Cybersecurity News


Flaws in Privileged Management Apps Expose Machines to Attack

The Intel Support Assistant is the latest Windows utility to be found that could expose millions of computers to privilege-escalation attacks through file manipulation and symbolic links.
10 November 2020

Malware Hidden in Encrypted Traffic Surges Amid Pandemic

Zscaler says attacks involving the use of SSL/TLS encryption jumped 260% in the first nine months of 2020 compared to the same period last year.
10 November 2020

Claroty Details Vulnerabilities in Schneider PLCs

The vulnerabilities in a common line of programmable logic controllers could allow attackers to gain control of industrial equipment.
10 November 2020

Microsoft Patches Windows Kernel Flaw Under Active Attack

This month's Patch Tuesday addressed a Windows zero-day in a release of 112 vulnerabilities, 17 of which are critical.
10 November 2020

Microsoft Patch Tuesday Update Fixes 17 Critical Bugs

Microsoft Patch Tuesday Update Fixes 17 Critical Bugs Remote code execution vulnerabilities dominate this month’s security bulletin of warnings and patches.
10 November 2020

Colossal Intel Update Anchored by Critical Privilege-Escalation Bugs

Colossal Intel Update Anchored by Critical Privilege-Escalation Bugs Intel released 40 security advisories in total, addressing critical- and high-severity flaws across its Active Management Technology, Wireless Bluetooth and NUC products.
10 November 2020

Scalper-Bots Shake Down Desperate PS5, Xbox Series X Shoppers

Scalper-Bots Shake Down Desperate PS5, Xbox Series X Shoppers Retail bots are helping scalpers scoop up PS5, Xbox Series X inventory and charge massive markups.
10 November 2020

Cloud Usage, Biometrics Surge As Remote Work Grows Permanent

A new report reveals organizations are increasing their adoption of biometric authentication and disallowing SMS as a login method.
10 November 2020

Overlooked Security Risks of the M&A Rebound

Successful technology integration, post-merger, is tricky in any market, and never more so than with today's remote work environments and distributed IT infrastructure.
10 November 2020

Microsoft November 2020 Patch Tuesday arrives with fix for Windows zero-day

The Microsoft November 2020 Patch Tuesday fixes 112 vulnerabilities, 24 of which are remote code execution (RCE) bugs.
10 November 2020

New Platypus attack can steal data from Intel CPUs

Intel has released microcode updates today to prevent attackers from abusing the Intel RAPL mechanism to steal sensitive data from its CPUs.
10 November 2020

Apple to Deliver ‘Privacy Labels’ for Apps, Revealing Data-Sharing Details

Apple to Deliver ‘Privacy Labels’ for Apps, Revealing Data-Sharing Details Developers will have to reveal how data is shared with any “third-party partners,” which include analytics tools, advertising networks, third-party SDKs or other external vendors.
10 November 2020

Ransomware Group Turns to Facebook Ads

It's bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up.
10 November 2020

Data on millions of hotel guests exposed in cloud storage leak

The cache of data sitting wide open on a server included full names, national ID numbers and credit card data

The post Data on millions of hotel guests exposed in cloud storage leak appeared first on WeLiveSecurity

10 November 2020

The Double-Edged Sword of Cybersecurity Insurance

The Double-Edged Sword of Cybersecurity Insurance With ransomware on the rise, more organizations are opting to purchase cyber insurance -- tipping off criminals about how much to demand for access back to pilfered systems and data.
10 November 2020

Ghimob Android Banking Trojan Targets 153 Mobile Apps

Ghimob Android Banking Trojan Targets 153 Mobile Apps A banking trojan is targeting mobile app users in Brazil - and researchers warn that its operator has big plans to expand abroad.
10 November 2020

How Hackers Blend Attack Methods to Bypass MFA

Protecting mobile apps requires a multilayered approach with a mix of cybersecurity measures to counter various attacks at different layers.
10 November 2020

Microsoft Teams Users Under Attack in ‘FakeUpdates’ Malware Campaign

Microsoft Teams Users Under Attack in ‘FakeUpdates’ Malware Campaign Microsoft warns that cybercriminals are using Cobalt Strike to infect entire networks beyond the infection point, according to a report.
10 November 2020

Critical privilege escalation bugs squashed in WordPress Ultimate Member plugin

The vulnerabilities impacted roughly 100,000 websites.
10 November 2020

Chrome to block tab-nabbing attacks

Firefox and Safari are already blocking these types of web attacks
10 November 2020