Cybersecurity News
Request for Comments: PIN v3.1 Standard Draft
From 29 May 2020 to 30 June 2020, PCI SSC stakeholders can participate in a Request for Comments (RFC) on PIN v3.1 Standard draft.
29 May 2020
‘Hack-For-Hire’ Firms Spoof WHO To Target Google Credentials
Google TAG report reveals that "hack for hire" firms are tapping into the coronavirus pandemic via WHO phishing lures.
29 May 2020
ACLU Sues Clearview AI Over Faceprint Collection, Sale
Watchdog group said company has violated the Illinois BIPA and ‘will end privacy as we know it’ without intervention.
29 May 2020
NCA launches UK ad campaign to divert kids searching for cybercrime tools
DDoS-for-hire and Trojan-related searches are on the agency’s radar.29 May 2020
Judge demands Capital One release Mandiant cyberforensic report on data breach
Attorneys suing the company will now have access to the report in preparation for a potential trial.29 May 2020
GitHub warns Java developers of new malware poisoning NetBeans projects
The malware's end goal was to install a remote access trojan and grant hackers access to highly sensitive workstations were sensitive projects were being developed.29 May 2020
A Rogues' Gallery of MacOS Malware
MacOS isn't immune from malware. Being prepared means understanding the nature of the worst threats a security team is likely to see attacking Macs in the enterprise.
28 May 2020
GitHub Supply Chain Attack Uses Octopus Scanner Malware
Octopus Scanner is a new malware used to compromise 26 open source projects in a massive GitHub supply chain attack.28 May 2020
Inside the Hoaxcalls Botnet: Both Success and Failure
The DDoS group sets itself apart by using exploits -- but it doesn't always pan out.
28 May 2020
Researchers ID Hacktivist Who Defaced Nearly 5,000 Websites
Opsec mistakes lead a Check Point researcher to an individual in Brazil who was behind a longtime hacking campaign.28 May 2020
Google to enable the Chrome anti-notification spam system in July 2020
Chrome will block sites from showing notification spam by default. Has been an opt-in feature since February.28 May 2020
Hackers Compromise Cisco Servers Via SaltStack Flaws
Attackers compromised six Cisco VIRL-PE servers that are affected by critical SaltStack vulnerabilities.
28 May 2020
Valak Malware Retasked to Steal Data from US, German Firms
Once considered a loader for other malware, Valak regularly conducts reconnaissance and steals information and credentials, new analysis shows.28 May 2020
Fortune 500 company NTT discloses security breach
Japanese telecommunications giant NTT says hackers breached its internal network and stole data on 621 customers.28 May 2020
NSA Warns Russia's 'Sandworm' Group Is Targeting Email Servers
The Russian military group has been exploiting a flaw in the Exim mail transfer agent since last August, the NSA reports.28 May 2020
Cisco discloses security breach that impacted VIRL-PE infrastructure
Hackers used vulnerabilities in the SaltStack data center software to breach six Cisco servers.28 May 2020
3 SMB Cybersecurity Myths Debunked
Small and midsize businesses are better at cyber resilience than you might think.28 May 2020
Vulnerability Disclosures Drop in Q1 for First Time in a Decade
Even with more security issues published on Patch Tuesdays, the total number of software flaws dropped for the first three months of 2020, according to one tally.28 May 2020
UK Ad Campaign Seeks to Deter Cybercrime
The United Kingdom's anti-cybercrime agency is running online ads aimed at young people who search the Web for services that enable computer crimes, specifically trojan horse programs and DDoS-for-hire services. The ad campaign follows a similar initiative launched in late 2017 that academics say measurably dampened demand for such services by explaining that their use to harm others is illegal and can land potential customers in jail.28 May 2020