Cybersecurity News
As Businesses Go Remote, Hackers Find New Security Gaps
Improper access control, information disclosure, and SSRF are among the most impactful, and most awarded, security flaws found this year.02 November 2020
Marriott fined £18.4 million by UK watchdog over customer data breach
The fine has been slashed from over £99 million originally proposed In light of the pandemic.02 November 2020
CERT/CC launches Twitter bot to give security bugs random names
CERT/CC attempts to reduce the use of sensationalized vulnerability names that needlessly scare software users.02 November 2020
US Cyber Command exposes new Russian malware
Together with CISA and the FBI, US Cyber Command wish Russian state hackers a "Happy Halloween!"01 November 2020
Chrome will soon have its own dedicated certificate root store
Currently, Chrome uses the certificate root store part of each operating system. Google plans to manage its own list of "approved" certificates from now on, similar to Firefox.31 October 2020
Rising Ransomware Breaches Underscore Cybersecurity Failures
Ransomware's continued success speaks volumes about what's at stake for businesses and people, and, perhaps, the cybersecurity industry's inability to adapt quickly enough to protect everyone.31 October 2020
Crippling Cyberattacks, Disinformation Top Concerns for Election Day

30 October 2020
WordPress Patches 3-Year-Old High-Severity RCE Bug

30 October 2020
Firestarter Android Malware Abuses Google Firebase Cloud Messaging

30 October 2020
New Wroba Campaign Is Latest Sign of Growing Mobile Threats
After years of mostly targeting users in Japan, Korea, and other countries in the region, operators of the Trojan expanded their campaign to the US this week.30 October 2020
Wisc. GOP’s $2.3M MAGA Hat Debacle Showcases Fraud Concerns

30 October 2020
Halloween News Wrap: The Election, Hospital Deaths and Other Scary Cyberattack Stories

30 October 2020
Wroba Mobile Banking Trojan Spreads to the U.S. via Texts

30 October 2020
Google discloses Windows zero-day exploited in the wild
Windows zero-day (not yet patched) is used as part of an exploit chain that also includes a Chrome zero-day (already patched).30 October 2020
Week in security with Tony Anscombe
New ESET Threat Report is out – Are things in IoT security finally changing? – 5 spooky tales of data breaches
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
30 October 2020
Election (in)security: What you may have missed
As Election Day draws near, here's a snapshot of how this election cycle is faring in the hands of the would-be digitally meddlesome
The post Election (in)security: What you may have missed appeared first on WeLiveSecurity
30 October 2020
JavaScript Obfuscation Moves to Phishing Emails
Attackers are hiding malicious payloads in phishing emails via a technique traditionally used to hide malicious code planted on websites.30 October 2020
Microsoft Warns of Ongoing Attacks Exploiting Zerologon
The vulnerability, patched in August, has been weaponized by APT groups and prompted CISA to issue a security alert.30 October 2020
Public Safety & Cybersecurity Concerns Elevate Need for a Converged Approach
As public and private spaces are opening up, the need for a converged approach to cybersecurity and physical security is essential, as is integration with health measures and tech.30 October 2020
Microsoft Warns Threat Actors Continue to Exploit Zerologon Bug

30 October 2020