Cybersecurity News


NXNSAttack technique can be abused for large-scale DDoS attacks

New vulnerability in DNS server software can be leveraged for DDoS attacks with an 1620x amplification factor.
19 May 2020

Magecart Plants Card Skimmers via Old Magento Plugin Flaw

The FBI has warned ecommerce sites about attacks targeting a more than three-year-old flaw in the Magmi mass importer.
19 May 2020

Google Chrome Redesign Puts Security & Privacy in Users' Hands

The Chrome browser will tell users if their browser is up to date, malicious extensions are installed, and/or a password has been compromised.
19 May 2020

The Windows 7 Postmortem: What’s at Stake

The Windows 7 Postmortem: What’s at Stake Nearly a quarter of endpoints still run Windows 7, even though support and security patches have ended.
19 May 2020

Unpatched Open Source Libraries Leave 71% of Apps Vulnerable

PHP and JavaScript developers need to pay close attention because different languages and frameworks have different rates of vulnerability, research finds.
19 May 2020

EasyJet Hackers Take Off with Travel Details for 9M Customers

EasyJet Hackers Take Off with Travel Details for 9M Customers The vacation-centric airline is warning victims about social-engineering attacks.
19 May 2020

Web Application Attacks Double from 2019: Verizon DBIR

Web Application Attacks Double from 2019: Verizon DBIR Verizon's annual data breach report shows most attackers are external, money remains their top motivator, and web applications and unsecured cloud storage are hot targets.
19 May 2020

Bluetooth flaw exposes countless devices to BIAS attacks

As many as 30 smartphones, laptops and other devices were tested – and all were found to be vulnerable

The post Bluetooth flaw exposes countless devices to BIAS attacks appeared first on WeLiveSecurity

19 May 2020

Long-Term Remote Work: Keeping Workers Productive & Secure

The pandemic has changed how we get work done. Now, data security must catch up.
19 May 2020

Hacker arrested in Ukraine for selling billions of stolen credentials

Hacker "Sanix" has been selling billions of hacked user credentials on hacker forums and Telegram channels.
19 May 2020

WolfRAT Android Malware Targets WhatsApp, Facebook Messenger

WolfRAT Android Malware Targets WhatsApp, Facebook Messenger Researchers link the malware to Wolf Research operators with "high confidence" after it was spotted in campaigns targeting Thai users.
19 May 2020

WolfRAT targets WhatsApp, Facebook Messenger app users on Android devices

The new malware is unstable and appears to be a slapdash effort based on leaked DenDroid code.
19 May 2020

Ukraine Nabs Suspect in 773M Password ‘Megabreach’

In January 2019, dozens of media outlets raised the alarm about a new “megabreach” involving the release of some 773 million stolen usernames and passwords that was breathlessly labeled “the largest collection of stolen data in history.” A subsequent review by KrebsOnSecurity quickly determined the data was years old and merely a compilation of credentials pilfered from mostly public data breaches. Earlier today, authorities in Ukraine said they’d apprehended a suspect in the case.
19 May 2020

EasyJet Sees 9 Million Customer Email Addresses Stolen

More than 2,000 customers also had credit card information taken in the attack.
19 May 2020

Chrome 83 released with enhanced privacy controls, tab groups feature

Chrome 83 is one of the feature-rich Chrome releases in recent years.
19 May 2020

7 Security Pros: What My Nontraditional Background Brings to the Job

7 Security Pros: What My Nontraditional Background Brings to the Job Job experience and degrees outside of the cybersecurity or IT world can provide invaluable diversity of thinking and problem-solving.
19 May 2020

Bluetooth Bugs Allow Impersonation Attacks on Legions of Devices

Bluetooth Bugs Allow Impersonation Attacks on Legions of Devices A host of unpatched security bugs that allow BIAS attacks affects Bluetooth chips from Apple, Intel, Qualcomm, Samsung and others.
19 May 2020

Adobe Patches Critical RCE Flaw in Character Animator App

Adobe Patches Critical RCE Flaw in Character Animator App A critical remote code execution flaw in Adobe Character Animator was fixed in an out-of-band Tuesday patch.
19 May 2020

2020 – 2022 Global Executive Assessor Roundtable


In 2018, PCI Security Standards Council established its first Global Executive Assessor Roundtable (GEAR) consisting of senior leadership members of payment security assessors. The vision for the roundtable was simple: encourage the exchange of information, and increase payment security, through greater coordination with this key stakeholder group.

19 May 2020

Cybersecurity Extends Far Beyond Security Teams & Everyone Plays a Part

Security isn't about tools or technology; it's about establishing a broad, fundamental awareness and sense of responsibility among all employees.
19 May 2020