Cybersecurity News
Microsoft Patch Tuesday, April 2020 Edition
Microsoft today released updates to fix 113 security vulnerabilities in its various Windows operating systems and related software. Those include at least three flaws that are actively being exploited, as well as two others which were publicly detailed prior to today, potentially giving attackers a head start in figuring out how to exploit the bugs.14 April 2020
Microsoft opens AccountGuard to healthcare providers on the COVID-19 front lines
Microsoft says the service will remain free for all healthcare organizations "until the COVID-19 pandemic subsides."14 April 2020
Will Gentler HIPAA Rules on Telehealth Now Protect Us From Breach Litigation Later?
To enable medical care while encouraging social distancing during the COVID-19 pandemic, the Department of Health and Human Services temporarily loosened up on some of its HIPAA noncompliance enforcement on telehealth. But what happens if there's a PHI slip-up?
14 April 2020
Microsoft Patches 113 Bugs, 3 Under Active Attack
Microsoft has seen a 44% jump in the number of CVEs fixed between January and April 2020 compared with the same period in 2019.14 April 2020
Insecure Home Office Networks Heighten Work-at-Home Risks
Nearly one in two organizations has one or more devices accessing its corporate network from a home network with at least one malware infection, BitSight says.14 April 2020
April Patch Tuesday: Microsoft Battles 4 Bugs Under Active Exploit
Microsoft issued 113 patches in a big update, unfortunately for IT staff already straining under WFH security concerns.
14 April 2020
TikTok Vulnerability Leaves Users Open to Fake News
A vulnerability in the way TikTok requests and receives video content could leave users streaming video from bogus servers.14 April 2020
Microsoft April 2020 Patch Tuesday comes with fixes for four zero-days
Microsoft fixes another 113 bugs this month after patching a whopping 115 last month.14 April 2020
Microsoft April 2020 Patch Tuesday comes with fixes for three zero-days
Microsoft fixes another 113 bugs this month after patching a whopping 115 last month.14 April 2020
Adobe Fixes ‘Important’ Flaws in ColdFusion, After Effects and Digital Editions
While Adobe's regularly scheduled security updates were light this month, they fixed "important" severity vulnerabilities.
14 April 2020
Exclusive: Google removes 49 Chrome extensions caught stealing crypto-wallet keys
The Chrome extensions were mimicking cryptocurrency wallet apps like Ledger, MyEtherWallet, Trezor, Electrum, and others, but, in reality, they were stealing users' private keys and mnemonic phrases.14 April 2020
How Company Cultures Dictated Work-from-Home Readiness
Companies large and small are discovering just how prepared they were for all employees to work remotely14 April 2020
TA505 Crime Gang Deploys SDBbot for Corporate Network Takeover
The custom RAT offers persistent access, data exfiltration and lateral network movement.
14 April 2020
Apple Is Top Pick for Brand Phishing Attempts
Ten percent of all brand phishing attempts in the first quarter of 2020 tried to deceive victims by imitating the Apple brand.14 April 2020
Cyberattacks Target Healthcare Orgs on Coronavirus Frontlines
Cybercriminals aren't sparing medical professionals, hospitals and healthcare orgs on the frontlines of the coronavirus pandemic when it comes to cyberattacks, ransomware attacks and malware.
14 April 2020
Americans report US$13 million in losses from coronavirus scams
The median loss to fraudulent schemes that exploit the global health crisis is almost US$600
The post Americans report US$13 million in losses from coronavirus scams appeared first on WeLiveSecurity
14 April 2020
You're One Misconfiguration Away from a Cloud-Based Data Breach
Don't assume that cyberattacks are all you have to worry about. Misconfigurations should also be a top cause of concern.14 April 2020
Russian state hackers behind San Francisco airport hack
ESET says a Russian hacker group known as Energetic Bear (DragonFly) is behind a hack of two of the airport's websites.14 April 2020
Web Pioneers Launch Identity Startup That Ditches Passwords
Legendary founders of Netscape and @Home Network roll out a new cloud-based identity management firm that makes the user his or her own certificate authority.14 April 2020
Safe Remote Access to Critical Infrastructure Networks in a Time of Global Crisis
As operators struggle to balance the recommendations of social distancing with the need to keep vital services functioning, there is no getting around the fact that conventional remote connections into industrial control networks are a very bad idea.
14 April 2020