Cybersecurity News
Cyber Resilience Benchmarks 2020
Here are four things that separate the leaders from the laggards when fighting cyber threats.19 March 2020
TA505 Targets HR Departments with Poisoned CVs
Infamous cybercrime organization spotted in attacks that employ legitimate software -- and Google Drive.19 March 2020
Cisco tackles root privilege vulnerability in SD-WAN software
Three vulnerabilities have been patched in SD-WAN, two of which can lead to root privilege escalation.19 March 2020
Quantifying Cyber Risk: Why You Must & Where to Start
Quantifying cybersecurity risks can be a critical step in understanding those risks and getting executive support to address them.
19 March 2020
This cryptocurrency miner uses unique, stealthy tactics to hide from prying eyes
A combination of botnet and cryptominer has been utilizing new obfuscation techniques never before made public.19 March 2020
Stantinko’s new cryptominer features unique obfuscation techniques
ESET researchers bring to light unique obfuscation techniques discovered in the course of analyzing a new cryptomining module distributed by the Stantinko group’s botnet
The post Stantinko’s new cryptominer features unique obfuscation techniques appeared first on WeLiveSecurity
19 March 2020
France warns of new ransomware gang targeting local governments
CERT France says some local governments have been infected with a new version of the Pysa (Mespinoza) ransomware.19 March 2020
Firefox to remove support for the FTP protocol
Mozilla: "We're doing this for security reasons. FTP is an insecure protocol."18 March 2020
Skimmer May Have Put NutriBullet Customers' Card Data at Risk for Nearly a Month
Blender maker is the latest victim of Magecart.18 March 2020
WordPress, Apache Struts Attract the Most Bug Exploits
An analysis found these web frameworks to be the most-targeted by cybercriminals in 2019.
18 March 2020
Azure Red Flag: Microsoft Accidentally Fixes Cloud Config ‘Bug’
Researchers detail a misconfiguration in Microsoft’s Azure cloud platform that could have given hackers carte blanche access to a targeted company's cloud services.
18 March 2020
Process Injection Tops Attacker Techniques for 2019
Attackers commonly use remote administration and network management tools for lateral movement, a new pool of threat data shows.18 March 2020
500,000 Documents Exposed in Open S3 Bucket Incident
The open database exposed highly sensitive financial and business documents related to two financial organizations.18 March 2020
Trend Micro Fixes Critical Flaws Under Attack
Fixes are now available for five critical and high-severity Trend Micro flaws, two of which are being actively targeted by attackers.
18 March 2020
Facebook Got Tagged, but not Hard Enough
Ensuring that our valuable biometric information is protected is worth more than a $550 million settlement.18 March 2020
TrickBot Trojan Adds RDP Brute-Forcing to Its Arsenal
A fresh module aims to compromise remote desktop accounts to access corporate resources.
18 March 2020
Thousands of COVID-19 scam and malware sites are being created on a daily basis
Malware authors and fraudsters aren't letting a tragedy go to waste.18 March 2020
Trend Micro Patches Two Zero-Days Under Attack
Businesses are urged to update the Apex One and OfficeScan XG enterprise security products as soon as possible.18 March 2020
Work from home: How to set up a VPN
As the COVID-19 pandemic has many organizations switching employees to remote work, a virtual private network is essential for countering the increased security risks
The post Work from home: How to set up a VPN appeared first on WeLiveSecurity
18 March 2020
COVID-19: With everyone working from home, VPN security has now become paramount
DHS, SANS, NJCCIC, and Radware warn companies about securing enterprise VPN servers in the midst of the coronavirus outbreak and when a vast majority of employees are working from home.18 March 2020