Cybersecurity News


GDPR Compliance Site Leaks Git Data, Passwords

GDPR Compliance Site Leaks Git Data, Passwords Researchers discovered a .git folder exposing passwords and more for a website that gives advice to organizations about complying with the General Data Protection Regulation (GDPR) rules.
27 April 2020

Will the Pandemic Complicate Cyber Insurance Claims?

Will the Pandemic Complicate Cyber Insurance Claims? While quarantined workers are keeping safe at home, they could be jeopardizing your insurance policy.
27 April 2020

Microsoft Patches Dangerous Teams Vulnerability

CyberArk says issue would have allowed attackers to take over Teams accounts using a malicious GIF.
27 April 2020

You can now manage Windows 10 devices through G Suite

G Suite gets a long-awaited feature -- Windows 10 device management.
27 April 2020

Microsoft Advisory Warns of Vulnerabilities Affecting Office

The flaws exist in Autodesk's FBX Software Development Kit, which is supported in Microsoft Office 2019 and Office 365 ProPlus.
27 April 2020

Financial sector is seeing more credential stuffing than DDoS attacks

North American financial institutions and banks are targeted the most, primarily because most leaked credentials are from US services.
27 April 2020

Cloud Services Are the New Critical Infrastructure. Can We Rely on Them?

If cloud services vendors successfully asked themselves these three questions, we'd all be better off.
27 April 2020

Microsoft Teams flaw could let attackers hijack accounts

Microsoft plugs a security hole that could have enabled attackers to weaponize a GIF in order to hijack Teams accounts and steal data

The post Microsoft Teams flaw could let attackers hijack accounts appeared first on WeLiveSecurity

27 April 2020

Shade (Troldesh) ransomware shuts down and releases all decryption keys

The Shade ransomware gang have published more than 750,000 decryption keys on GitHub. Kaspersky is working on a decryption app.
27 April 2020

Hackers Mount Zero-Day Attacks on Sophos Firewalls

Hackers Mount Zero-Day Attacks on Sophos Firewalls A pre-auth SQL injection bug leading to remote code execution is at the heart of a data-stealing campaign against XG firewalls, using the Asnarok trojan.
27 April 2020

U.S. Universities Hit With ‘Adult Dating’ Spear-Phishing Attack

U.S. Universities Hit With ‘Adult Dating’ Spear-Phishing Attack More than 150,000 emails spreading the Hupigon RAT that use adult dating as a lure have been uncovered, with almost half being sent to U.S. university and college email addresses.
27 April 2020

COVID-19 Quarantine: A Unique Learning Opportunity for Defenders

Use these spare moments at home to master new skills that will help protect your organization and enhance your career.
27 April 2020

Israel government tells water treatment companies to change passwords

Israel cyber-security agency reported intrusion attempts last week.
27 April 2020

Eight Common OT / Industrial Firewall Mistakes

Eight Common OT / Industrial Firewall Mistakes Firewalls are easy to misconfigure. While the security consequences of such errors may be acceptable for some firewalls, the accumulated risks of misconfigured firewalls in a defense-in-depth OT network architecture are generally unacceptable.
27 April 2020

Germany pivots from centralized coronavirus tracing app to privacy-protecting alternative

The move will likely be applauded by privacy and civil rights groups.
27 April 2020

Single Malicious GIF Opened Microsoft Teams to Nasty Attack

Single Malicious GIF Opened Microsoft Teams to Nasty Attack Now patched flaw allowed attacker to take over an organization’s entire roster of Microsoft Teams accounts.
27 April 2020

This is how viewing a GIF in Microsoft Teams triggered account hijacking bug

Seeing an animation was enough to be impacted, researchers say.
27 April 2020

Hackers are exploiting a Sophos firewall zero-day

Sophos releases emergency patch to fix SQL injection bug exploited in the wild, impacting its XG Firewall product.
25 April 2020

Health Prognosis on the Security of IoMT Devices? Not Good

As more so-called Internet of Medical Things devices go online, hospitals and medical facilities face significant challenges in securing them from attacks that could endanger patients' lives.
25 April 2020

WHO Confirms Email Credentials Leak

Washington Post had identified the group as one among several whose passwords and emails were dumped online and abused.
24 April 2020