Cybersecurity News


Wordpress Discloses Critical Zero-day in Fancy Product Designer Plugin

The plugin under active attack has been installed on more than 17,000 websites, Wordpress reports.
02 June 2021

Is Your Adversary James Bond or Mr. Bean?

Especially with nation-state attacks, its critical to assess whether you're up against jet fighter strength or a bumbler who tries to pick locks.
02 June 2021

Microsoft 365: Most Common Threat Vectors & Defensive Tips

Microsoft 365: Most Common Threat Vectors & Defensive Tips Security pros discuss the most typical ways attackers leverage Microsoft 365 and share their guidance for defenders.
02 June 2021

REvil Ransomware Ground Down JBS: Sources

REvil Ransomware Ground Down JBS: Sources Responsible nations don't harbor cybercrooks, the Biden administration admonished Russia, home to the gang that reportedly froze the global food distributor's systems.
02 June 2021

Chaos for the Sake of Chaos? Yes, Nation-States Are That Cynical

Many nation-state-backed attacks are intended to destabilize the US government, not steal from it.
02 June 2021

Processor Morphs Its Architecture to Make Hacking Really Hard

Researchers create a processor that uses encryption to modify its memory architecture during runtime, making it very difficult for hackers to exploit memory-based vulnerabilities.
02 June 2021

This is how attackers bypass Microsoft's AMSI anti-malware scanning protection

Researchers outline common tactics for circumventing the security software.
02 June 2021

DoJ Charges Rhode Island Woman in Phishing Scheme Against Politicians

DoJ Charges Rhode Island Woman in Phishing Scheme Against Politicians Diana Lebeau allegedly tried to trick candidates for public office and related individuals into giving up account credentials by impersonating trusted associates and the Microsoft security team.
02 June 2021

XSS vulnerability found in popular WYSIWYG website editor

The security flaw was found in how HTML sanitizing is performed.
02 June 2021

Amazon Sidewalk Poised to Sweep You Into Its Mesh

Amazon Sidewalk Poised to Sweep You Into Its Mesh On June 8, Amazon’s pulling all its devices into a device-to-device wireless mix, inspiring FUD along the way. Now's the time to opt out if you're be-FUDdled.
02 June 2021

Russian underground forums launch competitions for cryptocurrency, NFT hacks

Prizes are on offer for everything from stealing wallet funds to compromising NFTs.
02 June 2021

US schools land IBM grants to protect themselves against ransomware

The grants are worth a total of $3 million.
02 June 2021

US Seizes Attacker Domains Used in USAID Phishing Campaign

The move follows last week's disclosure of an ongoing attack designed to mimic emails from the US Agency for International Development.
01 June 2021

New Barebones Ransomware Strain Surfaces

The authors of Epsilon Red have offloaded many tasks that are usually integrated into the ransomware -- such as Volume Shadow Copy deletion -- to PowerShell scripts.
01 June 2021

Cyber-Insurance Fuels Ransomware Payment Surge

Cyber-Insurance Fuels Ransomware Payment Surge Companies relying on their cyber-insurance policies to pay off ransomware criminals are being blamed for a recent uptick in ransomware attacks.
01 June 2021

Meat Producer JBS USA Hit By Ransomware Attack

The company says recovery from the attack may delay transactions with customers and suppliers.
01 June 2021

Where Bug Bounty Programs Fall Flat

Where Bug Bounty Programs Fall Flat Some criminals package exploits into bundles to sell on cybercriminal forums years after they were zero days, while others say bounties aren't enough .
01 June 2021

The Future of PCI SSC Mobile Standards

 

The Council is currently working on the next evolution of its mobile security standards. To date, PCI SSC has two mobile standards: PCI Software-based PIN Entry on COTS (SPoC) Standard, which provides a software-based approach for protecting PIN entry on the wide variety of COTS devices, and PCI Contactless Payments on COTS (CPoC) Standard which addresses security for solutions that enable merchants to accept contactless payments using a smartphone or other commercial off-the-shelf (COTS) mobile device with near-field communication (NFC).

01 June 2021

Return to Basics: Email Security in the Post-COVID Workplace

As we reimagine the post-pandemic workplace, we must also reevaluate post-pandemic email security practices.
01 June 2021

Name That Edge Toon: In Tow

Name That Edge Toon: In Tow Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
01 June 2021