Cybersecurity News


Critical Security Flaw in WordPress Plugin Allows RCE

Critical Security Flaw in WordPress Plugin Allows RCE WordPress plugin Comments – wpDiscuz, which is installed on over 70,000 sites, has issued a patch.
29 July 2020

A View into Feedback from the PCI DSS v4.0 RFC

 

PCI SSC recently concluded the review of over 3,000 comments submitted for the first PCI DSS v4.0 RFC last year. This RFC set the record for the most industry submitted comments for a single PCI SSC standard and was the first time the industry had reviewed a working draft of PCI DSS.

29 July 2020

How to Decipher InfoSec Job Titles' Mysteries

How to Decipher InfoSec Job Titles' Mysteries Figuring out which cybersecurity job you want -- or are qualified for -- can be difficult when words have no consistent meaning in the industry.
29 July 2020

New tool detects shadow admin accounts in AWS and Azure environments

CyberArk releases new SkyArk tool for scanning AWS and Azure infrastructure for misconfigured accounts.
29 July 2020

The Future's Biggest Cybercrime Threat May Already Be Here

Current attacks will continue to be refined, and what may seem a weakness now could turn out to be a disaster.
29 July 2020

Facial-Recognition Flop: Face Masks Thwart Virus, Stump Security Systems

Facial-Recognition Flop: Face Masks Thwart Virus, Stump Security Systems Algorithms clocked error rates of between 5% to 50% when comparing photos of people wearing digitally created masks with unmasked faces.
29 July 2020

OkCupid: Hackers want your data, not a relationship

Researchers discovered a way to steal the personal and sensitive data of users on the popular dating app.
29 July 2020

OkCupid Security Flaw Threatens Intimate Dater Details

OkCupid Security Flaw Threatens Intimate Dater Details Attackers could exploit various flaws in OkCupid's mobile app and webpage to steal victims' sensitive data and even send messages out from their profiles.
29 July 2020

ESET Threat Report Q2 2020

A view of the Q2 2020 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts

The post ESET Threat Report Q2 2020 appeared first on WeLiveSecurity

29 July 2020

Today’s ‘mega’ data breaches now cost companies $392 million to recover from

When consumer PII is involved, the cost increases.
29 July 2020

Lazarus Group Shifts Gears with Custom Ransomware

The North Korea-linked APT group has developed its own ransomware strain to better conduct financial theft, researchers report.
28 July 2020

Lazarus Group Brings APT Tactics to Ransomware

Lazarus Group Brings APT Tactics to Ransomware A new ransomware, VHD, was seen being delivered by the nation-state group's multiplatform malware platform, MATA.
28 July 2020

Avon Server Leaks User Info and Administrative Data

An unprotected server has exposed more than 7GB of data from the beauty brand.
28 July 2020

Hacker gang behind Garmin attack doesn't have a history of stealing user data

There's a high probability that Garmin user data might be safe, after all.
28 July 2020

Out-of-Date and Unsupported Cloud Workloads Continue as a Common Weakness

More than 80% of companies have at least one Internet-facing cloud asset that is more than six months out of date or running software that is no longer supported, according to scan data.
28 July 2020

Researchers Foil Phishing Attempt on Netflix Customers

Hackers use two stolen domains to steal credentials from Netflix users and then send them to the real Netflix site.
28 July 2020

7.5M Banking Customers Affected in Dave Security Breach

The financial services app confirms user data was compromised in a data breach at its former third-party provider, WayDev.
28 July 2020

Autonomous IT: Less Reacting, More Securing

Keeping data secure requires a range of skills and perfect execution. AI makes that possible.
28 July 2020

FBI warns of disruptive DDoS amplification attacks

The Bureau expects cybercriminals to increasingly abuse new threat vectors for large-scale DDoS attacks

The post FBI warns of disruptive DDoS amplification attacks appeared first on WeLiveSecurity

28 July 2020

As Businesses Move to the Cloud, Cybercriminals Follow Close Behind

In the wake of COVID-19, data theft is by far the top tactic, followed by cryptomining and ransomware.
28 July 2020