Cybersecurity News


Fake Microsoft Teams Emails Phish for Credentials

Employees belonging to organizations in industries such as energy, retail, and hospitality have been recipients, Abnormal Security says.
01 May 2020

DHS CISA Launches Site for Teleworking Security

The new website is intended to be a one-stop source for information on securing teleworkers and their employers.
01 May 2020

Trump bans acquisition of foreign power grid equipment, citing hacking threats

White House says foreign-made equipment "augments the ability of foreign adversaries to create and exploit vulnerabilities" in the US power grid.
01 May 2020

Name That Toon: The Lights Are On ...

Name That Toon: The Lights Are On ... Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
01 May 2020

News Wrap: Microsoft Sway Phish, Malicious GIF and Spyware Attacks

News Wrap: Microsoft Sway Phish, Malicious GIF and Spyware Attacks Threatpost editors discuss a phishing attack abusing Microsoft Sway, a Microsoft Teams flaw and an Android spyware campaign unearthed this week.
01 May 2020

Best Practices for Managing a Remote SOC

Experts share what it takes to get your security analysts effectively countering threats from their home offices.
01 May 2020

Microsoft Teams Impersonation Attacks Flood Inboxes

Microsoft Teams Impersonation Attacks Flood Inboxes Two separate attacks have targeted as many as 50,000 different Teams users, with the goal of phishing Office 365 logins.
01 May 2020

Week in security with Tony Anscombe

ESET's new Threat Report is out – Another deep dive into Latin American banking trojans – More coronavirus-themed scams

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

01 May 2020

Apple Makes It Easier to Unlock iPhone While Wearing a Mask

The beta release of iOS 13.5 brings an updated FaceID so that users wearing masks can bypass facial recognition and unlock their phone with a code.
01 May 2020

New Firefox service will generate unique email aliases to enter in online forms

Firefox Private Relay add-on to help users safeguard their email addresses from spammers.
01 May 2020

Industrial Networks' Newest Threat: Remote Users

We know remote working isn't going away anytime soon, so it's crucial we be extra vigilant about security for industrial networks and critical infrastructure.
01 May 2020

TrickBot Attack Exploits COVID-19 Fears with DocuSign-Themed Ploy

TrickBot Attack Exploits COVID-19 Fears with DocuSign-Themed Ploy Threat actors are spreading the tricky trojan through fake messages in another opportunistic COVID-19-related campaign, said IBM X-Force.
01 May 2020

Oracle warns of attacks against recently patched WebLogic security bug

Oracle patched the bug last month but attacks began after proof-of-concept code was published on GitHub.
01 May 2020

SaltStack Salt critical bugs allow data center, cloud server hijacking as root

Researchers expect the vulnerabilities to be exploited in the wild within days.
01 May 2020

Ninja Forms WordPress bug exposed over a million users to XSS attacks, website hijacking

The severe XSS vulnerability permitted site takeover and visitor browser redirection to malicious websites.
01 May 2020

It’s no time to let your guard down as coronavirus fraud remains a threat

Scammers rehash old campaigns, create credit card-stealing websites and repurpose information channels to milk the COVID-19 crisis for all it's worth

The post It’s no time to let your guard down as coronavirus fraud remains a threat appeared first on WeLiveSecurity

01 May 2020

Dreambot malware operation goes silent

Dreambot backend servers have gone down and no new samples have been spotted for weeks.
01 May 2020

DHS CISA to provide DoH and DoT servers for government use

Until official servers are available, government agencies told to disable DoH (DNS-over-HTTPS) and DoT (DNS-over-TLS) on their networks.
30 April 2020

Microsoft's Records Management Tool Aims to Simplify Data Governance

Microsoft's Records Management Tool Aims to Simplify Data Governance Records Management is intended to help businesses manage security and data governance as more struggle to handle increased amounts of data and regulatory requirements.
30 April 2020

Ransomware mentioned in 1,000+ SEC filings over the past year

A growing number of public companies have started listing ransomware as a forward-looking risk factor in their SEC documents.
30 April 2020