Cybersecurity News


Kaspersky: RDP brute-force attacks have gone up since start of COVID-19

RDP brute-force attack numbers rose in mid-March as quarantines were being imposed over the globe.
29 April 2020

ThreatList: Human-Mimicking Bots Spike, Targeting e-Commerce and Travel

ThreatList: Human-Mimicking Bots Spike, Targeting e-Commerce and Travel Overall bot activity on the web has soared, with a 26 percent growth rate -- attacks on applications, APIs and mobile sites are all on the rise.
29 April 2020

Critical GitLab Flaw Earns Bounty Hunter $20K

Critical GitLab Flaw Earns Bounty Hunter $20K A GitLab path traversal flaw could allow attackers to read arbitrary files and remotely execute code.
29 April 2020

Web Shells Continue to Threaten

A decade after their first use, Web shells remain a common tool for all stripes of attackers, from common cybercriminals to sophisticated state actors.
29 April 2020

Phishers Start to Exploit Oil Industry Amid COVID-19 Woes

While a massive flood of attacks has yet to materialize, cybersecurity experts say this could be the calm before the storm.
29 April 2020

4 Ways to Get to Defensive When Faced by an Advanced Attack

To hold your own against nation-state-grade attacks, you must think and act differently.
29 April 2020

EFF: Google, Apple’s Contact-Tracing System Open to Cyberattacks

EFF: Google, Apple’s Contact-Tracing System Open to Cyberattacks Malicious actors could potentially harvest data over the air and use it to shake confidence in the public-health system, EFF says.
29 April 2020

Estonia: Foreign hackers breached local email provider for targeted attacks

Hackers hijacked a small number of Mail.ee accounts "belonging to persons of interest to a foreign country."
29 April 2020

ESET Threat Report

A view of the Q1 2020 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts

The post ESET Threat Report appeared first on WeLiveSecurity

29 April 2020

GitLab awards researcher $20,000, patches remote code execution bug

Engineers jumped on the issue which earned the researcher $1,000 at the point of triage.
29 April 2020

Microsoft open-sources in-house library for handling QUIC connections

Microsoft says MsQuic will soon be part of most of its products, like Windows, .NET, Microsoft 365, and others.
29 April 2020

National Security Agency releases guide to secure video conferencing

By William Knowles @c4i Senior Editor InfoSec News April 29, 2020 Last Friday, the National Security Agency released a guide aimed mainly towards U.S. Government employees and military service members are working from home, but is also ideal for business professionals on Selecting and Safely Using Collaboration Services for Telework. This cybersecurity guidance contains a […]
29 April 2020

Adobe patches critical code, corruption bugs across Bridge, Illustrator, Magento

The company has squashed a range of critical flaws leading to arbitrary code execution.
29 April 2020

Continued Use of Python 2 Will Heighten Security Risks

With support for the programming language no longer available, organizations should port to Python 3, security researches say.
28 April 2020

Google discloses zero-click bugs impacting several Apple operating systems

Apple needs to follow in Google and Mozilla's footsteps and secure its multimedia processing libraries.
28 April 2020

Enterprise Security Woes Explode with Home Networks in the Mix

Enterprise Security Woes Explode with Home Networks in the Mix Thanks to WFH, IoT refrigerators, Samsung TVs and more can now be back-channel proxies into the corporate network.
28 April 2020

Rapid7 Announces Plan to Buy DivvyCloud

The purchase will boost Rapid7's multicloud capabilities.
28 April 2020

Would You Have Fallen for This Phone Scam?

You may have heard that today's phone fraudsters like to use use caller ID spoofing services to make their scam calls seem more believable. But you probably didn't know that your bank may be making it super easy for thieves to impersonate the bank, by giving away information about recent transactions on your account via automated, phone-based customer support systems.
28 April 2020

‘Black Rose Lucy’ is Back, Now Pushing Ransomware

‘Black Rose Lucy’ is Back, Now Pushing Ransomware Researchers say incidents of mobile malware are becoming more common and growing more sophisticated.
28 April 2020