Cybersecurity News


Messaging / Smishing Attacks

Cyber attackers can just as easily trick or fool you in messaging apps as they can in email. Be on the look-out for scams or attacks via apps such as Slack, Skype, WhatsApp or event simple text messaging. The most common clues are tremendous sense of urgency or curioustiy.
04 March 2020

Let's Encrypt to revoke 3 million certificates on March 4 due to software bug

Let's Encrypt issued 3,048,289 TLS certificates without checking the CAA field for the requesting domain.
03 March 2020

Cobalt Ulster Strikes Again With New ForeLord Malware

Cobalt Ulster Strikes Again With New ForeLord Malware Threatpost talks to Alex Tilley, senior security researcher with Dell SecureWorks' Counter Threat Unit Research Team, about a recently discovered campaign linked to an Iranian APT.
03 March 2020

Gotta Patch 'Em All? Not Necessarily, Experts Say

When it's impossible to remediate all vulnerabilities in an organization, data can indicate which bugs should be prioritized.
03 March 2020

Academics find 30 file upload vulnerabilities in 23 web apps, CMSes, and forums

Impacted projects include WordPress, Concrete5, Composr, SilverStripe, ZenCart, and others.
03 March 2020

Let’s Encrypt to Revoke Millions of TLS Certs

Let’s Encrypt to Revoke Millions of TLS Certs On Wednesday millions of Transport Layer Security certificates will be revoked because of a Certificate Authority Authorization bug.
03 March 2020

MediaTek Bug Actively Exploited, Affects Millions of Android Devices

MediaTek Bug Actively Exploited, Affects Millions of Android Devices An exploit published by a developer is easy to use and has already been used to build malicious apps that gain root access on Android devices.
03 March 2020

Avoiding the Perils of Electronic Communications

Twitter, Slack, etc., have become undeniably important for business today, but they can cause a lot of damage. That's why an agile communications strategy is so important.
03 March 2020

With New SOL4Ce Lab, Purdue U. and DoE Set Sights on National Security

With New SOL4Ce Lab, Purdue U. and DoE Set Sights on National Security The cooperative research initiative brings together faculty and students to "focus on problems and cutting-edge ways to solve them."
03 March 2020

NSS Labs Revises Endpoint Security Test Model

New product ratings system comes amid growing shift in the testing market toward more "open and transparent" evaluation of security tools.
03 March 2020

Former Microsoft Software Engineer Convicted of Fraud

The 25-year-old was convicted of 18 charges stemming from illegal access to money stored in online gift cards.
03 March 2020

Have I Been Pwned No Longer For Sale

Have I Been Pwned No Longer For Sale Troy Hunt said the popular HIBP will continue to be run as an independent service.
03 March 2020

Brave comes out on top in browser privacy study

By contrast, two web browsers share identifiers that are tied to the device hardware and so persist even across fresh installs

The post Brave comes out on top in browser privacy study appeared first on WeLiveSecurity

03 March 2020

The Case for Limiting Your Browser Extensions

Last week, KrebsOnSecurity reported to health insurance provider Blue Shield of California that its Web site was flagged by multiple security products as serving malicious content. Blue Shield quickly removed the unauthorized code. An investigation determined it was injected by a browser extension installed on the computer of a Blue Shield employee who'd edited the Web site in the past month. The incident is a reminder that browser extensions -- however useful or fun they may seem when you install them -- typically have a great deal of power and can effectively read and/or write all data in your browsing sessions. And as we'll see, it's not uncommon for extension makers to sell or lease their user base to shady advertising firms, or in some cases abandon them to outright cybercriminals.
03 March 2020

Chinese Nationals Charged with Laundering $100M in Cryptocurrency

The two defendants allegedly laundered $100 million for the benefit of North Korean threat actors who stole the funds in 2018.
03 March 2020

The Cybercrime Pandemic Keeps Spreading

The World Economic Forum says cyberattacks will be one of the top global business risks over the next 10 years.
03 March 2020

Chinese security firm says CIA hacked Chinese targets for the past 11 years

Qihoo 360 becomes second Chinese security vendor to blame the CIA for hacks against its civil aviation sector.
03 March 2020

DoppelPaymer Ransomware Used to Steal Data from Supplier to SpaceX, Tesla

DoppelPaymer Ransomware Used to Steal Data from Supplier to SpaceX, Tesla Cyber attack at Visser Precision, which builds custom parts for the aerospace and automotive industries, reveals sensitive company data.
03 March 2020

5 reasons to consider a career in cybersecurity

From competitive salaries to ever-evolving job descriptions, there are myriad reasons why a cybersecurity career could be right for you

The post 5 reasons to consider a career in cybersecurity appeared first on WeLiveSecurity

03 March 2020

Keeping Passwords Simple

We know at times this whole password thing sounds really complicated. Wouldn't be great if there was a brain dead way you could keep passwords simple and secure at the same time? Well, it's not nearly as hard as you think. Here are three tips to keeping passwords super simple while keeping your accounts super secure.
03 March 2020