Cybersecurity News
When Away
Leaving your seat? Ctrl--Alt--Delete! Make sure you lock your workstation or laptop while you are away from it. On a Mac? Try Control--Shift--Eject/Power.21 January 2020
DDoS Mitigation Firm Founder Admits to DDoS
A Georgia man who co-founded a service designed to protect companies from crippling distributed denial-of-service (DDoS) attacks has pleaded to paying a DDoS-for-hire service to launch attacks against others.20 January 2020
How Industry Collaboration Created a Unified PIN Standard
On the blog we discuss a joint collaboration between PCI SSC and ASC X9 to create a unified PIN standard with Troy Leach, Senior Vice President, of the PCI SSC and Steve Stevens, Executive Director of ASC X9. In response to industry feedback, the Accredited Standards Committee X9 Inc. (ASC X9) and the PCI Security Standards Council (PCI SSC) have recently completed a joint initiative to create one unified PIN Security Standard for payments stakeholders.
20 January 2020
Ubisoft sues operators of four DDoS-for-hire services
Ubisoft delivers on threats it made in September 2019 and goes after website selling DDoS services that were used to launch attacks against Rainbow Six Siege servers.20 January 2020
Are We Secure Yet? How to Build a 'Post-Breach' Culture
There are many ways to improve your organization's cybersecurity practices, but the most important principle is to start from the top.20 January 2020
New Internet Explorer zero‑day remains unpatched
You may want to implement a workaround or stop using the browser altogether, at least until Microsoft issues a a fix
The post New Internet Explorer zero‑day remains unpatched appeared first on WeLiveSecurity
20 January 2020
New Internet Explorer zero‑day remains unpatched
You may want to implement a workaround or stop using the browser altogether, at least until Microsoft issues a a fix
The post New Internet Explorer zero‑day remains unpatched appeared first on WeLiveSecurity
20 January 2020
Are We Secure Yet? How to Build a "Post-Breach" Culture
There are many ways to improve your organization's cybersecurity practices, but the most important principle is to start from the top.20 January 2020
The Y2K Boomerang: InfoSec Lessons Learned from a New Date-Fix Problem
We all make assumptions. They rarely turn out well. A new/old date problem offers a lesson in why that's so.
20 January 2020
Mitsubishi Electric discloses security breach, China is main suspect
Mitsubishi Electric says hackers did not obtain sensitive information about defense contracts.20 January 2020
Betting companies given access to UK gov't information on millions of children
Reports suggest a government database was misused for age verification purposes.20 January 2020
Citrix rolls out patches for critical ADC vulnerability exploited in the wild
Citrix is racing to develop patches for software builds vulnerable to the severe bug.20 January 2020
LastPass is in the midst of a major outage
LastPass issue appears to impact users with accounts dating back to 2014 and earlier.20 January 2020
Secure Your Home Wi-Fi Network
Be aware of all the devices connected to your home network, including baby monitors, gaming consoles, TVs, appliances or even your car. Ensure all those devices are protected by a strong password and/or are running the latest version of their operating system.20 January 2020
Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices
The list was shared by the operator of a DDoS booter service.19 January 2020
Microsoft warns about Internet Explorer zero-day, but no patch yet
IE zero-day connected to last week's Firefox zero-day.17 January 2020
New JhoneRAT Malware Targets Middle East
Researchers say that JhoneRAT has various anti-detection techniques - including making use of Google Drive, Google Forms and Twitter.
17 January 2020
Feds Cut Off Access to Billions of Breached Records with Site Takedown
The WeLeakInfo "data breach notification" domain is no more.
17 January 2020
Mobile Carrier Customer Service Ushers in SIM-Swap Fraud
Weak challenge questions by customer service reps make it easy for fraudsters to hijack a phone line and bypass 2FA to breach accounts.
17 January 2020
Visa's plan against Magecart attacks: Devalue and disrupt
Visa is actively going after Magecart groups, but also deploying new technologies to safeguard payment card data.17 January 2020