Cybersecurity News


When Away

Leaving your seat? Ctrl--Alt--Delete! Make sure you lock your workstation or laptop while you are away from it. On a Mac? Try Control--Shift--Eject/Power.
21 January 2020

DDoS Mitigation Firm Founder Admits to DDoS

A Georgia man who co-founded a service designed to protect companies from crippling distributed denial-of-service (DDoS) attacks has pleaded to paying a DDoS-for-hire service to launch attacks against others.
20 January 2020

How Industry Collaboration Created a Unified PIN Standard


On the blog we discuss a joint collaboration between PCI SSC and ASC X9 to create a unified PIN standard with Troy Leach, Senior Vice President, of the PCI SSC and Steve Stevens, Executive Director of ASC X9.  In response to industry feedback, the Accredited Standards Committee X9 Inc. (ASC X9) and the PCI Security Standards Council (PCI SSC) have recently completed a joint initiative to create one unified PIN Security Standard for payments stakeholders.

20 January 2020

Ubisoft sues operators of four DDoS-for-hire services

Ubisoft delivers on threats it made in September 2019 and goes after website selling DDoS services that were used to launch attacks against Rainbow Six Siege servers.
20 January 2020

Are We Secure Yet? How to Build a 'Post-Breach' Culture

There are many ways to improve your organization's cybersecurity practices, but the most important principle is to start from the top.
20 January 2020

New Internet Explorer zero‑day remains unpatched

You may want to implement a workaround or stop using the browser altogether, at least until Microsoft issues a a fix

The post New Internet Explorer zero‑day remains unpatched appeared first on WeLiveSecurity

20 January 2020

New Internet Explorer zero‑day remains unpatched

You may want to implement a workaround or stop using the browser altogether, at least until Microsoft issues a a fix

The post New Internet Explorer zero‑day remains unpatched appeared first on WeLiveSecurity

20 January 2020

Are We Secure Yet? How to Build a "Post-Breach" Culture

There are many ways to improve your organization's cybersecurity practices, but the most important principle is to start from the top.
20 January 2020

The Y2K Boomerang: InfoSec Lessons Learned from a New Date-Fix Problem

The Y2K Boomerang: InfoSec Lessons Learned from a New Date-Fix Problem We all make assumptions. They rarely turn out well. A new/old date problem offers a lesson in why that's so.
20 January 2020

Mitsubishi Electric discloses security breach, China is main suspect

Mitsubishi Electric says hackers did not obtain sensitive information about defense contracts.
20 January 2020

Betting companies given access to UK gov't information on millions of children

Reports suggest a government database was misused for age verification purposes.
20 January 2020

Citrix rolls out patches for critical ADC vulnerability exploited in the wild

Citrix is racing to develop patches for software builds vulnerable to the severe bug.
20 January 2020

LastPass is in the midst of a major outage

LastPass issue appears to impact users with accounts dating back to 2014 and earlier.
20 January 2020

Secure Your Home Wi-Fi Network

Be aware of all the devices connected to your home network, including baby monitors, gaming consoles, TVs, appliances or even your car. Ensure all those devices are protected by a strong password and/or are running the latest version of their operating system.
20 January 2020

Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices

The list was shared by the operator of a DDoS booter service.
19 January 2020

Microsoft warns about Internet Explorer zero-day, but no patch yet

IE zero-day connected to last week's Firefox zero-day.
17 January 2020

New JhoneRAT Malware Targets Middle East

New JhoneRAT Malware Targets Middle East Researchers say that JhoneRAT has various anti-detection techniques - including making use of Google Drive, Google Forms and Twitter.
17 January 2020

Feds Cut Off Access to Billions of Breached Records with Site Takedown

Feds Cut Off Access to Billions of Breached Records with Site Takedown The WeLeakInfo "data breach notification" domain is no more.
17 January 2020

Mobile Carrier Customer Service Ushers in SIM-Swap Fraud

Mobile Carrier Customer Service Ushers in SIM-Swap Fraud Weak challenge questions by customer service reps make it easy for fraudsters to hijack a phone line and bypass 2FA to breach accounts.
17 January 2020

Visa's plan against Magecart attacks: Devalue and disrupt

Visa is actively going after Magecart groups, but also deploying new technologies to safeguard payment card data.
17 January 2020