Cybersecurity News
CISA Emergency Directive Orders Immediate Fix of Windows DNS Server Bug
An emergency directive orders some federal agencies to apply Microsoft’s patch for a critical DNS vulnerability by Friday, July 17 at 2 p.m. (ET).
Week in security with Tony Anscombe
Trojanized cryptocurrency trading apps targeting Mac users – An Android chat app turns out to be spyware – Twitter sustains a massive hack
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Cloud provider stopped ransomware attack but had to pay ransom demand anyway
BlackBaud said it had to pay a ransom demand to ensure hackers would delete data they stole from its network.Cisco releases security fixes for critical VPN, router vulnerabilities
The worst bugs can be exploited for remote code execution and privilege escalation attacks.Google says a bug is erroneously showing security alerts for TiVO devices
TiVO streaming dongle owners are getting a security alert when linking their Google account to their device.8 Signs of a Smartphone Hack
A rapidly dwindling battery life or sudden spike in data usage could indicate your iOS or Android device has been compromised.
Who’s Behind Wednesday’s Epic Twitter Hack?
Twitter was thrown into chaos on Wednesday after accounts for some of the world's most recognizable public figures, executives and celebrities starting tweeting out links to bitcoin scams. Twitter says the attack happened because someone tricked or coerced an employee into providing access to internal Twitter administrative tools. This post is an attempt to lay out some of the timeline of this attack, and point to clues about who may have been behind it.DHS CISA tells government agencies to patch Windows Server DNS bug within 24h
CISA cites "likelihood of the vulnerability being exploited" and widespread use of Windows Server as primary reason for today's rare measure.Major Flaws Open the Edge to Attack
Attackers are using critical exploits for flaws in VPN appliances, app-delivery services, and other network-edge hardware and software to punch through corporate perimeters. What can companies do?Enterprise Data Security: It’s Time to Flip the Established Approach
Companies should forget about auditing where data resides and who has access to it.
Twitter: No evidence hackers accessed user passwords
Social network has no plans to reset user passwords after yesterday's massive hack that spread a Bitcoin scam on the platform.EU Court Ruling Means New Global Protections for EU Customer Data
The ruling in a case involving Facebook means that international companies must provide EU-level privacy controls for EU-generated data no matter where it's stored or transferred.Twitter Attack Raises Concerns Over its Internal Controls
Attackers temporarily gained control of the accounts of Joe Biden, Barack Obama, Bill Gates, and others, to tweet a bitcoin scam.Hackers Look to Steal COVID-19 Vaccine Research
The Russia-linked APT29 has set its sights on pharma research in Western nations in a likely attempt to get ahead on a cure for coronavirus.
Cybersecurity Leaders: Invest In Your People
Training, especially cross-training, is insanely powerful when team members are able to experience, train, and work together. It also builds trust.Russian Cyberattacks Target COVID-19 Research, Vaccine Development
Government agencies in the US, UK, and Canada report Russian group Cozy Bear is targeting organizations developing coronavirus vaccines.Diebold Nixdorf warns of a new class of ATM 'black box' attacks across Europe
New ATM black box (jackpotting) attacks have been spotted in Belgium.Zoom Addresses Vanity URL Zero-Day
An attacker could pose as a company employee, invite customers or partners to meetings, then use socially engineered conversation to extract sensitive information.
Spanish deputy PM urges investigation into Catalan spyware claims
Exclusive: Pablo Iglesias calls alleged targeting of independence movement figures unacceptable
The Spanish deputy prime minister Pablo Iglesias has become the most senior political figure to call for a parliamentary investigation into the use of spyware to target prominent members of the Catalan independence movement, saying such practices are “unacceptable in a democracy”.
A joint investigation this week by the Guardian and El País has revealed that Roger Torrent, the speaker of the Catalan parliament, and former regional foreign minister Ernest Maragall are among at least four pro-independence activists who have been targeted using Israeli spyware that its makers said is sold only to governments.
Continue reading...High‑profile Twitter accounts hacked to promote Bitcoin scam
Tech titans and prominent politicians among victims of a sprawling hack that Twitter says leveraged its internal tools
The post High‑profile Twitter accounts hacked to promote Bitcoin scam appeared first on WeLiveSecurity