Servers
The unique, advanced worming P2P botnet drops backdoors and cryptominers, and is spreading globally.
19 August 2020
CISA warns of BLINDINGCAN, a new strain of North Korean malware
Malware was used in a series of attacks targeting the US defense and aerospace sectors.19 August 2020
Sophisticated P2P Botnet Targeting SSH Servers
'FritzFrog' is fileless, uses its own proprietary P2P implementation, and has breached at least 500 servers so far, Guardicore says.19 August 2020
CISA Warns of New RAT Aimed at US Defense Contractors
Hidden Cobra, an APT group associated with the government of North Korea, is thought to be behind the campaign.19 August 2020
Newly Patched Alexa Flaws a Red Flag for Home Workers
Alexa could serve as an entry point to home and corporate networks. Security experts point to the need for manufacturers to work closely with enterprise security teams to spot and shut down IoT device flaws.19 August 2020