Cybersecurity News


The SOC Emergency Room Faces Malware Pandemic

To keep users and networks healthy and secure, security teams need to mimic countries that have taken on COVID-19 with a rapid, disciplined approach.
01 April 2020

LimeRAT malware is being spread through VelvetSweatshop Excel encryption technique

The old tactic is proving fruitful in a new campaign.
01 April 2020

Top Email Protections Fail in Latest COVID-19 Phishing Campaign

Top Email Protections Fail in Latest COVID-19 Phishing Campaign An effective spoofing campaign promises users important information about new coronavirus cases in their local area, scooting past Proofpoint and Microsoft Office 356 ATPs.
01 April 2020

Major Cloud, CDN Providers Join Secure Routing Initiative

Akamai, AWS, Azion, Cloudflare, Facebook, and Netflix are now members of the Mutually Agreed Norms for Routing Security (MANRS) effort.
01 April 2020

A crypto-mining botnet has been hijacking MSSQL servers for almost two years

Vollgar botnet launches brute-force attacks against MSSQL databases to take over servers and install Monero and Vollar cryptocurrency miners.
01 April 2020

Morrisons not liable for massive staff data leak, court rules

Morrisons not liable for massive staff data leak, court rules

UK supreme court says retailer not to blame for actions of employee with grudge

The UK’s highest court has ruled that Morrisons should not be held liable for the criminal act of an employee with a grudge who leaked the payroll data of about 100,000 members of staff.

The supermarket group brought a supreme court challenge in an attempt to overturn previous judgments which gave the go-ahead for compensation claims by thousands of employees whose personal details were posted on the internet.

Continue reading...
01 April 2020

Coronavirus con artists continue to spread infections of their own

The scam machine shows no signs of slowing down, as fraudsters dispense bogus health advice, peddle fake testing kits and issue malware-laced purchase orders

The post Coronavirus con artists continue to spread infections of their own appeared first on WeLiveSecurity

01 April 2020

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others

A spear-phishing attack this week hooked a customer service employee at GoDaddy.com, the world's largest domain name registrar, KrebsOnSecurity has learned. The incident gave the phisher the ability to view and modify key customer records, access that was used to briefly hijack domains for a half-dozen GoDaddy customers, including transaction brokering site escrow.com.
31 March 2020

Defense Evasion Dominated 2019 Attack Tactics

Researchers mapped tactics and techniques to the MITRE ATT&CK framework to determine which were most popular last year.
31 March 2020

Watering-Holes Target Asian Ethnic Victims with Flash Update Decoy

Watering-Holes Target Asian Ethnic Victims with Flash Update Decoy About 10 compromised websites employ a multi-stage, targeted effort to fingerprint and compromise victims.
31 March 2020

FCC tells US telcos to implement caller ID authentication by June 30, 2021

FCC says all US telcos must use the new SHAKEN/STIR protocol to support caller ID authentication by June, next year.
31 March 2020

Researchers Uncover Unsophisticated - But Creative - Watering-Hole Attack

Holy Water campaign is targeting users of a specific religious and ethnic group in Asia, Kaspersky says.
31 March 2020

Marriott discloses new data breach impacting 5.2 million hotel guests

Marriott says a hacker gained access to the accounts of two employees.
31 March 2020

COVID-19: Latest Security News & Commentary

COVID-19: Latest Security News & Commentary Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
31 March 2020

Why Third-Party Risk Management Has Never Been More Important

Given today's coronavirus pandemic, the need for companies to collect cybersecurity data about their business partners is more critical than ever. Here's how to start.
31 March 2020

Latest Security News & Commentary about COVID-19

Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
31 March 2020

Data from 5.2M Marriott Loyalty Program Members Hit by Breach

The data was breached through the credentials of two franchisee employees.
31 March 2020

Patching Poses Security Problems with Move to More Remote Work

Security teams were not ready for the wholesale move to remote work and the sudden expansion of the attack surface area, experts say.
31 March 2020

Zoom Scrutinized As Security Woes Mount

Zoom Scrutinized As Security Woes Mount The New York Attorney General has inquired about Zoom's data security strategy, as the conferencing platform comes under heavy scrutiny for its privacy policies.
31 March 2020

8-Year-Old VelvetSweatshop Bug Resurrected in LimeRAT Campaign

8-Year-Old VelvetSweatshop Bug Resurrected in LimeRAT Campaign An old RAT learns an old trick.
31 March 2020