Cybersecurity News
Russian hacker jailed over botnet data scraping scheme that drained victim bank accounts
Prosecutors estimate the scheme has caused financial losses of at least $100 million.03 November 2020
Oracle publishes rare out-of-band security update for WebLogic servers
Oracle releases additional fix to patch a bug for the second time after the publication of proof-of-concept exploit code.03 November 2020
Adobe hires new CSO in Mark Adams to guide the company in its post-Flash era
Adams served as CSO for Blizzard Entertainment for four years before joining Adobe today.02 November 2020
California's Prop. 24 Splits Privacy Advocates
Critics worry that the curatives in Prop. 24 are worse than the disease of privacy-rights violations.02 November 2020
Microsoft & Others Catalog Threats to Machine Learning Systems
Thirteen organizations worked together to create a dictionary of techniques used to attack ML models and warn that such malicious efforts will become more common.02 November 2020
Google patches second Chrome zero-day in two weeks
Google Chrome 86.0.4240.183 available for download. Patches 10 security bugs, including an actively-exploited zero-day.02 November 2020
New Tools Make North Korea's Kimsuky Group More Dangerous
Threat actor actively targeting US organizations in global intelligence-gathering campaign, government says.02 November 2020
Hacker group uses Solaris zero-day to breach corporate networks
The zero-day appears to have been bought off a black-market website for $3,000.02 November 2020
Russian National Sentenced to 8 Years in Prison for Role in Botnet Operation
Cybercrime scheme netted more than $100 million.02 November 2020
$100M Botnet Scheme Lands Cybercriminal 8 Years in Jail
Aleksandr Brovko faces jail time after stealing $100 million worth of personal identifiable information (PII) and financial data over the course of more than 10 years.
02 November 2020
Survey: Cybersecurity Skills Shortage is ‘Bad,’ But There’s Hope
Automation, strategic process design and an investment in training are the keys to managing the cybersecurity skills gap, according to a recent survey from Trustwave.
02 November 2020
Malicious npm package opens backdoors on programmers' computers
JavaScript library posing as a Twilio-related library opens backdoors to let attackers access infected workstations.02 November 2020
Windows Zero-Day Used with Chrome Flaw in Targeted Attacks
Google's Project Zero has disclosed a Windows kernel zero-day vulnerability being used with a known Chrome bug in targeted attacks.02 November 2020
WordPress Pushes Out Multiple Flawed Security Updates
WordPress bungles critical security 5.5.2 fix and saves face next day with 5.5.3 update.
02 November 2020
Texas Gold-Dealer Mined for Payment Details in Months-Long Data Breach
JM Bullion fell victim to a payment-card skimmer, which was in place for five months.
02 November 2020
Google discloses Windows zero‑day bug exploited in the wild
The security hole isn’t expected to be plugged until the forthcoming Patch Tuesday bundle of security fixes
The post Google discloses Windows zero‑day bug exploited in the wild appeared first on WeLiveSecurity
02 November 2020
Scammers Abuse Google Drive to Send Malicious Links
Cybercriminals are sending malicious links to hundreds of thousands of users via Google Drive notifications.
02 November 2020
Fraud Prevention Strategies to Prepare for the Future
While companies have largely adjusted to the new normal for security management, here are some tips for combatting fraud, post-COVID.02 November 2020
Unpatched Windows Zero-Day Exploited in the Wild for Sandbox Escape
Google Project Zero disclosed the bug before a patch becomes available from Microsoft.
02 November 2020
How Can I Help Remote Workers Secure Their Home Routers?
The most effective way is with employee security education.
02 November 2020