Cybersecurity News


Azure Red Flag: Microsoft Accidentally Fixes Cloud Config ‘Bug’

Azure Red Flag: Microsoft Accidentally Fixes Cloud Config ‘Bug’ Researchers detail a misconfiguration in Microsoft’s Azure cloud platform that could have given hackers carte blanche access to a targeted company's cloud services.
18 March 2020

Process Injection Tops Attacker Techniques for 2019

Attackers commonly use remote administration and network management tools for lateral movement, a new pool of threat data shows.
18 March 2020

500,000 Documents Exposed in Open S3 Bucket Incident

The open database exposed highly sensitive financial and business documents related to two financial organizations.
18 March 2020

Trend Micro Fixes Critical Flaws Under Attack

Trend Micro Fixes Critical Flaws Under Attack Fixes are now available for five critical and high-severity Trend Micro flaws, two of which are being actively targeted by attackers.
18 March 2020

Facebook Got Tagged, but not Hard Enough

Ensuring that our valuable biometric information is protected is worth more than a $550 million settlement.
18 March 2020

TrickBot Trojan Adds RDP Brute-Forcing to Its Arsenal

TrickBot Trojan Adds RDP Brute-Forcing to Its Arsenal A fresh module aims to compromise remote desktop accounts to access corporate resources.
18 March 2020

Thousands of COVID-19 scam and malware sites are being created on a daily basis

Malware authors and fraudsters aren't letting a tragedy go to waste.
18 March 2020

Trend Micro Patches Two Zero-Days Under Attack

Businesses are urged to update the Apex One and OfficeScan XG enterprise security products as soon as possible.
18 March 2020

Work from home: How to set up a VPN

As the COVID-19 pandemic has many organizations switching employees to remote work, a virtual private network is essential for countering the increased security risks

The post Work from home: How to set up a VPN appeared first on WeLiveSecurity

18 March 2020

COVID-19: With everyone working from home, VPN security has now become paramount

DHS, SANS, NJCCIC, and Radware warn companies about securing enterprise VPN servers in the midst of the coronavirus outbreak and when a vast majority of employees are working from home.
18 March 2020

What the Battle of Britain Can Teach Us About Cybersecurity's Human Element

During WWII, the British leveraged both technology and human intelligence to help win the war. Security leaders must learn the lessons of history and consider how the human element can make their machine-based systems more effective.
18 March 2020

Adobe Discloses Dozens of Critical Photoshop, Acrobat Reader Flaws

Adobe Discloses Dozens of Critical Photoshop, Acrobat Reader Flaws An out-of-band Adobe security update addressed critical flaws in Photoshop, Acrobat Reader and other products.
18 March 2020

Authorities Eye Using Mobile Phone Tracking COVID-19’s Spread

Authorities Eye Using Mobile Phone Tracking COVID-19’s Spread Privacy advocates advise caution when tracking the movements of patients or those infected with the new coronavirus, as an effort to minimize the pandemic’s effect.
18 March 2020

Skimming code battle on NutriBullet website may have risked customer credit card data

The cat-and-mouse game between skimmer installation and removal carried on for weeks.
18 March 2020

Google APP users won't be allowed to install apps from outside the Play Store

Some exceptions exist, but Google users enrolled in the Advanced Protection Program won't be able to install Android apps from third-party apps stores anymore.
18 March 2020

VMware patches privilege escalation vulnerability in Fusion, Horizon

Exploits to root systems with Fusion, VMRC or Horizon Client installations were possible.
18 March 2020

Was your Facebook post on the coronavirus deleted? This is why

Anti-spam issues prompted accusations of censorship.
18 March 2020

Magecart Cyberattack Targets NutriBullet Website

Magecart Cyberattack Targets NutriBullet Website Researchers warn that a Magecart group has set up skimmers on the blender manufacturer's website, in hopes of stealing customer payment-card data.
18 March 2020

Two Trend Micro zero-days exploited in the wild by hackers

Patches for both zero-days were released on Monday, along with fixes for three other similarly critical vulnerabilities.
17 March 2020

Coronavirus Widens the Money Mule Pool

With many people being laid off or working from home thanks to the Coronavirus pandemic, cybercrooks are almost certain to have more than their usual share of recruitable "money mules" -- people who get roped into money laundering schemes under the pretense of a work-at-home job offer. Here's the story of one upstart mule factory that spoofs a major nonprofit and tells new employees they'll be collecting and transmitting donations for an international "Coronavirus Relief Fund."
17 March 2020