Cybersecurity News


Most Contact-Tracing Apps Fail Basic Security

A survey of 17 Android applications for informing citizens if they had potential contact with a COVD-19-infected individual finds few have adopted code-hardening techniques.
18 June 2020

Google removes 106 Chrome extensions for collecting sensitive user data

Security firm identifies 111 malicious Chrome extensions collecting user keystrokes, clipboard content, cookies, more.
18 June 2020

CISO Dialogue: How to Optimize Your Security Budget

CISOs are never going to have all the finances they want. Hard choices must be made. The CISO of Amazon Prime Video discusses his approaches to a slimmed-down budget.
18 June 2020

BofA Phish Gets Around DMARC, Other Email Protections

BofA Phish Gets Around DMARC, Other Email Protections The June campaign was targeted and aimed at stealing online banking credentials.
18 June 2020

Five Password Tips for Securing the New WFH Normal

Five Password Tips for Securing the New WFH Normal Darren James, product specialist with Specops Software, warned that password resets, for example, are a particularly vexing issue for sysadmins, as they can often lockout end-users from their accounts.
18 June 2020

Phishing Campaign Targeting Office 365, Exploits Brand Names

Phishing Campaign Targeting Office 365, Exploits Brand Names Attackers use trusted entities to trick victims into giving up their corporate log-in details as well as to bypass security protections.
18 June 2020

Unpatched vulnerability identified in 79 Netgear router models

Bug lets attackers run code as "root" on vulnerable routers. Impacted routers go back to 2007.
18 June 2020

Digging up InvisiMole’s hidden arsenal

ESET researchers reveal the modus operandi of the elusive InvisiMole group, including newly discovered ties with the Gamaredon group

The post Digging up InvisiMole’s hidden arsenal appeared first on WeLiveSecurity

18 June 2020

InvisiMole Group Resurfaces Touting Fresh Toolset, Gamaredon Partnership

InvisiMole Group Resurfaces Touting Fresh Toolset, Gamaredon Partnership InvisiMole is back, targeting Eastern Europe organizations in the military sector and diplomatic missions with an updated toolset and new APT partnership.
18 June 2020

Microsoft: COVID-19 malware attacks were barely a blip in total malware volume

COVID-19-themed malware attacks began in February, peaked in March, and are slowly dying out.
18 June 2020

When Security Takes a Backseat to Productivity

"We must care as much about securing our systems as we care about running them if we are to make the necessary revolutionary change." -CIA's Wikileaks Task Force. So ends a key section of a report the U.S. Central Intelligence Agency produced in the wake of a mammoth data breach in 2016 that led to Wikileaks publishing thousands of classified documents stolen from the agency's offensive cyber operations division. The analysis highlights a shocking series of security failures at one of the world's most secretive organizations, but the underlying weaknesses that gave rise to the breach also unfortunately are all too common in many organizations today.
17 June 2020

7 Tips for Employers Navigating Remote Recruitment

7 Tips for Employers Navigating Remote Recruitment Hiring experts explain how companies should approach recruitment when employers and candidates are working remotely.
17 June 2020

AcidBox Malware Uncovered Using Repurposed VirtualBox Exploit

AcidBox Malware Uncovered Using Repurposed VirtualBox Exploit A “very rare” malware has been used by an unknown threat actor in cyberattacks against two different Russian organizations in 2017.
17 June 2020

Zoom Changes Course on End-to-End Encryption

The videoconferencing company now says it will offer end-to-end encryption to all users beginning in July.
17 June 2020

Premier League’s Return: A Hat Trick of Cyberthreats?

Premier League’s Return: A Hat Trick of Cyberthreats? The beautiful game is back on the pitch in the U.K. -- and cyberattackers will be looking to take advantage of fans streaming the games.
17 June 2020

Lazarus Group May Have Been Behind 2019 Attacks on European Targets

Telemetry hints that the North Korean actor was behind major cyber-espionage campaign focused on military and aerospace companies, ESET says.
17 June 2020

What's Anonymous Up to Now?

What's Anonymous Up to Now? The hacker group recently took credit for two high-profile incidents -- but its actions aren't quite the same as they once were, some say.
17 June 2020

What's Anonymous Up to Now?

The hacker group recently took credit for two high-profile incidents -- but its actions aren't quite the same as they once were, some say.
17 June 2020

Ripple20 bugs expose hundreds of millions of devices to attacks

Devices used in the energy, transportation and communications sectors are also affected by the flaws in the TCP/IP software library

The post Ripple20 bugs expose hundreds of millions of devices to attacks appeared first on WeLiveSecurity

17 June 2020

3 Things Wilderness Survival Can Teach Us About Email Security

It's a short hop from shows like 'Naked and Afraid' and 'Alone' to your email server and how you secure it
17 June 2020