1. Nmap Online
  2. Cybersecurity News

Cybersecurity News

Thunderspy attacks: What they are, who’s at greatest risk and how to stay safe

All you need to know about preventing adversaries from exploiting the recently disclosed vulnerabilities in the Thunderbolt interface

The post Thunderspy attacks: What they are, who’s at greatest risk and how to stay safe appeared first on WeLiveSecurity

30 July 2020

US defense and aerospace sectors targeted in new wave of North Korean attacks

Cyber-security firm McAfee publishes details about "Operation North Star."
30 July 2020

11 Security Tools to Expect at the Black Hat USA 2020 Arsenal Virtual Event

11 Security Tools to Expect at the Black Hat USA 2020 Arsenal Virtual Event More than 130 security researchers and developers are ready to showcase their work.
29 July 2020

Average Cost of a Data Breach: $3.86 Million

New IBM study shows that security system complexity and cloud migration can amplify breach costs.
29 July 2020

'BootHole' Vulnerability Exposes Secure Boot Devices to Attack

A flaw in the GRUB2 bootloader affects most Linux devices and some Windows computers using UEFI Secure Boot.
29 July 2020

Critical Magento Flaws Allow Code Execution

Critical Magento Flaws Allow Code Execution Adobe has released patches for critical and important-severity flaws in its popular Magento e-commerce platform.
29 July 2020

Security Flaws Discovered in OKCupid Dating Service

Researchers identified a variety of vulnerabilities in apps and websites for the popular online dating platform.
29 July 2020

Billions of Devices Impacted by Secure Boot Bypass

Billions of Devices Impacted by Secure Boot Bypass The "BootHole" bug could allow cyberattackers to load malware, steal information and move laterally into corporate, OT ,IoT and home networks.
29 July 2020

Here’s Why Credit Card Fraud is Still a Thing

Most of the civilized world years ago shifted to requiring computer chips in payment cards that make it far more expensive and difficult for thieves to clone and use them for fraud. One notable exception is the United States, which is still lurching toward this goal. Here's a look at the havoc that lag has wrought, as seen through the purchasing patterns at one of the underground's biggest stolen card shops that was hacked last year.
29 July 2020

70,000+ WordPress Sites Affected by Critical Plug-in Flaw

A vulnerability in the wpDiscuz plug-in could let attackers remotely execute code on the servers of affected websites.
29 July 2020

Dark Reading Video News Desk Returns to Black Hat

Coming to you prerecorded from in front of carefully arranged bookcases around the world ...!
29 July 2020

Critical Bugs in Utilities VPNs Could Cause Physical Damage

Critical Bugs in Utilities VPNs Could Cause Physical Damage Gear from Secomea, Moxa and HMS Networks are affected by remote code-execution flaws, researchers warn.
29 July 2020

Kaspersky: New hacker-for-hire mercenary group is targeting European law firms

The Deceptikons group is the second major hacker-for-hire mercenary group exposed this year after Dark Basin.
29 July 2020

Technical Challenges of IoT Cybersecurity in a Post-COVID-19 World

Effective management of vulnerabilities can be done only when information about supply chain dependencies is accurate and recent.
29 July 2020

'BootHole' attack impacts Windows and Linux systems using GRUB2 and Secure Boot

Microsoft, Red Hat, Canonical, SuSE, Oracle, VMWare, Citrix, and many OEMs are expected to release BootHole patches.
29 July 2020

Microsoft to remove all SHA-1 Windows downloads next week

Microsoft says file downloads signed with the SHA-1 algorithm are insecure and will be removed on August 3, 2020.
29 July 2020

Critical Security Flaw in WordPress Plugin Allows RCE

Critical Security Flaw in WordPress Plugin Allows RCE WordPress plugin Comments – wpDiscuz, which is installed on over 70,000 sites, has issued a patch.
29 July 2020

A View into Feedback from the PCI DSS v4.0 RFC

A View into Feedback from the PCI DSS v4.0 RFC

 

PCI SSC recently concluded the review of over 3,000 comments submitted for the first PCI DSS v4.0 RFC last year. This RFC set the record for the most industry submitted comments for a single PCI SSC standard and was the first time the industry had reviewed a working draft of PCI DSS.

29 July 2020

How to Decipher InfoSec Job Titles' Mysteries

How to Decipher InfoSec Job Titles' Mysteries Figuring out which cybersecurity job you want -- or are qualified for -- can be difficult when words have no consistent meaning in the industry.
29 July 2020

New tool detects shadow admin accounts in AWS and Azure environments

CyberArk releases new SkyArk tool for scanning AWS and Azure infrastructure for misconfigured accounts.
29 July 2020