Cybersecurity News


Enterprise Cloud Use Continues to Outpace Security

Nearly 60% of IT and security pros say deployment of business services in the cloud has rushed past their ability to secure them.
24 February 2020

Zyxel Fixes 0day in Network Storage Devices

Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them. The patch comes 12 days after KrebsOnSecurity alerted the company that precise instructions for exploiting the vulnerability were being sold for $20,000 in the cybercrime underground. Based in Taiwan, Zyxel Communications Corp. (a.k.a "ZyXEL") is a maker of networking devices, including Wi-Fi routers, NAS products and hardware firewalls. The company has roughly 1,500 employees and boasts some 100 million devices deployed worldwide. While in many respects the class of vulnerability addressed in this story is depressingly common among Internet of Things (IoT) devices, the flaw is notable because it has attracted the interest of groups specializing in deploying ransomware at scale.
24 February 2020

Solving the Cloud Data Security Conundrum

Trusting the cloud involves a change in mindset. You must be ready to use runtime encryption in the cloud.
24 February 2020

Latest Security News from RSAC 2020

Check out Dark Reading's updated, exclusive coverage of the news and security themes that are dominating RSA Conference 2020 in San Francisco.
24 February 2020

Data Breach Occurs at Agency in Charge of Secure White House Communications

Data Breach Occurs at Agency in Charge of Secure White House Communications A leak at the Defense Information Systems Agency exposed personal information of government employees, including social security numbers.
24 February 2020

7 Tips to Improve Your Employees' Mobile Security

7 Tips to Improve Your Employees' Mobile Security Security experts discuss the threats putting mobile devices at risk and how businesses can better defend against them.
24 February 2020

Cybersecurity alliance launches first open source messaging framework for security tools

OpenDXL Ontology is designed for data and command sharing between cybersecurity software.
24 February 2020

Is your phone listening to you?

Do social media listen in on our conversations in order to target us with ads? Or are we just a bit paranoid? A little test might speak a thousand words.

The post Is your phone listening to you? appeared first on WeLiveSecurity

24 February 2020

LTE security flaw can be abused to take out subscriptions at your expense

Researchers say the vulnerability impacts “virtually all” smartphones on the market.
24 February 2020

Slickwraps says customer trust was ‘violated’ in data breach caused by glaring security holes

A security researcher’s warnings were reportedly ignored.
24 February 2020

Careers in Cybersecurity

Have you considered a career in Cybersecurity? It is a fast-paced, highly dynamic field with a huge number of specialties to choose from, including forensics, endpoint security, critical infrastructure, incident response, secure coding, and awareness and training. In addition, a career in cybersecurity allows you to work almost anywhere in the world, with amazing benefits and an opportunity to make a real difference. However, the most exciting thing is you do NOT need a technical background, anyone can get started.
24 February 2020

All About SASE: What It Is, Why It's Here, How to Use It

Secure Access Service Edge is a new name for a known and growing architecture designed to strengthen security in cloud environments.
22 February 2020

Emotet Malware Rears Its Ugly Head Again

A resurgence in Emotet malware may make it one of the most pervasive security threats of 2020.
21 February 2020

Lawsuit Claims Google Collects Minors’ Locations, Browsing History

Lawsuit Claims Google Collects Minors’ Locations, Browsing History A new lawsuit alleges that Google’s G Suite for Education program covertly collects data from students, violating both COPPA and other data privacy regulations.
21 February 2020

Active Attacks Target Popular Duplicator WordPress Plugin

Active Attacks Target Popular Duplicator WordPress Plugin When patched last week, the bug affected at least 1 million websites. Zero-day exploits were going on then.
21 February 2020

FBI recommends passphrases over password complexity

Longer passwords, even consisting of simpler words or constructs, are better than short passwords with special characters.
21 February 2020

California Man Arrested for Politically Motivated DDoS

The distributed denial-of-service attacks took a congressional candidate's website offline for a total of 21 hours during the campaign for office.
21 February 2020

RSAC 2020: Editors’ Preview of Hottest Sessions, Speakers and Themes

RSAC 2020: Editors’ Preview of Hottest Sessions, Speakers and Themes From data privacy to industrial IoT cybersecurity concerns, Threatpost editors discuss the top stories they expect to see at this year's RSA Conference, which kicks off next week in San Francisco.
21 February 2020

Burning Man Tickets for $225? Yep, Too Good to Be True

Burning Man Tickets for $225? Yep, Too Good to Be True Scammers are posing as event organizers in a sophisticated fraud effort.
21 February 2020

NRC Health Ransomware Attack Prompts Patient Data Concerns

The organization, which sells patient administration tools to hospitals, could not confirm whether patient data was accessed.
21 February 2020