Cybersecurity News


RedCurl cybercrime group has hacked companies for three years

New hacker group discovered; believed to operate out of Russia.
13 August 2020

Unique Passwords

Make sure each of your accounts has a separate, unique password. Can't remember all of your passwords/passphrases? Consider using a password manager to securely store all of them for you.
13 August 2020

FireEye Announces New Bug-Bounty Program

The program, administered by Bugcrowd, will pay bounties of up to $2,500 per vulnerability.
12 August 2020

Using 'Data for Good' to Control the Pandemic

The tech community should unite to develop and distribute a universal COVID-19 contact-tracing application. Here's why and how.
12 August 2020

Women in Payments: Q&A with Robin Trickel

 

Companies achieve more when a variety of perspectives are represented at the table. In this month’s blog series, Robin Trickel explains why having a culturally different, or non-traditional, background may be the key to success in cybersecurity.

12 August 2020

SANS Security Training Firm Hit with Data Breach

A phishing email allowed an attacker to compromise a SANS employee's email environment, the organization reports.
12 August 2020

Re­VoL­TE attack can decrypt 4G (LTE) calls to eavesdrop on conversations

Academics detail a new attack on 4G encrypted calls. Attack works only when the attacker is on the same base station (mobile tower) as the victim.
12 August 2020

What is the cost of a data breach?

The price tag is higher if the incident exposed customer data or if it was the result of a malicious attack, an annual IBM study finds

The post What is the cost of a data breach? appeared first on WeLiveSecurity

12 August 2020

Name That Toon: 'Rise' and Shine

Name That Toon: 'Rise' and Shine Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
12 August 2020

Citrix Warns of Critical Flaws in XenMobile Server

Citrix Warns of Critical Flaws in XenMobile Server Citrix said that it anticipates malicious actors "will move quickly to exploit" two critical flaws in its mobile device management software.
12 August 2020

Why & Where You Should You Plant Your Flag

Several stories here have highlighted the importance of creating accounts online tied to your various identity, financial and communications services before identity thieves do it for you. This post examines some of the key places where everyone should plant their virtual flags.
12 August 2020

Threats vs. Thrift: Running Effective AppSec During a Global Crisis

By looking at security testing capacity, staff expertise, and risks throughout the software supply chain, application security teams can improve their overall effectiveness.
12 August 2020

Kr00k, KRACK, and the Seams in Wi-Fi, IoT Encryption

Black Hat talk expands on research that uncovered more weaknesses in Wi-Fi chips allowing for the unauthorized decryption of traffic.
12 August 2020

TikTok Surreptitiously Collected Android User Data Using Google-Prohibited Tactic

TikTok Surreptitiously Collected Android User Data Using Google-Prohibited Tactic App concealed the practice of gathering device unique identifiers using an added layer of encryption.
12 August 2020

Adobe tackles critical code execution vulnerabilities in Acrobat, Reader

This month’s security update fixes a variety of critical and important bugs in the software.
12 August 2020

Agent Tesla Spyware Adds Fresh Tricks to Its Arsenal

Agent Tesla Spyware Adds Fresh Tricks to Its Arsenal The RAT is surging in 2020, becoming more prevalent than even the infamous TrickBot or Emotet malware.
11 August 2020

Researchers Trick Facial-Recognition Systems

Goal was to see if computer-generated images that look like one person would get classified as another person.
11 August 2020

Microsoft Patches 120 Vulnerabilities, Two Zero-Days

The August 2020 Patch Tuesday marks the sixth month in a row Microsoft released patches for more than 110 vulnerabilities.
11 August 2020

Two 0-Days Under Active Attack, Among 120 Bugs Patched by Microsoft

Two 0-Days Under Active Attack, Among 120 Bugs Patched by Microsoft One of the two zero-day bugs is rated ‘critical’ and is classified as a remote code-execution bug impacting Microsoft’s Internet Explorer.
11 August 2020

Developers Need More Usable Static Code Scanners to Head Off Security Bugs

As companies "shift left" -- pushing more responsibility for security onto developers -- the tools that are available are falling short, usability researchers say.
11 August 2020