Cybersecurity News
Credit card skimmers are now being buried in image file metadata on e-commerce websites
Magecart attackers are suspected of using an interesting technique to steal your financial data.26 June 2020
More than 75% of all vulnerabilities reside in indirect dependencies
JavaScript, Ruby, and Java are the ecosystems with most bugs in indirect dependencies.26 June 2020
Nvidia squashes display driver code execution, information leak bugs
The vulnerabilities impact both Windows and Linux machines.26 June 2020
What is a password manager and why is it useful?
A password manager can make your digital life both simpler and more secure. Are there any downsides to relying on software to create and store your passwords?
The post What is a password manager and why is it useful? appeared first on WeLiveSecurity
26 June 2020
Hosting a Video Conference
When hosting a video conference, make sure you password protect the conference so only authorized individuals can join. If there are any strangers or people who you do not recongize on the call, remove them.26 June 2020
DDoS botnet coder gets 13 months in prison
Kenneth Schuchman, known as Nexus Zeta, created multiple DDoS botnets, including Satori, Okiru, Masuta, and Fbot/Tsunami.25 June 2020
New Charges, Sentencing in Satori IoT Botnet Conspiracy
The U.S. Justice Department today criminally charged a Canadian and a Northern Ireland man for allegedly conspiring to build multiple botnets that enslaved hundreds of thousands of routers and other Internet of Things (IoT) devices for use in large-scale distributed denial-of-service (DDoS) attacks. In addition, a defendant in the United States was sentenced to drug treatment and 18 months community confinement for his admitted role in the conspiracy.25 June 2020
Criminals Turn to IM Platforms to Avoid Law Enforcement Scrutiny
Researchers from IntSights observed a sharp increase in the use of popular instant messaging apps over the past year among threat groups.25 June 2020
7 Tips for Effective Deception

25 June 2020
What’s New in PCI SPoC Security Standard Version 1.1?
Today, the PCI SSC published a minor revision to the PCI SPoC Security Standard. Version 1.1 of the standard aligns with the recently published PCI PTS POI v6.0, allowing SPoC solutions to work with PCI PTS SCRP devices that support magnetic-stripe readers.
25 June 2020
Apple adds support for encrypted DNS (DoH and DoT)
Apple said this week that iOS 14 and macOS 11 will support the DNS-over-HTTPS and DNS-over-TLS protocols.25 June 2020
Nationwide Facial Recognition Ban Proposed By Lawmakers

25 June 2020
Golang Worm Widens Scope to Windows, Adds Payload Capacity

25 June 2020
Contact Tracing & Threat Intel: Broken Tools & Processes
How epidemiology can solve the people problem in security.25 June 2020
Chinese bank forced western companies to install malware-laced tax software
GoldenSpy backdoor trojan found in a Chinese bank's official tax software, which the bank has been forcing western companies to install.25 June 2020
Vulnerabilities Declining in Open Source, But Slow Patching Still a Problem
Even as more code is produced, indirect dependencies continue to undermine security.25 June 2020
Facial recognition technology banned in another US city
In a move lauded by privacy advocates, Boston joins the ranks of cities that have voted down the municipal use of the technology
The post Facial recognition technology banned in another US city appeared first on WeLiveSecurity
25 June 2020
Another Record-Breaking DDoS Attack Signals Shift in Criminal Methods
Malicious botnet sources explode in new attacks that push boundaries in terms of volume and duration.25 June 2020
Nvidia Warns Windows Gamers of Serious Graphics Driver Bugs

25 June 2020
Better Collaboration Between Security & Development
Security and development teams must make it clear why their segment of the development life cycle is relevant to the other teams in the pipeline.25 June 2020