Cybersecurity News
New Ramsay malware can steal sensitive documents from air-gapped networks
Ramsay can infect air-gapped computers, collect Word, PDF, and ZIP files in a hidden folder, and then wait for exfiltration.13 May 2020
Adobe issues patches for 36 vulnerabilities in DNG, Reader, Acrobat
May’s patch round includes fixes for remote code execution flaws.13 May 2020
Ransomware attack disables Texas Supreme Court’s website
By William Knowles @c4i Senior Editor InfoSec News May 13, 2020 On Friday, May 8th, the Office of Court Administration (OCA), the information technology (IT) provider for the appellate courts and state judicial agencies within the Texas Judicial Branch, identified a serious security event in the branch network, which was later determined to be […]13 May 2020
Ramsay: A cyber‑espionage toolkit tailored for air‑gapped networks
ESET researchers uncover several instances of malware that uses various attack vectors to target systems isolated by an air gap
The post Ramsay: A cyber‑espionage toolkit tailored for air‑gapped networks appeared first on WeLiveSecurity
13 May 2020
Windows 10 to get PUA/PUP protection feature
New PUA/PUP-blocking security feature to roll out with the Windows 10 May 2020 update.13 May 2020
DHS CISA and FBI share list of top 10 most exploited vulnerabilities
Office is the most exploited technology, followed by Apache Struts.13 May 2020
Huawei denies involvement in buggy Linux kernel patch proposal
Huawei says employee submitted code as part of a personal project, not on behalf of the company.12 May 2020
Website Attacks Become Quieter & More Persistent
Threat actors have pivoted from noisy attacks to intrusions where stealth and ROI are primary goals, new report says.12 May 2020
Microsoft Fixes 111 Vulnerabilities for Patch Tuesday
This marks the third month in a row that Microsoft patched more than 100 bugs, of which 16 are classified as critical.12 May 2020
Thunderbolt flaws open millions of PCs to physical hacking
A new attack method enables bad actors to access data on a locked computer via an evil maid attack within 5 minutes
The post Thunderbolt flaws open millions of PCs to physical hacking appeared first on WeLiveSecurity
12 May 2020
Microsoft Patch Tuesday, May 2020 Edition
Microsoft today issued software updates to plug at least 111 security holes in Windows and Windows-based programs. None of the vulnerabilities were labeled as being publicly exploited or detailed prior to today, but as always if you're running Windows on any of your machines it's time once again to prepare to get your patches on.12 May 2020
Nine in 10 Applications Contain Outdated Software Components
Almost every application uses open-source components and 91% use libraries that are out of date or that have been abandoned altogether.12 May 2020
Secure Contact Tracing Needs More Transparent Development
Experts worry that without proper planning, today's decisions about developing contact-tracing apps could have unforeseen consequences in the years to come.12 May 2020
REvil Ransomware Attack Hits A-List Celeb Law Firm
Cybercriminals used the REvil ransomware to attack a law firm used by the likes of Lady Gaga, Drake and Madonna. Now, they're threatening to leak the 756 gigabytes of stolen data.
12 May 2020
Google removed 813 creepware apps from the Android Play Store
The applications were discovered with a new algorithm called CreepRank, developed by a team of academics.12 May 2020
DHS, FBI & DoD Report on New North Korean Malware
Three new reports detail malware coming out of the Hidden Cobra cyber operations in North Korea.12 May 2020
Microsoft Addresses 111 Bugs for May Patch Tuesday
Important-rated EoP flaws made up the bulk of the CVEs; SharePoint continued its critical run with four worrying bugs.
12 May 2020
Three Years After WannaCry, Ransomware Accelerating While Patching Still Problematic
Using a known exploit to infect unmaintained systems, the WannaCry ransomware worm remains a study in preventable catastrophes. Yet many companies continue to ignore its lessons.12 May 2020
The Modern SOC Demands New Skills
Automation and other technologies are improving the organizational structure of the security operations center. This is ultimately for the better, but it means that roles will change too.12 May 2020
Microsoft May 2020 Patch Tuesday fixes 111 vulnerabilities
Third-largest Patch Tuesday in Microsoft's history started rolling out earlier today.12 May 2020