Cybersecurity News
'Transparent Tribe' APT Group Deploys New Android Spyware for Cyber Espionage
The group, which has been around since at least 2013, has impacted thousands of organizations, mostly in India.26 August 2020
Higher Education CISOs Share COVID-19 Response Stories
Security leaders from Stanford, Ohio State, and the University of Chicago share challenges and response tactics from the COVID-19 pandemic.26 August 2020
US Warns of Ongoing BeagleBoyz Bank-Theft Operations
The North Korean operatives have attempted to steal more than $2 billion since 2015 in a series of ongoing campaigns.26 August 2020
Twitter botnet quoting Dracula book caught pushing pro-Chinese propaganda
Botnet was estimated at around 3,000 bots, before Twitter suspended some accounts this month.26 August 2020
Twitter takes down 'Dracula' botnet pushing pro-Chinese propaganda
Botnet was estimated at around 3,000 bots, before accounts were suspended or restricted last week.26 August 2020
Cisco Patches ‘High-Severity’ Bugs Impacting Switches, Fibre Storage
Nine bugs were patched, eight of which are rated ‘high’ severity.
26 August 2020
6 Signs Your Supply Chain Risk Just Shot Up
Risk levels are not steady states. Here are six indications that the danger posed by your supply chain is headed in the wrong direction.
26 August 2020
6 Signs Your Supply Chain Risk Just Shot Up
Risk levels are not steady states. Here are six indications that the danger posed by your supply chain is headed in the wrong direction.
26 August 2020
Confessions of an ID Theft Kingpin, Part I
At the height of his cybercriminal career, the hacker known as "Hieupc" was earning $125,000 a month running a bustling identity theft service that siphoned consumer dossiers from some of the world's top data brokers. That is, until his greed and ambition played straight into an elaborate snare set by the U.S. Secret Service. Now, after more than seven years in prison Hieupc is back in his home country and hoping to convince other would-be cybercrooks to use their computer skills for good.26 August 2020
A quarter of the Alexa Top 10K websites are using browser fingerprinting scripts
Academics also discover many new previously unreported JavaScript APIs that are currently being used to fingerprint users.26 August 2020
The 'Shared Responsibility' Misnomer: Why the Cloud Continues to Confound
Under the "shared responsibility model," the security management of cloud offerings is split equally between the vendor and the customer. Easy enough, right?26 August 2020
Russian National Arrested for Conspiracy to Hack Nevada Company
The defendant allegedly planned to pay an employee $1 million to infect the company network with malware.26 August 2020
Hackers Exploit Autodesk Flaw in Recent Cyberespionage Attack
The popular Autodesk software was exploited in a recent cyberespionage campaign against an international architectural company.
26 August 2020
New Chrome, Firefox versions fix security bugs, bring productivity features
Chrome gets a new way of managing tabs while Firefox now features a new add-ons blocklist
The post New Chrome, Firefox versions fix security bugs, bring productivity features appeared first on WeLiveSecurity
26 August 2020
Two members of movie piracy group 'Sparks' arrested in Cyprus and the US
Investigators said the group posed as real-world DVD/Blu-Ray retailers to obtain and leak unreleased movies and TV shows.26 August 2020
Disinformation Spurs a Thriving Industry as U.S. Election Looms
Threat actors are becoming increasingly sophisticated in launching disinformation campaigns - and staying under the radar to avoid detection from Facebook, Twitter and other platforms.
26 August 2020
With More Use of Cloud, Passwords Become Even Weaker Link
Slow patching provides vulnerabilities to exploit. A lack of network segmentation allows unrestricted lateral movement. Yet a report surveying a year of penetration tests finds that passwords still top the list of what attackers use to compromise systems.26 August 2020
PCI DSS in Practice Case Study: Cielo
In this PCI DSS in Practice Case Study, Brazil Regional Engagement Board Member Cielo shares the challenge of dealing with legacy systems that did not have adequate controls to meet PCI DSS. The company recognized that training employees on security awareness and the support of senior management were essential to address these challenges.
26 August 2020
Deep Fake: Setting the Stage for Next-Gen Social Engineering
Humans are susceptible to normalcy bias, which may leave us vulnerable to disinformation that reinforces our beliefs.26 August 2020
Medical Data Leaked on GitHub Due to Developer Errors
Up to 200,000 patient records from Office 365 and Google G Suite exposed by hardcoded credentials and other improper access controls.
26 August 2020
