Cybersecurity News


How to Help Spoil the Cybercrime Economy

Cybercrime increasingly is turning into a commodity. Stolen PII data and hijacked cloud accounts especially propel the spread, research shows.
11 August 2020

Researcher Publishes Bypass for Patch for vBulletin 0-Day Flaw

Researcher Publishes Bypass for Patch for vBulletin 0-Day Flaw Three separate proof-of-concepts on Bash, Python and Ruby posted to outsmart fix issued last year to remedy pre-auth RCE bug.
11 August 2020

17 Essential Stats About the State of Consumer Privacy

17 Essential Stats About the State of Consumer Privacy These illuminating numbers offer a glimpse into current consumer attitudes and enterprise readiness for protecting their customers' personal data.
11 August 2020

Gamifying Password Training Shows Security Benefits

When picking passwords, users often fall back on certain insecure patterns, but good habits can be learned using simple games, a group of researchers find.
10 August 2020

Hacking It as a CISO: Advice for Security Leadership

A security leader shares tips for adopting a CISO mindset, creating risk management strategies, and "selling infosec" to IT and executives.
10 August 2020

Google Fixes Mysterious Audio Recording Blip in Smart Speakers

Google Fixes Mysterious Audio Recording Blip in Smart Speakers Google Home devices reportedly recorded noises even without the "Hey Google" prompt due to the inadvertent rollout of a home security system feature.
10 August 2020

Better Business Bureau Warns of New Visa Scam

Visa limitations due to the novel coronavirus have given rise to a wave of scams aimed at visa-seekers.
10 August 2020

Can I Use the Same Security Tools on My IT and OT?

Can I Use the Same Security Tools on My IT and OT? You can quit worrying about IT tools in the OT environment.
10 August 2020

Security researcher publishes details and exploit code for a vBulletin zero-day

Proof-of-concept exploit code available in Bash, Python, and Ruby.
10 August 2020

Google Chrome Browser Bug Exposes Billions of Users to Data Theft

Google Chrome Browser Bug Exposes Billions of Users to Data Theft The vulnerability allows attackers to bypass Content Security Policy (CSP) protections and steal data from website visitors.
10 August 2020

Lock-Pickers Face an Uncertain Future Online

Teaching the hardware hacker the skill of picking locks is evolving because of the pandemic's lockdown.
10 August 2020

A mysterious group has hijacked Tor exit nodes to perform SSL stripping attacks

At one point, the group ran almost a quarter of all Tor exit nodes. Group still controls 10% of all Tor exit nodes today.
10 August 2020

Q2 DDoS Attacks Triple Year Over Year: Report

Distributed denial-of-service attacks have stayed consistently high throughout 2020, a shift from normal attack trends that researchers attribute to COVID-19.
10 August 2020

DDoS Attacks Cresting Amid Pandemic

DDoS Attacks Cresting Amid Pandemic Attacks were way up year-over-year in the second quarter as people continue to work from home.
10 August 2020

TeamViewer Flaw in Windows App Allows Password-Cracking

TeamViewer Flaw in Windows App Allows Password-Cracking Remote, unauthenticated attackers could exploit the TeamViewer flaw to execute code and crack victims' passwords.
10 August 2020

Black Hat 2020: Fixing voting – boiling the ocean?

With the big voting day rapidly approaching, can the security of the election still be shored up? If so, how?

The post Black Hat 2020: Fixing voting – boiling the ocean? appeared first on WeLiveSecurity

10 August 2020

Vulnerability Prioritization: Are You Getting It Right?

Vulnerability Prioritization: Are You Getting It Right? Developers must find a way to zero in on the security vulns that present the most risk and quickly address them without slowing down the pace of development.
10 August 2020

Have I Been Pwned to release code base to the open source community

Troy Hunt has made the decision following an unsuccessful attempt to have the platform acquired.
10 August 2020

FBI says an Iranian hacking group is attacking F5 networking devices

Sources: Attacks linked to a hacker group known as Fox Kitten (or Parasite), considered Iran's "spear tip" when it comes to cyber-attacks.
09 August 2020

Bank of England paid £3m in 'golden goodbyes' over 15 months

Bank of England paid £3m in 'golden goodbyes' over 15 months

Rise in settlements in 2019 included those paid to departing tech security staff shortly before major breach

The Bank of England paid departing staff almost £3m in “golden goodbyes” over 15 months, at the same time as an exodus of workers from its information security team.

Settlement payments to former staff surged to £2.3m in 2019, according to data provided to the Guardian under freedom of information laws. The Bank confirmed that former information security staff received some of the payments.

Continue reading...
09 August 2020