Cybersecurity News
The Y2K Boomerang: InfoSec Lessons Learned from a New Date-Fix Problem
We all make assumptions. They rarely turn out well. A new/old date problem offers a lesson in why that's so.
20 January 2020
Mitsubishi Electric discloses security breach, China is main suspect
Mitsubishi Electric says hackers did not obtain sensitive information about defense contracts.20 January 2020
Betting companies given access to UK gov't information on millions of children
Reports suggest a government database was misused for age verification purposes.20 January 2020
Citrix rolls out patches for critical ADC vulnerability exploited in the wild
Citrix is racing to develop patches for software builds vulnerable to the severe bug.20 January 2020
LastPass is in the midst of a major outage
LastPass issue appears to impact users with accounts dating back to 2014 and earlier.20 January 2020
Secure Your Home Wi-Fi Network
Be aware of all the devices connected to your home network, including baby monitors, gaming consoles, TVs, appliances or even your car. Ensure all those devices are protected by a strong password and/or are running the latest version of their operating system.20 January 2020
Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices
The list was shared by the operator of a DDoS booter service.19 January 2020
Microsoft warns about Internet Explorer zero-day, but no patch yet
IE zero-day connected to last week's Firefox zero-day.17 January 2020
New JhoneRAT Malware Targets Middle East
Researchers say that JhoneRAT has various anti-detection techniques - including making use of Google Drive, Google Forms and Twitter.
17 January 2020
Feds Cut Off Access to Billions of Breached Records with Site Takedown
The WeLeakInfo "data breach notification" domain is no more.
17 January 2020
Mobile Carrier Customer Service Ushers in SIM-Swap Fraud
Weak challenge questions by customer service reps make it easy for fraudsters to hijack a phone line and bypass 2FA to breach accounts.
17 January 2020
Visa's plan against Magecart attacks: Devalue and disrupt
Visa is actively going after Magecart groups, but also deploying new technologies to safeguard payment card data.17 January 2020
Threatpost Poll: Are Published PoC Exploits a Good or Bad Idea?
Are publicly released proof-of-concept exploits more helpful for system defenders -- or bad actors?
17 January 2020
News Wrap: PoC Exploits, Cable Haunt and Joker Malware
Are publicly-released PoC exploits good or bad? Why is the Joker malware giving Google a headache? The Threatpost team discusses all this and more in this week's news wrap.
17 January 2020
Mobile Banking Malware Up 50% in First Half of 2019
A new report from Check Point recaps the cybercrime trends, statistics, and vulnerabilities that defined the security landscape in 2019.17 January 2020
FBI Seizes Domain That Sold Info Stolen in Data Breaches
The website, WeLeakData.com, claimed to have more than 12 billion records gathered from over 10,000 breaches.17 January 2020
FBI Plans to Inform States of Election Breaches
The agency changed its policy to provide more timely and actionable information to state and local election officials in the case of a cybersecurity breach to election infrastructure.
17 January 2020
7 Ways to Get the Most Out of a Penetration Test
You'll get the best results when you're clear on what you want to accomplish from a pen test.
17 January 2020
ADP Users Hit with Phishing Scam Ahead of Tax Season
Fraudulent emails tell recipients their W-2 forms are ready and prompt them to click malicious links.17 January 2020
Massive Oracle Patch Reverses Company's Trend Toward Fewer Flaws
Following a year that saw the fewest number of vulnerabilities reported since 2015, Oracle's latest quarterly patch fixes nearly 200 new vulnerabilities.17 January 2020