Cybersecurity News


Slovak police seize wiretapping devices connected to government network

Slovak police also arrest four people, including the head of the government agency responsible for managing the government network.
10 June 2020

Asset Management Mess? How to Get Organized

Asset Management Mess? How to Get Organized Hardware and software deployments all over the place due to the pandemic scramble? Here are the essential steps to ensure you can find what you need -- and secure it.
10 June 2020

Microsoft ships hefty patch load this month

The latest Patch Tuesday knocks out a record-high number of vulnerabilities, including new bugs in the SMB protocol

The post Microsoft ships hefty patch load this month appeared first on WeLiveSecurity

10 June 2020

Efficient Security Testing Requires Automation, but Humans Are Needed Too

An annual survey of penetration testers finds that although machines can quickly find many classes of vulnerabilities, human analysts are still necessary to gauge the severity of discovered issues.
10 June 2020

Jenkins team avoids security disaster after partial user database loss

Loophole caused by deleted user database could have allowed threat actors to hijack the user accounts of Jenkins plugin authors.
10 June 2020

Encryption Utility Firm Accused of Bundling Malware Functions in Product

Encryption Utility Firm Accused of Bundling Malware Functions in Product The increasingly prevalent GuLoader malware has been traced back to a far-reaching encryption service that attempts to pass as above-board.
10 June 2020

3 Ways the Pandemic Will Affect Enterprise Security in the Future

While CISOs have been focused on immediate threats, it's time to look ahead to what a post-COVID-19 future will look like.
10 June 2020

Thanos Ransomware First to Weaponize RIPlace Tactic

Thanos Ransomware First to Weaponize RIPlace Tactic Thanos is the first ransomware family to feature the weaponized RIPlace tactic, enabling it to bypass ransomware protections.
10 June 2020

Arm CPUs impacted by rare side-channel attack

Arm issues guidance to developers to mitigate new "straight-line speculation" attack.
10 June 2020

Microsoft Patch Tuesday, June 2020 Edition

Microsoft today released software patches to plug at least 129 security holes in its Windows operating systems and supported software, by some accounts a record number of fixes in one go for the software giant. None of the bugs addressed this month are known to have been exploited or detailed prior to today, but there are a few vulnerabilities that deserve special attention -- particularly for enterprises and employees working remotely.
09 June 2020

Microsoft Fixes 129 Bugs in Largest Patch Tuesday Release

The June release of security updates addresses several remote code execution vulnerabilities in SharePoint, Excel, Windows OLE, and other services.
09 June 2020

Vulnerability in Plug-and-Play Protocol Puts Billions of Devices at Risk

"CallStranger" flaw in UPnP allows attackers to launch DDoS attacks and scan internal ports, security researcher says.
09 June 2020

DHS Warns on New Exploit of Windows 10 Vulnerability

The vulnerability was patched in March, but a new proof of concept raises the stakes for organizations that haven't yet updated their software.
09 June 2020

Microsoft June Patch Tuesday Fixes 129 Flaws in Largest-Ever Update

Microsoft June Patch Tuesday Fixes 129 Flaws in Largest-Ever Update The June Patch Tuesday update included CVEs for 11 critical remote code-execution vulnerabilities and concerning SMB bugs.
09 June 2020

New CrossTalk attack impacts Intel's mobile, desktop, and server CPUs

Academics detail a new vulnerability named CrossTalk that can be used to leak data across Intel CPU cores.
09 June 2020

Alarm sounded over security risks in online voting system

Bad actors could tamper with ballots cast via OmniBallot without being detected by voters, election officials or the tool’s developer, a study finds

The post Alarm sounded over security risks in online voting system appeared first on WeLiveSecurity

09 June 2020

Will Vote-by-App Ever Be Safe?

Even with strong security measures, Internet voting is still vulnerable to abuse from state-sponsored actors and malicious insiders.
09 June 2020

Microsoft June 2020 Patch Tuesday fixes 129 vulnerabilities

This month's updates have started rolling out earlier today.
09 June 2020

Espionage Group Hits U.S. Utilities with Sophisticated Spy Tool

Espionage Group Hits U.S. Utilities with Sophisticated Spy Tool The FlowCloud modular remote-access trojan (RAT) has overlaps with the LookBack malware.
09 June 2020

Florence, Ala. Hit By Ransomware 12 Days After Being Alerted by KrebsOnSecurity

In late May, KrebsOnSecurity alerted numerous officials in Florence, Ala. that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly $300,000 worth of bitcoin. City officials now say they plan to pay the ransom demand, in hopes of keeping the personal data of their citizens off of the Internet.
09 June 2020