Cybersecurity News
Online Shopping Surge Puts Focus on Consumer Security Habits
Companies will have to tread a fine line between delivering security and a frictionless shopping experience, security firms say.18 November 2020
Cisco Webex Vulns Let 'Ghost' Attendees Spy on Meetings
Three vulnerabilities, patched today, could let an attacker snoop on meetings undetected after the host removes them.18 November 2020
Widespread Scans Underway for RCE Bugs in WordPress Websites
WordPress websites using buggy Epsilon Framework themes are being hunted by hackers.
18 November 2020
LAPD Bans Facial Recognition, Citing Privacy Concerns
The department has said no thanks to the Clearview AI platform, after an expose showing that officers had used it 475 times during a trial period alone.
18 November 2020
Starting next year, Chrome extensions will show what data they collect from users
Google will add a "Privacy practices" section on each Chrome extension's Web Store page listing what data they collect from users and what the developer plans to do with it.18 November 2020
Out With the Old Perimeter, in With the New Perimeters
A confluence of trends and events has exploded the whole idea of "the perimeter." Now there are many perimeters, and businesses must adjust accordingly.18 November 2020
Cisco Webex ‘Ghost’ Flaw Opens Meetings to Snooping
Cisco patched the Webex flaw, as well as three critical-severity vulnerabilities, in a slew of security updates on Wednesday.
18 November 2020
Trump Fires CISA Director Chris Krebs
Christopher Krebs was fired via tweet shortly after the Cybersecurity and Infrastructure Security Agency called the 2020 election "the most secure in American history."18 November 2020
Bumble bugs could have exposed personal data of all users
The information at risk of theft due to API flaws included people’s pictures, locations, dating preferences and Facebook data
The post Bumble bugs could have exposed personal data of all users appeared first on WeLiveSecurity
18 November 2020
Google Chrome 87 Closes High-Severity ‘NAT Slipstreaming’ Hole
Overall Google's Chrome 87 release fixed 33 security vulnerabilities.
18 November 2020
As Businesses Move to Multicloud Approach, Ransomware Follows
The average US company uses 16 cloud services, but only a third of IT professional believe their security measures have kept up with the change.18 November 2020
Cisco Webex bugs allow attackers to join meetings as ghost users
Attackers can join Webex meetings as ghost users, and even remain inside rooms after getting kicked.18 November 2020
Liquid crypto-exchange says hacker accessed internal network, stole user data
Liquid admins said the intrusion was detected before any funds were stolen.18 November 2020
Trump Fires Security Chief Christopher Krebs
President Trump on Tuesday fired his top election security official Christopher Krebs (no relation). The dismissal came via Twitter two weeks to the day after Trump lost an election he baselessly claims was stolen by widespread voting fraud.18 November 2020
How to Identify Cobalt Strike on Your Network
Common antivirus systems frequently miss Cobalt Strike, a stealthy threat emulation toolkit admired by red teams and attackers alike.
18 November 2020
Researchers Say They've Developed Fastest Open Source IDS/IPS
With a five-processor core, "Pigasus" delivers the same performance as a system with between 100 and 700 cores, according to a team from Carnegie Mellon University's CyLab.18 November 2020
Firing of CISA Chief Christopher Krebs Widely Condemned
President Trump fired US cybersecurity chief over Twitter Tuesday, an act widely condemned within the cybersecurity community.
18 November 2020
The worst passwords of 2020 show we are just as lazy about security as ever
Can’t we do any better than “123456”?18 November 2020
Amazon Web Services’ new Network Firewall solution rolls out
The firewall solution is aimed at securing virtual networks and AWS workloads.18 November 2020
Hacking group exploits ZeroLogon in automotive, industrial attack wave
A massive campaign is underway around the globe, with automotive, pharmaceutical and engineering entities top targets.18 November 2020