Cybersecurity News
Apple strong-arms entire CA industry into one-year certificate lifespans
Apple, Google, and Mozilla reduce the lifespan for HTTPS certificates to 398 days, against the wishes of Certificate Authorities.28 June 2020
Apple declined to implement 16 Web APIs in Safari due to privacy concerns
Apple said these 16 new Web APIs add new user fingerprinting opportunities for online advertisers.28 June 2020
Russian Cybercrime Boss Burkov Gets 9 Years
A well-connected Russian hacker once described as “an asset of supreme importance” to Moscow was sentenced on Friday to nine years in a U.S. prison after pleading guilty to running a site that sold stolen payment card data, and to administering a highly secretive crime forum that counted among its members some of the most elite Russian cybercrooks.27 June 2020
Adobe, Mastercard, Visa warn online store owners of Magento 1.x EOL
Almost 110,000 online stores are still running the soon-to-be-outdated Magento 1.x CMS.27 June 2020
DarkCrewFriends Returns with Botnet Strategy
The botnet can be used to mount different kinds of attacks, including code-execution and DDoS.
26 June 2020
8 U.S. City Websites Targeted in Magecart Attacks
Researchers believe that Click2Gov, municipal payment software, may be at the heart of this most recent government security incident.
26 June 2020
‘Cardplanet’ Operator Sentenced to 9 Years for Selling Stolen Credit Cards
The carding store victimized mainly U.S. citizens and is responsible for $20 million in fraudulent purchases.
26 June 2020
Major US Companies Targeted in New Ransomware Campaign
Evil Corp. group hit at least 31 customers in campaign to deploy WastedLocker malware, according to Symantec.26 June 2020
Docker servers infected with DDoS malware in extremely rare attacks
Most Docker servers are usually infected with cryptocurrency-mining malware.26 June 2020
5 New InfoSec Job Training Trends: What We're Studying During COVID-19
With the pandemic uprooting networks and upending careers, which security skills are hot -- and which are not?
26 June 2020
Satori Botnet Creator Sentenced to 13 Months in Prison
The creator of the Satori/Okiru, Masuta and Tsunami/Fbot botnets has been sentenced to prison for compromising hundreds of thousands of devices.
26 June 2020
Good Cyber Hygiene in a Pandemic-Driven World Starts with Us
Three ways that security teams can improve processes and collaboration, all while creating the common ground needed to sustain them.26 June 2020
Good Cyber Hygiene in a Post-Pandemic World Starts with Us
Three ways that security teams can improve processes and collaboration, all while creating the common ground needed to sustain them.26 June 2020
SOC Wins & Losses
While the security operations center is enjoying a higher profile these days, just one-fourth of security operations centers actually resolve incidents quickly enough.26 June 2020
Week in security with Tony Anscombe
Android ransomware posing as a COVID-19 tracing app – Ill-trained and ill-equipped newly-minted remote workers – How Bitcoin giveaway scams misuse Elon Musk's name
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
26 June 2020
TikTok To Stop Clipboard Snooping After Apple Privacy Feature Exposes Behavior
App will stop reading users’ device cut-and-paste data after a new banner alert in an Apple update uncovered the activity.
26 June 2020
Credit card skimmers are now being buried in image file metadata on e-commerce websites
Magecart attackers are suspected of using an interesting technique to steal your financial data.26 June 2020
More than 75% of all vulnerabilities reside in indirect dependencies
JavaScript, Ruby, and Java are the ecosystems with most bugs in indirect dependencies.26 June 2020
Nvidia squashes display driver code execution, information leak bugs
The vulnerabilities impact both Windows and Linux machines.26 June 2020
What is a password manager and why is it useful?
A password manager can make your digital life both simpler and more secure. Are there any downsides to relying on software to create and store your passwords?
The post What is a password manager and why is it useful? appeared first on WeLiveSecurity
26 June 2020