Cybersecurity News


Microsoft Exchange Server Flaw Exploited in APT Attacks

Microsoft Exchange Server Flaw Exploited in APT Attacks A vulnerability is Microsoft Exchange servers is being actively exploited by multiple APT groups, researchers warn.
09 March 2020

Cyber Resiliency, Cloud & the Evolving Role of the Firewall

Today's defenses must be creative in both isolating threats and segmenting environments to prevent attacks. Here's why.
09 March 2020

Malware Campaign Feeds on Coronavirus Fears

A new malware campaign that offers a "coronavirus map" delivers a well-known data-stealer.
09 March 2020

AMD Downplays CPU Threat Opening Chips to Data Leak Attacks

AMD Downplays CPU Threat Opening Chips to Data Leak Attacks New side-channel attacks have been disclosed in AMD CPUs, however AMD said that they are not new.
09 March 2020

AMD Downplays CPU Threat Opening Chips to Data Leak Attacks

AMD Downplays CPU Threat Opening Chips to Data Leak Attacks New side-channel attacks have been disclosed in AMD CPUs, however AMD said that they are not new.
09 March 2020

WatchGuard Buys Panda Security for Endpoint Security Tech

In the long term, Panda Security's technologies will be integrated into the WatchGuard platform.
09 March 2020

Brave to generate random browser fingerprints to preserve user privacy

"Brave's new approach aims to make every browser look completely unique, both between websites and between browsing sessions."
09 March 2020

Threat Awareness: A Critical First Step in Detecting Adversaries

One thing seems certain: Attackers are only getting more devious and lethal. Expect to see more advanced attacks.
09 March 2020

NordVPN HTTP POST bug exposed customer information, no authentication required

The exploit could be triggered with a simple request.
09 March 2020

Phone Call Attacks

More and more scams and attacks are happening over the phone. Whenever you get an urgent phone call on the phone pressuring you to do something (such as a caller pretending to be the tax department or Microsoft Tech Support) be very suspicious. It's most likely a scammer trying to trick you out of money or pressure you into making a mistake. Protect yourself, simply hang up the phone. You are not being rude, the person on the other line is trying to take advantage of you.
09 March 2020

Multiple nation-state groups are hacking Microsoft Exchange servers

Government-backed groups are exploiting CVE-2020-0688 to take over Exchange email servers.
08 March 2020

A list of security conferences canceled or postponed due to coronavirus concerns

Some conferences have canceled, some have postponed the event, while others have gone virtual.
07 March 2020

AMD processors from 2011 to 2019 vulnerable to two new attacks

Academics disclose new Collide+Probe and Load+Reload attacks on AMD CPUs.
07 March 2020

U.S. Govt. Makes it Harder to Get .Gov Domains

The federal agency in charge of issuing .gov domain names is enacting new requirements for validating the identity of people requesting them. The additional measures come less than four months after KrebsOnSecurity published research suggesting it was relatively easy for just about anyone to get their very own .gov domain. In November's piece It's Way Too Easy to Get a .gov Domain Name, an anonymous source detailed how he obtained one by impersonating an official at a small town in Rhode Island that didn't already have its own .gov.
07 March 2020

Google could have fixed 2FA code-stealing flaw in Authenticator app years ago

Google Authenticator app lets other apps take screenshots of its code. Issue was first reported to Google in October 2014, but it was never addressed.
07 March 2020

New Ransomware Variant Developed Entirely as Shellcode

PwndLocker is harder to detect than other crypto-malware, Crypsis Group says.
06 March 2020

7 Cloud Attack Techniques You Should Worry About

7 Cloud Attack Techniques You Should Worry About Security pros detail the common and concerning ways attackers target enterprise cloud environments.
06 March 2020

Next-Gen Ransomware Packs a ‘Human’ Punch, Microsoft Warns

Next-Gen Ransomware Packs a ‘Human’ Punch, Microsoft Warns Ryuk, DoppelPaymer, Parinacota and other ransomware groups are getting more sophisticated, Microsoft warns.
06 March 2020

Next-Gen Ransomware Packs a ‘Human’ Punch, Microsoft Warns

Next-Gen Ransomware Packs a ‘Human’ Punch, Microsoft Warns Ryuk, DoppelPaymer, Parinacota and other ransomware groups are getting more sophisticated, Microsoft warns.
06 March 2020

Former Acting Inspector General Charged in Federal Fraud Scheme

A federal grand jury has indicted Charles K. Edwards on 16 counts related to a conspiracy to steal software from one department and sell an enhanced version to another.
06 March 2020