Cybersecurity News


Mozilla patches Firefox zero-day reported by Qihoo 360

Chinese security firm claims there's also an accompanying Internet Explorer zero-day.
08 January 2020

Google's Project Zero Policy Change Mandates 90-Day Disclosure

The updated disclosure policy aims to achieve more thorough and improved patch development, Google reports.
08 January 2020

Man Sentenced in ATM Skimming Conspiracy

Man Sentenced in ATM Skimming Conspiracy A Romanian national has been sentenced to 5 years in prison after racking up almost $400,000 in an ATM skimming scheme.
08 January 2020

Google Ditches Patch-Time Bug Disclosure in Favor of 90-Day Policy

Google Ditches Patch-Time Bug Disclosure in Favor of 90-Day Policy Project Zero vulnerability disclosures will now happen at 90 days, even if a patch becomes available before then.
08 January 2020

CES – Taking a smart city for a test drive

No one has a road map for securing a connected city – but there should be a whole atlas of such maps

The post CES – Taking a smart city for a test drive appeared first on WeLiveSecurity

08 January 2020

CES – Taking a smart city for a test drive

No one has a road map for securing a connected city – but there should be a whole atlas of such maps

The post CES – Taking a smart city for a test drive appeared first on WeLiveSecurity

08 January 2020

In App Development, Does No-Code Mean No Security?

In App Development, Does No-Code Mean No Security? No-code and low-code development platforms are part of application development, but there are keys to making sure that they don't leave security behind with traditional coding.
08 January 2020

TikTok Bugs Put Users' Videos, Personal Data At Risk

Researchers found it was possible to spoof SMS messages from TikTok and exploit an API flaw that could grant access to users' personal data.
08 January 2020

The "Art of Cloud War" for Business-Critical Data

How business executives' best intentions may be negatively affecting security and risk mitigation strategies -- and exposing weaknesses in organizational defenses.
08 January 2020

Telegram opens lid on TON project amid SEC spat: ‘Grams won’t help you get rich’

No cryptocurrency wallet will be integrated with Telegram Messenger either -- at least, not yet.
08 January 2020

ATM skimmer sentenced for fleecing $400,000 out of US banks

ATM users had their cards read and bank accounts pillaged.
08 January 2020

Naive IoT botnet wastes its time mining cryptocurrency

Operators of LiquorBot botnet waste their time trying to mine Monero on hacked SOHO routers.
08 January 2020

Mobile Apps

Only install mobile apps from trusted places, and always double-check the privacy settings to ensure you are not giving away too much information.
08 January 2020

Signal app will support 'view-once' images and videos

Support for ephemeral multimedia messages to arrive in Signal within weeks.
07 January 2020

Google Chrome to hide notification spam starting February 2020

Chrome 80, scheduled for release in February 2020, will block notification popups by default.
07 January 2020

Tricky Phish Angles for Persistence, Not Passwords

Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user's data stored in the cloud without actually stealing the account password. The phishing lure starts with a link that leads to the real login page for a cloud email and/or file storage service. Anyone who takes the bait will inadvertently forward a digital token to the attackers that gives them indefinite access to the victim's email, files and contacts -- even after the victim has changed their password.
07 January 2020

Facebook bans deepfakes but not all altered content

Footage defined as parody or satire will be permitted, as the social network isn’t slamming the door on all types of manipulated media

The post Facebook bans deepfakes but not all altered content appeared first on WeLiveSecurity

07 January 2020

Facebook bans deepfakes but not all altered content

Footage defined as parody or satire will be permitted, as the social network isn’t slamming the door on all types of manipulated media

The post Facebook bans deepfakes but not all altered content appeared first on WeLiveSecurity

07 January 2020

Don't Trust Links Sent in Email Messages

A common method cyber criminals use to hack into people's computers is to send them emails with malicious links. People are tricked into opening these links because they appear to come from someone or something they know and trust. If you click on a link, you may be taken to a site that attempts to harvest your information or tries to hack into your computer. Only click on links that you were expecting. Not sure about an email? Call the person to confirm they sent it.
07 January 2020

The Hidden Cost of Ransomware: Wholesale Password Theft

Organizations in the throes of cleaning up after a ransomware outbreak typically will change passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network. But all too often, ransomware victims fail to grasp that the crooks behind these attacks can and frequently do siphon every single password stored on each infected endpoint. The result of this oversight may offer attackers a way back into the affected organization, access to financial and healthcare accounts, or -- worse yet -- key tools for attacking the victim's various business partners and clients.
06 January 2020