Cybersecurity News


Bug-Bounty Awards Spike 26% in 2020

Bug-Bounty Awards Spike 26% in 2020 The most-rewarded flaw is XSS, which is among those that are relatively cheap for organizations to identify.
29 October 2020

McAfee debuts remote browser isolation solution, XDR platform

The company’s new offerings are designed with real-time protection and incident management in mind.
29 October 2020

IoT security: Are we finally turning the corner?

Better IoT security and data protection are long overdue. Will they go from an afterthought to everyone's priority any time soon?

The post IoT security: Are we finally turning the corner? appeared first on WeLiveSecurity

29 October 2020

Xfinity, McAfee Brands Abused by Parked Domains in Active Campaigns

Xfinity, McAfee Brands Abused by Parked Domains in Active Campaigns Malicious redirection websites are using typosquatting and impersonation to attack unwary visitors.
29 October 2020

FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals

On Monday, Oct. 27, KrebsOnSecurity began following up on a tip from a reliable source that an aggressive Russian cybercriminal gang known for deploying ransomware was preparing to disrupt information technology systems at hundreds of hospitals, clinics and medical care facilities across the United States. Today, officials from the FBI and the U.S. Department of Homeland Security hastily assembled a conference call with healthcare industry executives warning about an "imminent cybercrime threat to U.S. hospitals and healthcare providers."
28 October 2020

Breaking the Glass Ceiling: Tough for Women, Tougher for Women of Color

Security practitioners shed light on obstacles limiting career growth and the steps businesses can take to achieve their promises of a more diverse workforce.
28 October 2020

More Hospitals Hit by Growing Wave of Ransomware Attacks

More Hospitals Hit by Growing Wave of Ransomware Attacks Hospitals in New York and Oregon were targeted on Tuesday by threat actors who crippled systems and forced ambulances with sick patients to be rerouted, in some cases.
28 October 2020

US Government Issues Warning on Kimsuky APT Group

The joint alert, from CISA, the FBI, and others, describes activities from the North Korean advanced persistent threat group.
28 October 2020

Microsoft’s SMBGhost Flaw Still Haunts 108K Windows Systems

Microsoft’s SMBGhost Flaw Still Haunts 108K Windows Systems While Microsoft patched the bug known as CVE-2020-0796 back in March, more than one 100,000 Windows systems are still vulnerable.
28 October 2020

‘Copyright Violation’ Notices Lead to Facebook 2FA Bypass

‘Copyright Violation’ Notices Lead to Facebook 2FA Bypass Fraudulent Facebook messages allege copyright infringement and threaten to take down pages, unless users enter logins, passwords and 2FA codes.
28 October 2020

6 Ways Passwords Fail Basic Security Tests

6 Ways Passwords Fail Basic Security Tests New data shows humans still struggle with password creation and management.
28 October 2020

Rethinking Security for the Next Normal -- Under Pressure

By making a commitment to a unified approach to security, then doing what's necessary to operationalize it, organizations can establish a better security model for the next normal.
28 October 2020

How the Pandemic is Reshaping the Bug-Bounty Landscape

How the Pandemic is Reshaping the Bug-Bounty Landscape Bugcrowd Founder Casey Ellis talks about COVID-19's impact on bug bounty hunters, bug bounty program adoption and more.
28 October 2020

Russian Espionage Group Updates Custom Malware Suite

Russian Espionage Group Updates Custom Malware Suite Turla has outfitted a trio of backdoors with new C2 tricks and increased interop, as seen in an attack on a European government.
28 October 2020

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. In August, Gunnebo said it had successfully thwarted a ransomware attack, but this week it emerged that the intruders stole and published online tens of thousands of sensitive documents -- including schematics of client bank vaults and surveillance systems. The Gunnebo Group is a Swedish multinational company that provides physical security to a variety of clients globally, including banks, government agencies, airports, casinos, jewelry stores, tax agencies and even nuclear power plants. The company has operations in 25 countries, more than 4,000 employees, and billions in revenue annually.
28 October 2020

Trump Campaign Website Defaced by Unknown Attackers

Individuals behind the brief Tuesday night incident posted anti-Trump sentiments and appeared to solicit cryptocurrency.
28 October 2020

Tracking Down the Web Trackers

Tracking Down the Web Trackers Third-party Web trackers might be following your website visitors' every step. How can new tools like Blacklight help you stop them in their tracks?
28 October 2020

How to Increase Voter Turnout & Reduce Fraud

Digital identity verification has advanced, both technologically and legislatively. Is it the answer to simpler, safer voting?
28 October 2020

Iran-linked APT Targets T20 Summit, Munich Security Conference Attendees

Iran-linked APT Targets T20 Summit, Munich Security Conference Attendees The Phosphorous APT has launched successful attacks against world leaders who are attending the Munich Security Conference and the Think 20 (T20) Summit in Saudi Arabia, Microsoft warns.
28 October 2020

Physical Security Has a Lot of Catching Up to Do

The transformation we need: merging the network operations center with the physical security operations center.
28 October 2020