Cybersecurity News
Email bungle at company seeking jobkeeper payments exposes staff's personal details
Names, addresses and birthdates of more than 100 people shared in privacy breach
The company responsible for delivering traffic reports on radio and TV stations across Australia accidentally sent out the dates of birth, names and home addresses of more than 100 current and former staff to potentially thousands of people as the company seeks to apply for the jobkeeper payments.
Australian Traffic Network provides short traffic report updates during news bulletins to 80 radio and television stations, including the ABC, Seven, Nine, 10, 2GB and Triple M.
Related: As Australia takes on Google and Facebook over news content, the world is watching | Margaret Simons
Continue reading...Valve says it's safe to play CS:GO and TF2 after source code leaked online
Old 2017 source code for Counter-Strike: Global Offensive and Team Fortress 2 leaked online today on 4chan.Attackers Prefer Ransomware to Stealing Data
Financial data is still in demand, but ransomware becomes the most popular way to try to cash in from compromised companies, according to Trustwave.IBM Cloud Data Shield Brings Confidential Computing to Public Cloud
The Cloud Data Shield relies on confidential computing, which protects data while it's in use by enterprise applications.Fast-Moving DDoS Botnet Exploits Unpatched ZyXel RCE Bug
The rapidly evolving Hoaxcalls botnet is exploiting an unpatched vulnerability in the ZyXEL Cloud CNM SecuManager in a bid to widen its spread.
Apple iOS Zero-Day Vulnerabilities Exploited in Targeted Attacks
One of the flaws is remotely exploitable with no user interaction needed, ZecOps says.NSA Issues Guidance for Combating Web Shell Malware
The US intelligence agency teamed up with Australian Signals Directorate in newly released information on how to protect Web servers from the malware.5 Ways to Prove Security's Worth in the Age of COVID-19
Tightened budgets are placing jobs at risk, but security pros say they're armed with ways to demonstrate that what they're doing merits keeping them employed.
11 Tips for Protecting Active Directory While Working from Home
To improve the security of your corporate's network, protect the remote use of AD credentials.Security researcher identifies new APT group mentioned in 2017 Shadow Brokers leak
Shadow Brokers data dump yields another one of its secretsLearning From the Honeypot: A Researcher and a Duplicitous Docker Image
When Larry Cashdollar set up a honeypot in a Docker image, he found behavior that was more enlightening than he had imagined.
Apple Patches Two iOS Zero-Days Abused for Years
Researchers revealed two zero-day security vulnerabilities affecting Apple's stock Mail app on iOS devices.
Connected Home Hubs Open Houses to Full Remote Takeover
Users should update their firmware for three popular smart-home hubs.
Making the Case for Process Documentation in Cyber Threat Intel
Standard language and processes, not to mention more efficient dissemination of findings and alerts all make documenting your security processes a mustLA County Hit with DoppelPaymer Ransomware Attack
The DoppelPaymer ransomware group is claiming that it launched a cyberattack against Torrance - and is now leaking the LA city's data online.
Apple investigating report of a new iOS exploit being used in the wild
Cyber-security firm ZecOps said today it detected attacks against high-profile targets using a new iOS email exploit.Updated Guidance: Responding to a Data Breach
PCI Security Standards Council recently updated the guidance document: Responding to a Cardholder Data Breach. This guide is intended to help merchants and service providers with incident response preparation. This guide also describes how and when a Payment Card Industry Forensic Investigator (PFI) should be engaged to assist.
Microsoft Issues Out-Of-Band Security Update For Office, Paint 3D
The flaws exist in Autodesk's FBX library, integrated in Microsoft's Office, Office 365 ProPlus and Paint 3D applications.