Cybersecurity News
10 billion records exposed in unsecured databases, study says
The databases contain personal information that could be used for phishing attacks and identity theft schemes
The post 10 billion records exposed in unsecured databases, study says appeared first on WeLiveSecurity
30 July 2020
Is Your Chip Card Secure? Much Depends on Where You Bank
Chip-based credit and debit cards are designed to make it infeasible for skimming devices or malware to clone your card when you pay for something by dipping the chip instead of swiping the stripe. But a recent series of malware attacks on U.S.-based merchants suggest thieves are exploiting weaknesses in how certain financial institutions have implemented the technology to sidestep key chip card security features and effectively create usable, counterfeit cards.30 July 2020
Multiple Tor security issues disclosed, more to come
A security researcher has published details about two Tor security issues and promises to release three more.30 July 2020
Two Tor zero-days disclosed, more to come
A security researcher has published details about two Tor zero-days and promises to release three more.30 July 2020
Critical, High-Severity Cisco Flaws Fixed in Data Center Network Manager
The flaw could allow a remote, unauthenticated attacker to bypass authentication on vulnerable devices.
30 July 2020
Using the Attack Cycle to Up Your Security Game
Like the universe, the attack surface is always expanding. Here's how to keep up and even get ahead.
30 July 2020
Vermont Taxpayers Warned of Data Leak Over the Past Three Years
A vulnerability in the state’s system may have exposed personal data that can be used for credential theft for those who filed Property Transfer Tax returns online.
30 July 2020
US prosecutors seek years in prison for Uber self-driving exec who stole Google trade secrets
Anthony Levandowski pleaded guilty and has recently filed for bankruptcy.30 July 2020
Thunderspy attacks: What they are, who’s at greatest risk and how to stay safe
All you need to know about preventing adversaries from exploiting the recently disclosed vulnerabilities in the Thunderbolt interface
The post Thunderspy attacks: What they are, who’s at greatest risk and how to stay safe appeared first on WeLiveSecurity
30 July 2020
US defense and aerospace sectors targeted in new wave of North Korean attacks
Cyber-security firm McAfee publishes details about "Operation North Star."30 July 2020
11 Security Tools to Expect at the Black Hat USA 2020 Arsenal Virtual Event
More than 130 security researchers and developers are ready to showcase their work.
29 July 2020
Average Cost of a Data Breach: $3.86 Million
New IBM study shows that security system complexity and cloud migration can amplify breach costs.29 July 2020
'BootHole' Vulnerability Exposes Secure Boot Devices to Attack
A flaw in the GRUB2 bootloader affects most Linux devices and some Windows computers using UEFI Secure Boot.29 July 2020
Critical Magento Flaws Allow Code Execution
Adobe has released patches for critical and important-severity flaws in its popular Magento e-commerce platform.
29 July 2020
Security Flaws Discovered in OKCupid Dating Service
Researchers identified a variety of vulnerabilities in apps and websites for the popular online dating platform.29 July 2020
Billions of Devices Impacted by Secure Boot Bypass
The "BootHole" bug could allow cyberattackers to load malware, steal information and move laterally into corporate, OT ,IoT and home networks.
29 July 2020
Here’s Why Credit Card Fraud is Still a Thing
Most of the civilized world years ago shifted to requiring computer chips in payment cards that make it far more expensive and difficult for thieves to clone and use them for fraud. One notable exception is the United States, which is still lurching toward this goal. Here's a look at the havoc that lag has wrought, as seen through the purchasing patterns at one of the underground's biggest stolen card shops that was hacked last year.29 July 2020
70,000+ WordPress Sites Affected by Critical Plug-in Flaw
A vulnerability in the wpDiscuz plug-in could let attackers remotely execute code on the servers of affected websites.29 July 2020
Dark Reading Video News Desk Returns to Black Hat
Coming to you prerecorded from in front of carefully arranged bookcases around the world ...!29 July 2020
Critical Bugs in Utilities VPNs Could Cause Physical Damage
Gear from Secomea, Moxa and HMS Networks are affected by remote code-execution flaws, researchers warn.
29 July 2020