Cybersecurity News
Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims
A group of thieves thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts gathered personal data on people and businesses they were impersonating by leveraging several compromised accounts at a little-known U.S. consumer data broker, KrebsOnSecurity has learned.06 August 2020
Using IoT Botnets to Manipulate the Energy Market
Tohid Shekari, phD candidate at Georgia Tech, talks about the session that he and Georgia Tech professor Raheem Beyah gave about a stealthy and adaptable way to use IoT botnets for financial gain or market downfall.06 August 2020
Black Hat 2020: Satellite Comms Globally Open to $300 Eavesdropping Hack
Attackers can listen in on internet traffic for high-value targets a continent away, like shipping fleets and oil installations, using some basic home-television gear.
06 August 2020
Broadcom: Staying Safe with WastedLocker Ransomware Variant on the Prowl
SPONSORED CONTENT: Stealthier and more patient than some predecessors, WastedLocker lingers surreptitiously for as long as it needs to for maximum payoff, says Jon DiMaggio with Broadcom's Symantec division. He explains how Windows servers are at a different risk level than their open-source counterparts, and how WastedLocker identifies "valuable" targets.06 August 2020
Intel investigating breach after 20GB of internal documents leak online
Leak confirmed to be authentic. Many files are marked "confidential" or "restricted secret."06 August 2020
The Long Shadow of Stuxnet: New Microsoft Print Spooler Vulns Revealed
Researchers Peleg Hader and Tomer Bar of SafeBreach share details of the three vulnerabilities they found in Windows Print Spooler that could allow an attacker to sneak into the network through an old printer service mechanism.06 August 2020
Remotely Hacking Operations Technology Systems
Marco Balduzzi senior research scientist with Trend Micro, tells us how the often-overlooked ICS protocol gateways contain serious vulnerabilities that allow attackers to hack OT systems remotely.06 August 2020
New Windows Print Spooler Zero-Day Flaws Harken Back to Stuxnet
Researchers find new flaws in the ubiquitous decades-old printer software in Windows, including one that bypasses a recent Microsoft patch.06 August 2020
Platform Security: Intel Pushes to Reduce Supply Chain Attacks
SPONSORED CONTENT: Attacks on supply chains involve lots of players and companies, not to mention an exponential amount of data for the stealing, notes Intel's Tom Garrison. Notoriously difficult to detect and mitigate, Garrison discusses new approaches to securing an individual company's computing platforms, including Compute Lifecycle Assurance.06 August 2020
Black Hat: Entropy - the solution to malvertising and malspam?
A researcher explores how entropy could be used to flag suspicious images and documents hiding malicious secrets.06 August 2020
Counting for Good: Hardware Counters Un-mask Malware
Nick Gregory, research scientist at Capsule8, talks about his session with Capsule8 data scientist Harini Kannan, "Uncommon Sense: Detecting Exploits With Novel Hardware Performance Counters and Machine Learning Magic."06 August 2020
2019 Breach Leads to $80 Million Fine for Capital One
The fine is part of a series of steps required by the Office of the Comptroller of the Currency.06 August 2020
Four Rules and Three Tools to Protect Against Fake SaaS Apps
Here's how to blunt the twinned forces of shadow IT and counterfeit apps and keep your data safe.06 August 2020
A Real-World Tool for Organizing, Integrating Your Other Tools
Omdia Cybersecurity Accelerator analyst Eric Parizo describes the value overwhelmed security managers may find in a SPIF.06 August 2020
Capital One fined $80 million for 2019 hack
Office of the Comptroller of the Currency imposes mammoth fine for the bank's failure to secure its data in the cloud.06 August 2020
Energy Market Manipulation with High-Wattage IoT Botnets
Attackers that can compromise enough products such as smart ACs and heaters can tweak power demand in subtle ways for financial gain or to hurt market players, researchers at Black Hat say.06 August 2020
Ripple20: More Vulnerable Devices Identified
Security researchers find 34 additional vendors, and 47 devices, affected by the widespread Ripple20 vulnerabilities.06 August 2020
High-Severity Cisco DoS Flaw Plagues Small-Business Switches
Cisco recently patched the high-severity flaw, which could allow remote, unauthenticated attackers to launch DoS attacks against its popular small business switches.
06 August 2020
Blackbaud data breach: What you should know
Here’s what to be aware of if your personal data was compromised in the breach at the cloud software provider
The post Blackbaud data breach: What you should know appeared first on WeLiveSecurity
06 August 2020
3 Tips For Better Security Across the Software Supply Chain
It may sound look intimidating, but with a few tweaks to tools and processes already in use, it's not hard to get a head start on improving security posture of the software supply chain.06 August 2020