Best Practices to Manage Third-Party Cyber-Risk TodayBold new thinking is needed to solve the rapidly evolving challenge of third-party risk management.
New Magecart Skimmer Infects 19 Victim WebsitesMakeFrame, named for its ability to make iframes for skimming payment data, is attributed to Magecart Group 7.
Emerging MakeFrame Skimmer from Magecart Sets Sights on SMBsAttacks using a brand-new card-harvesting code is targeting small- to medium-sized businesses, claiming 19 sites so far.
Cloudflare debuts 18.104.22.168 for Families, comes under fire for blocking LGBTQIA+ sitesThe company immediately apologized, branding the blocks as a “mistake.”
Vulnerability Researchers Focus on Zoom App's SecurityWith videoconferencing's rise as an essential tool for remote work comes a downside: more security scrutiny, which has turned up a number of security weaknesses.
The internet is now rife with places where you can organize Zoom-bombing raidsZoom-raiding parties are everywhere now — Discord, Reddit, Twitter, hacking forums.
Why isn't the government publishing more data about coronavirus deaths? | Jeni Tennison
Studying the past is futile in an unprecedented crisis. Science is the answer – and open-source information is paramount
• Coronavirus – latest updates
• See all our coronavirus coverage
Wherever we look, there is a demand for data about Covid-19. We devour dashboards, graphs and visualisations. We want to know about the numbers of tests, cases and deaths; how many beds and ventilators are available, how many NHS workers are off sick. When information is missing, we speculate about what the government might be hiding, or fill in the gaps with anecdotes.
Data is a necessary ingredient in day-to-day decision-making – but in this rapidly evolving situation, it’s especially vital. Everything has changed, almost overnight. Demands for food, transport, and energy have been overhauled as more people stop travelling and work from home. Jobs have been lost in some sectors, and workers are desperately needed in others. Historic experience can no longer tell us how our society or economy is working. Past models hold little predictive power in an unprecedented situation. To know what is happening right now, we need up-to-date information.
Related: A public inquiry into the UK's coronavirus response would find a litany of failures | Anthony Costello
Jeni Tennison is technical director of the Open Data Institute.Continue reading...
There's now COVID-19 malware that will wipe your PC and rewrite your MBRSecurity researchers have discovered coronavirus-themed malware created to destroy users' computers.
Attackers Leverage Excel File Encryption to Deliver MalwareTechnique involves saving malicious Excel file as "read-only" and tricking users into opening it, Mimecast says.
Wiper Malware Called “Coronavirus” Spreads Among Windows VictimsLike NotPetya, it overwrites the master boot record to render computers "trashed."
Microsoft is working on mitigating an entire Windows bug classResearcher set out to find 15 new Windows bugs last year. He found 25, and Microsoft already patched 11.
Why All Employees Are Responsible for Company CybersecurityIt's not just the IT and security team's responsibility to keep data safe -- every member of the team needs to be involved.
Coronavirus ‘Financial Relief’ Phishing Attacks SpikeA spate of phishing attacks have promised financial relief due to the coronavirus pandemic - but in reality swiped victims' credentials, payment card data and more.
Critical WordPress Plugin Bug Can Lock Admins Out of WebsitesA second vulnerability could be used to prevent access to almost all of a site’s existing content, by simply redirecting visitors.
Active Directory Attacks Hit the MainstreamUnderstanding the limitations of authentication protocols, especially as enterprises link authentication to cloud services to Active Directory, is essential for security teams in the modern federated enterprise.
Microsoft Alerts Healthcare to Human-Operated RansomwareMicrosoft has notified dozens of hospitals with vulnerable gateway and VPN appliances in their infrastructure, which could put them at risk.
Two Zoom Zero-Day Flaws UncoveredThe zero-day Zoom flaws could give local, unprivileged attackers root privileges, and allow them to access victims’ microphone and camera.
Could Work-From-Home Staff be Violating Privacy Laws During Conference Calls?If you are lucky enough to be able to do your job from home right now, you should be aware of a few key things.
Marriott hacked again, 5.2 million guests affected
Bad actors accessed a range of personally identifiable information, including names, dates of birth and a lot more
The post Marriott hacked again, 5.2 million guests affected appeared first on WeLiveSecurity