Cybersecurity News


Hacker group uses Solaris zero-day to breach corporate networks

The zero-day appears to have been bought off a black-market website for $3,000.
02 November 2020

Russian National Sentenced to 8 Years in Prison for Role in Botnet Operation

Cybercrime scheme netted more than $100 million.
02 November 2020

$100M Botnet Scheme Lands Cybercriminal 8 Years in Jail

$100M Botnet Scheme Lands Cybercriminal 8 Years in Jail Aleksandr Brovko faces jail time after stealing $100 million worth of personal identifiable information (PII) and financial data over the course of more than 10 years.
02 November 2020

Survey: Cybersecurity Skills Shortage is ‘Bad,’ But There’s Hope

Survey: Cybersecurity Skills Shortage is ‘Bad,’ But There’s Hope Automation, strategic process design and an investment in training are the keys to managing the cybersecurity skills gap, according to a recent survey from Trustwave.
02 November 2020

Malicious npm package opens backdoors on programmers' computers

JavaScript library posing as a Twilio-related library opens backdoors to let attackers access infected workstations.
02 November 2020

Windows Zero-Day Used with Chrome Flaw in Targeted Attacks

Google's Project Zero has disclosed a Windows kernel zero-day vulnerability being used with a known Chrome bug in targeted attacks.
02 November 2020

WordPress Pushes Out Multiple Flawed Security Updates

WordPress Pushes Out Multiple Flawed Security Updates WordPress bungles critical security 5.5.2 fix and saves face next day with 5.5.3 update.
02 November 2020

Texas Gold-Dealer Mined for Payment Details in Months-Long Data Breach

Texas Gold-Dealer Mined for Payment Details in Months-Long Data Breach JM Bullion fell victim to a payment-card skimmer, which was in place for five months.
02 November 2020

Google discloses Windows zero‑day bug exploited in the wild

The security hole isn’t expected to be plugged until the forthcoming Patch Tuesday bundle of security fixes

The post Google discloses Windows zero‑day bug exploited in the wild appeared first on WeLiveSecurity

02 November 2020

Scammers Abuse Google Drive to Send Malicious Links

Scammers Abuse Google Drive to Send Malicious Links Cybercriminals are sending malicious links to hundreds of thousands of users via Google Drive notifications.
02 November 2020

Fraud Prevention Strategies to Prepare for the Future

While companies have largely adjusted to the new normal for security management, here are some tips for combatting fraud, post-COVID.
02 November 2020

Unpatched Windows Zero-Day Exploited in the Wild for Sandbox Escape

Unpatched Windows Zero-Day Exploited in the Wild for Sandbox Escape Google Project Zero disclosed the bug before a patch becomes available from Microsoft.
02 November 2020

How Can I Help Remote Workers Secure Their Home Routers?

How Can I Help Remote Workers Secure Their Home Routers? The most effective way is with employee security education.
02 November 2020

As Businesses Go Remote, Hackers Find New Security Gaps

Improper access control, information disclosure, and SSRF are among the most impactful, and most awarded, security flaws found this year.
02 November 2020

Marriott fined £18.4 million by UK watchdog over customer data breach

The fine has been slashed from over £99 million originally proposed In light of the pandemic.
02 November 2020

CERT/CC launches Twitter bot to give security bugs random names

CERT/CC attempts to reduce the use of sensationalized vulnerability names that needlessly scare software users.
02 November 2020

US Cyber Command exposes new Russian malware

Together with CISA and the FBI, US Cyber Command wish Russian state hackers a "Happy Halloween!"
01 November 2020

Chrome will soon have its own dedicated certificate root store

Currently, Chrome uses the certificate root store part of each operating system. Google plans to manage its own list of "approved" certificates from now on, similar to Firefox.
31 October 2020

Rising Ransomware Breaches Underscore Cybersecurity Failures

Ransomware's continued success speaks volumes about what's at stake for businesses and people, and, perhaps, the cybersecurity industry's inability to adapt quickly enough to protect everyone.
31 October 2020

Crippling Cyberattacks, Disinformation Top Concerns for Election Day

Crippling Cyberattacks, Disinformation Top Concerns for Election Day Cyber-researchers weigh in on what concerns them the most as the U.S. heads into the final weekend before the presidential election -- and they also highlight the positives.
30 October 2020