Cybersecurity News
Microsoft Patch Tuesday, June 2020 Edition
Microsoft today released software patches to plug at least 129 security holes in its Windows operating systems and supported software, by some accounts a record number of fixes in one go for the software giant. None of the bugs addressed this month are known to have been exploited or detailed prior to today, but there are a few vulnerabilities that deserve special attention -- particularly for enterprises and employees working remotely.09 June 2020
Microsoft Fixes 129 Bugs in Largest Patch Tuesday Release
The June release of security updates addresses several remote code execution vulnerabilities in SharePoint, Excel, Windows OLE, and other services.09 June 2020
Vulnerability in Plug-and-Play Protocol Puts Billions of Devices at Risk
"CallStranger" flaw in UPnP allows attackers to launch DDoS attacks and scan internal ports, security researcher says.09 June 2020
DHS Warns on New Exploit of Windows 10 Vulnerability
The vulnerability was patched in March, but a new proof of concept raises the stakes for organizations that haven't yet updated their software.09 June 2020
Microsoft June Patch Tuesday Fixes 129 Flaws in Largest-Ever Update

09 June 2020
New CrossTalk attack impacts Intel's mobile, desktop, and server CPUs
Academics detail a new vulnerability named CrossTalk that can be used to leak data across Intel CPU cores.09 June 2020
Alarm sounded over security risks in online voting system
Bad actors could tamper with ballots cast via OmniBallot without being detected by voters, election officials or the tool’s developer, a study finds
The post Alarm sounded over security risks in online voting system appeared first on WeLiveSecurity
09 June 2020
Will Vote-by-App Ever Be Safe?
Even with strong security measures, Internet voting is still vulnerable to abuse from state-sponsored actors and malicious insiders.09 June 2020
Microsoft June 2020 Patch Tuesday fixes 129 vulnerabilities
This month's updates have started rolling out earlier today.09 June 2020
Espionage Group Hits U.S. Utilities with Sophisticated Spy Tool

09 June 2020
Florence, Ala. Hit By Ransomware 12 Days After Being Alerted by KrebsOnSecurity
In late May, KrebsOnSecurity alerted numerous officials in Florence, Ala. that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly $300,000 worth of bitcoin. City officials now say they plan to pay the ransom demand, in hopes of keeping the personal data of their citizens off of the Internet.09 June 2020
Hack-for-Hire Firm Connected to Attacks on Nonprofits, Journalists
The Dark Basin group behind thousands of phishing and malware attacks is likely an India-based "ethical hacking" firm that works on behalf of commercial clients.09 June 2020
Adobe Warns of Critical Flaws in Flash Player, Framemaker

09 June 2020
Honda Pauses Production Due to Cyberattack
The attack reportedly infected internal servers and forced Honda to halt production at plants around the world on Monday.09 June 2020
Dark Basin Hack-For-Hire Group Targeted Thousands Over 7 Years

09 June 2020
CSO's Guide to 'Employee-First' Security Operations During COVID-19 & Beyond
As the work-at-home environment continues to inform new ways of doing business, it's important that security teams remain flexible and ready for change.09 June 2020
KingMiner botnet brute-forces MSSQL databases to install cryptocurrency miner
The KingMiner gang is brute-forcing the "sa" user, the highest-privileged account on a MSSQL database.09 June 2020
Malicious Android apps deactivated fraud code to bypass Google's security scans
Trick didn't work. Google banned them anyway.09 June 2020
DARPA Launches Bug Bounty Program
Unlike most crowdsourced vulnerability-hunting projects, this one is targeted at hardware defenses.08 June 2020
Chinese and Iranian APT Groups Targeted US Presidential Campaigns
Google analysts report advanced persistent threat groups linked to China and Iran launched phishing attacks against the Biden and Trump campaigns.08 June 2020