Cybersecurity News
DHS CISA: Companies are getting hacked even after patching Pulse Secure VPNs
Hackers compromised Pulse Secure VPNs, stole AD credentials, and are now using the stolen passwords to access internal networks even after companies patched their VPN servers.17 April 2020
Week in security with Tony Anscombe
Sextortion-meets-coronavirus scams - The financial loss from coronavirus-themed fraud in America - Is the time ripe for one global set of data privacy rules?
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
17 April 2020
PoetRAT Trojan targets energy sector using coronavirus lures
Wind turbine operators are the focus of a new data-stealing campaign.17 April 2020
10 Standout Security M&A Deals from Q1 2020
The first quarter of 2020 brought investments in enterprise IoT and endpoint security, as well as billion-dollar investments from private equity firms.
17 April 2020
Facebook will now warn you if you’ve interacted with fake, dangerous coronavirus posts
The fight against COVID-19 scams, misinformation, and fake cures continues.17 April 2020
Clipboard hijacking malware found in 725 Ruby libraries
The malware would replace Bitcoin addresses copied to the clipboard with one controlled by the attacker.17 April 2020
Scams, lies, and coronavirus
Scams demanding bitcoin on pain of infecting you with the coronavirus gain their fair share of shine among schemes with a thin veneer of plausibility
The post Scams, lies, and coronavirus appeared first on WeLiveSecurity
17 April 2020
Academics steal data from air-gapped systems using PC fan vibrations
Israeli researchers use vibrations from CPU, GPU, or PC chassis fans to broadcast stolen information through solid materials and to nearby receives, breaking air-gapped system protections.17 April 2020
Could Return of Ghost Squad Hackers Signal Rise in COVID-19-Related Hactivism?
New research suggests GSH is active in Southeast Asia following a couple of quiet years.16 April 2020
Poorly Secured Docker Image Comes Under Rapid Attack
A honeypot experiment shows just how quickly cybercriminals will move to compromise vulnerable cloud infrastructure.
16 April 2020
New PoetRAT Hits Energy Sector With Data-Stealing Tools
A never-before-seen RAT is targeting Azerbaijan energy companies with various tools aimed at stealing credentials and exfiltrating valuable data.
16 April 2020
Neglected Infrastructure, Invasive Tech to Plague Infosec in 2022
Researchers outline cybersecurity threats they predict businesses will face in two years as technology evolves.16 April 2020
Massive Bot-Enabled Ad Fraud Campaign Targeted Connected TVs
ICEBUCKET operation is the largest ever to attempt to steal from advertisers by using bots to impersonate human smart-TV viewers, White Ops says.16 April 2020
Small Business Is Big Target for Ransomware
Small businesses are being hit by ransomware, and a majority are paying up to get their data back.16 April 2020
Cisco IP Phone Harbors Critical RCE Flaw
Cisco stomped out a critical vulnerability in its IP Phone web server that could enable remote code execution by an unauthenticated attacker.
16 April 2020
4 Cybersecurity Lessons from the Pandemic
An epidemiologist-turned-CTO describes the parallels between the spread of a computer virus and the real-world coronavirus.16 April 2020
Apple releases mobility data to help combat COVID‑19
The tool, which comes after a similar effort by Google, looks at how people’s traveling behavior has changed since the start of the pandemic
The post Apple releases mobility data to help combat COVID‑19 appeared first on WeLiveSecurity
16 April 2020
Post Pandemic, Technologists Pose Secure Certification for Immunity
Going digital with immunity passports could speed rollout and allow for better warnings of potential hot spots. But security and privacy issues remain.16 April 2020
Arxan Technologies Joins New Software Company Digital.ai
The application security provider teams up with CollabNet VersionOne and XebiaLabs to create Digital.ai, a new enterprise DevOps platform.16 April 2020
Linksys asks users to reset passwords after hackers hijacked home routers last month
Linksys locks Smart WiFi cloud accounts and asks users to reset passwords after hackers hijacked routers to redirect traffic to malware sites.16 April 2020