Cybersecurity News


IoT Security During COVID-19: What We've Learned & Where We're Going

Vigilance and ongoing training combined with an integrated security framework are key aspects of a successful strategy in the fight against the latest crop of pandemic opportunists.
07 August 2020

Hackers Dump 20GB of Intel’s Confidential Data Online

Hackers Dump 20GB of Intel’s Confidential Data Online Chipmaker investigates a leak of intellectual property from its partner and customer resource center.
07 August 2020

Augmenting AWS Security Controls

Augmenting AWS Security Controls Appropriate use of native security controls in AWS and other CSPs is fundamental to managing cloud risk and avoiding costly breaches.
07 August 2020

Stadeo: Deobfuscating Stantinko and more

We introduce Stadeo – a set of scripts that can help fellow threat researchers and reverse engineers to deobfuscate the code of Stantinko and other malware

The post Stadeo: Deobfuscating Stantinko and more appeared first on WeLiveSecurity

07 August 2020

Canon suffers ransomware attack, Maze claims responsibility

Reports based on an internal memo suggest an external security firm has been hired to investigate.
07 August 2020

Magecart group uses homoglyph attacks to fool you into visiting malicious websites

A new campaign is utilizing the Inter kit and favicons to hide skimming activities.
07 August 2020

Small and medium‑sized businesses: Big targets for ransomware attacks

Why are SMBs a target for ransomware-wielding gangs and what can they do to protect themselves against cyber-extortion?

The post Small and medium‑sized businesses: Big targets for ransomware attacks appeared first on WeLiveSecurity

07 August 2020

Black Hat 2020: Influence Campaigns Are a Cybersecurity Problem

Black Hat 2020: Influence Campaigns Are a Cybersecurity Problem An inside look at how nation-states use social media to influence, confuse and divide -- and why cybersecurity researchers should be involved.
06 August 2020

Getting to the Root: How Researchers Identify Zero-Days in the Wild

Google Project Zero researcher Maddie Stone explains the importance of identifying flaws exploited in the wild and techniques used to do it.
06 August 2020

Researchers Create New Framework to Evaluate User Security Awareness

Approaches based on questionnaires and self-evaluation are not always a good indicator of how well a user can mitigate social engineering threats.
06 August 2020

A Mix of Optimism and Pessimism for Security of the 2020 Election

DHS CISA's Christopher Krebs and Georgetown University's Matt Blaze at Black Hat USA give the lowdown on where things stand and what still needs to happen to protect the integrity of November's election.
06 August 2020

Black Hat: Hackers are using skeleton keys to target chip vendors

Operation Chimera focuses on the theft of valuable intellectual property and semiconductor designs.
06 August 2020

Where Dark Reading Goes Next

Dark Reading Editor-in-Chief gives a complete rundown of all the Dark Reading projects you might not even know about, his insight into the future of the security industry, and how we plan to cover it.
06 August 2020

Black Hat 2020: Mercedes-Benz E-Series Rife with 19 Bugs

Black Hat 2020: Mercedes-Benz E-Series Rife with 19 Bugs Researchers went into detail about the discovery and disclosure of 19 security flaws they found in Mercedes-Benz vehicles, which have all been fixed.
06 August 2020

On 'Invisible Salamanders' and Insecure Messages

Cornell researcher Paul Grubbs discusses how vulnerabilities found in Facebook Messenger encryption could mean trouble for your secure messages.
06 August 2020

Exploiting Google Cloud Platform With Ease

Security engineer Dylan Ayrey and Cruise senior infrastructure security engineer Allison Donovan describe fundamental weaknesses in GCP identity management that enable privilege escalation and lateral movement.
06 August 2020

Office 365's Vast Attack Surface & All the Ways You Don't Know You're Being Exploited Through It

Mandiant incident response managers Josh Madeley and Doug Bienstock describe how thoroughly Microsoft 365 (formerly known as Office 365) extends into corporate networks, describe both sophisticated and simple attacks they've detected, and suggest mitigations as businesses rely more heavily on the cloud.
06 August 2020

Information Operations Spotlighted at Black Hat as Election Worries Rise

From Russia's "best-in-class" efforts at widening social divides in Western democracies to China's blunt attacks on dissidents, information operations are becoming a greater threat, says a Stanford researcher.
06 August 2020

Canon Admits Ransomware Attack in Employee Note, Report

Canon Admits Ransomware Attack in Employee Note, Report The consumer-electronics giant has suffered partial outages across its U.S. website and internal systems, reportedly thanks to the Maze gang.
06 August 2020

OpenText Blends Security, Data Protection for Greater Cyber Resilience

SPONSORED CONTENT: Infosec professionals are taking advantage of technology hybrids to keep users, data, and their networks more safe, according to Hal Lonas of OpenText's Webroot division. And they're also finding new ways to use artificial intelligence and machine learning to improve security management and reduce risk.
06 August 2020