Cybersecurity News
Hacker group uses Solaris zero-day to breach corporate networks
The zero-day appears to have been bought off a black-market website for $3,000.02 November 2020
Russian National Sentenced to 8 Years in Prison for Role in Botnet Operation
Cybercrime scheme netted more than $100 million.02 November 2020
$100M Botnet Scheme Lands Cybercriminal 8 Years in Jail
Aleksandr Brovko faces jail time after stealing $100 million worth of personal identifiable information (PII) and financial data over the course of more than 10 years.
02 November 2020
Survey: Cybersecurity Skills Shortage is ‘Bad,’ But There’s Hope
Automation, strategic process design and an investment in training are the keys to managing the cybersecurity skills gap, according to a recent survey from Trustwave.
02 November 2020
Malicious npm package opens backdoors on programmers' computers
JavaScript library posing as a Twilio-related library opens backdoors to let attackers access infected workstations.02 November 2020
Windows Zero-Day Used with Chrome Flaw in Targeted Attacks
Google's Project Zero has disclosed a Windows kernel zero-day vulnerability being used with a known Chrome bug in targeted attacks.02 November 2020
WordPress Pushes Out Multiple Flawed Security Updates
WordPress bungles critical security 5.5.2 fix and saves face next day with 5.5.3 update.
02 November 2020
Texas Gold-Dealer Mined for Payment Details in Months-Long Data Breach
JM Bullion fell victim to a payment-card skimmer, which was in place for five months.
02 November 2020
Google discloses Windows zero‑day bug exploited in the wild
The security hole isn’t expected to be plugged until the forthcoming Patch Tuesday bundle of security fixes
The post Google discloses Windows zero‑day bug exploited in the wild appeared first on WeLiveSecurity
02 November 2020
Scammers Abuse Google Drive to Send Malicious Links
Cybercriminals are sending malicious links to hundreds of thousands of users via Google Drive notifications.
02 November 2020
Fraud Prevention Strategies to Prepare for the Future
While companies have largely adjusted to the new normal for security management, here are some tips for combatting fraud, post-COVID.02 November 2020
Unpatched Windows Zero-Day Exploited in the Wild for Sandbox Escape
Google Project Zero disclosed the bug before a patch becomes available from Microsoft.
02 November 2020
How Can I Help Remote Workers Secure Their Home Routers?
The most effective way is with employee security education.
02 November 2020
As Businesses Go Remote, Hackers Find New Security Gaps
Improper access control, information disclosure, and SSRF are among the most impactful, and most awarded, security flaws found this year.02 November 2020
Marriott fined £18.4 million by UK watchdog over customer data breach
The fine has been slashed from over £99 million originally proposed In light of the pandemic.02 November 2020
CERT/CC launches Twitter bot to give security bugs random names
CERT/CC attempts to reduce the use of sensationalized vulnerability names that needlessly scare software users.02 November 2020
US Cyber Command exposes new Russian malware
Together with CISA and the FBI, US Cyber Command wish Russian state hackers a "Happy Halloween!"01 November 2020
Chrome will soon have its own dedicated certificate root store
Currently, Chrome uses the certificate root store part of each operating system. Google plans to manage its own list of "approved" certificates from now on, similar to Firefox.31 October 2020
Rising Ransomware Breaches Underscore Cybersecurity Failures
Ransomware's continued success speaks volumes about what's at stake for businesses and people, and, perhaps, the cybersecurity industry's inability to adapt quickly enough to protect everyone.31 October 2020
Crippling Cyberattacks, Disinformation Top Concerns for Election Day
Cyber-researchers weigh in on what concerns them the most as the U.S. heads into the final weekend before the presidential election -- and they also highlight the positives.
30 October 2020