Cybersecurity News
Multiple nation-state groups are hacking Microsoft Exchange servers
Government-backed groups are exploiting CVE-2020-0688 to take over Exchange email servers.08 March 2020
A list of security conferences canceled or postponed due to coronavirus concerns
Some conferences have canceled, some have postponed the event, while others have gone virtual.07 March 2020
AMD processors from 2011 to 2019 vulnerable to two new attacks
Academics disclose new Collide+Probe and Load+Reload attacks on AMD CPUs.07 March 2020
U.S. Govt. Makes it Harder to Get .Gov Domains
The federal agency in charge of issuing .gov domain names is enacting new requirements for validating the identity of people requesting them. The additional measures come less than four months after KrebsOnSecurity published research suggesting it was relatively easy for just about anyone to get their very own .gov domain. In November's piece It's Way Too Easy to Get a .gov Domain Name, an anonymous source detailed how he obtained one by impersonating an official at a small town in Rhode Island that didn't already have its own .gov.07 March 2020
Google could have fixed 2FA code-stealing flaw in Authenticator app years ago
Google Authenticator app lets other apps take screenshots of its code. Issue was first reported to Google in October 2014, but it was never addressed.07 March 2020
New Ransomware Variant Developed Entirely as Shellcode
PwndLocker is harder to detect than other crypto-malware, Crypsis Group says.06 March 2020
7 Cloud Attack Techniques You Should Worry About
Security pros detail the common and concerning ways attackers target enterprise cloud environments.06 March 2020
Next-Gen Ransomware Packs a ‘Human’ Punch, Microsoft Warns
Ryuk, DoppelPaymer, Parinacota and other ransomware groups are getting more sophisticated, Microsoft warns.06 March 2020
Next-Gen Ransomware Packs a ‘Human’ Punch, Microsoft Warns
Ryuk, DoppelPaymer, Parinacota and other ransomware groups are getting more sophisticated, Microsoft warns.06 March 2020
Former Acting Inspector General Charged in Federal Fraud Scheme
A federal grand jury has indicted Charles K. Edwards on 16 counts related to a conspiracy to steal software from one department and sell an enhanced version to another.06 March 2020
Out at Sea, With No Way to Navigate: Admiral James Stavridis Talks Cybersecurity
The former Supreme Allied Commander of NATO gives Dark Reading his take on the greatest cyber threats our nation and its businesses face today.06 March 2020
Spread of Coronavirus-Themed Cyberattacks Persists with New Attacks
In cybersecurity circles, the Coronavirus is spurring anxiety over the virtual abuse of the deadly disease by scammers.06 March 2020
Spread of Coronavirus-Themed Cyberattacks Persists with New Attacks
In cybersecurity circles, the Coronavirus is spurring anxiety over the virtual abuse of the deadly disease by scammers.06 March 2020
Siemens Shares Incident Response Playbook for Energy Infrastructure
The playbook simulates a cyberattack on the energy industry to educate regulators, utilities, and IT and OT security experts.06 March 2020
Former DHS official charged with theft of confidential government software, databases
Former DHS Acting Inspector General accused of stealing DHS software in an attempt to make a profit by reselling it back to the US government.06 March 2020
Critical Zoho Zero-Day Flaw Disclosed
A Zoho zero day vulnerability and proof of concept (PoC) exploit code was disclosed on Twitter.06 March 2020
Critical Zoho Zero-Day Flaw Disclosed
A Zoho zero day vulnerability and proof of concept (PoC) exploit code was disclosed on Twitter.06 March 2020
Week in security with Tony Anscombe
ESET research into the Guildma banking trojan – What can you do to stay safe from online fraud – Why become a cybersecurity professional
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
06 March 2020
Securing Our Elections Requires Change in Technology, People & Attitudes
Increasing security around our election process and systems will take a big effort from many different parties. Here's how.06 March 2020
Physical Flaws: Intel's Root-of-Trust Issue Mostly Mitigated
An insider, or security expert with physical access, can compromise the hardware protections of Intel chips sold in the past five years.06 March 2020