Cybersecurity News


Black Hat: Entropy - the solution to malvertising and malspam?

A researcher explores how entropy could be used to flag suspicious images and documents hiding malicious secrets.
06 August 2020

Counting for Good: Hardware Counters Un-mask Malware

Nick Gregory, research scientist at Capsule8, talks about his session with Capsule8 data scientist Harini Kannan, "Uncommon Sense: Detecting Exploits With Novel Hardware Performance Counters and Machine Learning Magic."
06 August 2020

2019 Breach Leads to $80 Million Fine for Capital One

The fine is part of a series of steps required by the Office of the Comptroller of the Currency.
06 August 2020

Four Rules and Three Tools to Protect Against Fake SaaS Apps

Here's how to blunt the twinned forces of shadow IT and counterfeit apps and keep your data safe.
06 August 2020

A Real-World Tool for Organizing, Integrating Your Other Tools

Omdia Cybersecurity Accelerator analyst Eric Parizo describes the value overwhelmed security managers may find in a SPIF.
06 August 2020

Capital One fined $80 million for 2019 hack

Office of the Comptroller of the Currency imposes mammoth fine for the bank's failure to secure its data in the cloud.
06 August 2020

Energy Market Manipulation with High-Wattage IoT Botnets

Attackers that can compromise enough products such as smart ACs and heaters can tweak power demand in subtle ways for financial gain or to hurt market players, researchers at Black Hat say.
06 August 2020

Ripple20: More Vulnerable Devices Identified

Security researchers find 34 additional vendors, and 47 devices, affected by the widespread Ripple20 vulnerabilities.
06 August 2020

High-Severity Cisco DoS Flaw Plagues Small-Business Switches

High-Severity Cisco DoS Flaw Plagues Small-Business Switches Cisco recently patched the high-severity flaw, which could allow remote, unauthenticated attackers to launch DoS attacks against its popular small business switches.
06 August 2020

Blackbaud data breach: What you should know

Here’s what to be aware of if your personal data was compromised in the breach at the cloud software provider

The post Blackbaud data breach: What you should know appeared first on WeLiveSecurity

06 August 2020

3 Tips For Better Security Across the Software Supply Chain

It may sound look intimidating, but with a few tweaks to tools and processes already in use, it's not hard to get a head start on improving security posture of the software supply chain.
06 August 2020

Black Hat 2020: ‘Zero-Click’ MacOS Exploit Chain Uses Microsoft Office Macros

Black Hat 2020: ‘Zero-Click’ MacOS Exploit Chain Uses Microsoft Office Macros At Black Hat 2020, Patrick Wardle disclosed an exploit chain that bypasses Microsoft's malicious macros protections to infect MacOS users.
06 August 2020

Black Hat 2020: Using Botnets to Manipulate Energy Markets for Big Profits

Black Hat 2020: Using Botnets to Manipulate Energy Markets for Big Profits Black Hat 2020 session discusses how high-wattage connected devices like dishwashers and heating systems can be recruited into botnets and used to manipulate energy markets.
06 August 2020

Firefox gets fix for evil cursor attack

Tech support scam group found a way to abuse Firefox's previous evil cursor patch to enable new attacks.
06 August 2020

U.S. Offers Reward of $10M for Info Leading to Discovery of Election Meddling

U.S. Offers Reward of $10M for Info Leading to Discovery of Election Meddling Government hopes to avoid interference in the upcoming November presidential vote with a hefty reward.
06 August 2020

Smart locks can be opened with nothing more than a MAC address

Researchers demonstrated how remote attackers can steal UltraLoq digital keys with minimal effort.
06 August 2020

Smart locks opened with nothing more than a MAC address

Researchers demonstrated how remote attackers could steal UltraLoq digital keys with minimal effort.
06 August 2020

Black Hat: Hackers can remotely hijack enterprise, healthcare Temi robots

Temi’s interactive assistance robots are remotely exploitable with little more than a phone number.
06 August 2020

What A Security Engineer & Software Engineer Learned By Swapping Roles

A security engineer and infrastructure engineer with Salesforce share lessons learned from their professional role reversal, and advice for people on both teams.
05 August 2020

Google said it took down ten influence operation campaigns in Q2 2020

Google said the influence ops were traced back to China, Russia, Iran, and Tunisia.
05 August 2020