Cybersecurity News


5 Common Errors That Allow Attackers to Go Undetected

Make these mistakes and invaders might linger in your systems for years.
12 February 2020

Katie Moussouris: The Bug Bounty Conflict of Interest

Katie Moussouris: The Bug Bounty Conflict of Interest Katie Moussouris sounds off on the challenges behind creating successful bug bounty programs.
12 February 2020

Report to Your Management with the Definitive ‘IR Management and Reporting’ Presentation Template

Report to Your Management with the Definitive ‘IR Management and Reporting’ Presentation Template The IR Management and Reporting Template attempt to assist the CISO – not only perform a top edge response to cyberattacks but also ensure that this professional and critical work is understood and acknowledged.
12 February 2020

Apple joins FIDO Alliance, commits to getting rid of passwords

Passwords are a notorious security mess. The FIDO Alliance wants to replace them with better, more secure technology and now Apple is it them in this effort.
12 February 2020

FBI: $3.5B Lost in 2019 to Known Cyberscams, Ransomware

FBI: $3.5B Lost in 2019 to Known Cyberscams, Ransomware Cybercriminals double down on successful internet scams, with a focus on phishing, BEC and other defrauding schemes that have proven to work.
12 February 2020

Average tenure of a CISO is just 26 months due to high stress and burnout

Report: The vast majority of interviewed CISO executives (88%) report high levels of stress, a third report stress-caused physical health issues, half report mental health issues.
12 February 2020

Intel warns of critical security flaw in CSME engine, issues discontinued product notices

The CSME system is subject to a severe bug leading to a host of different exploits.
12 February 2020

Adobe squashes 35 critical vulnerabilities in security patch update

Arbitrary code execution issues have eclipsed other security problems in February’s patch round.
12 February 2020

Play Protect blocked 1.9B malware installs from non-Google sources last year

The number of user attempts to install malware-infected apps from outside the Play Store has gone up from 1.6 billion, reported in 2017 and 2018, to 1.9 billion, last year.
11 February 2020

Microsoft Patch Tuesday fixes IE zero‑day and 98 other flaws

February may be the shortest month of the year, but it brings a bumper crop of patches

The post Microsoft Patch Tuesday fixes IE zero‑day and 98 other flaws appeared first on WeLiveSecurity

11 February 2020

Microsoft Patch Tuesday, February 2020 Edition

Microsoft today released updates to plug nearly 100 security holes in various versions of its Windows operating system and related software, including a zero-day vulnerability in Internet Explorer (IE) that is actively being exploited. Also, Adobe has issued a bevy of security updates for its various products, including Flash Player and Adobe Reader/Acrobat.
11 February 2020

Healthcare Ransomware Damage Passes $157M Since 2016

Researchers found the total cost far exceeded the amount of ransom paid to attackers.
11 February 2020

Microsoft Addresses Active Attacks, Air-Gap Danger with 99 Patches

Microsoft Addresses Active Attacks, Air-Gap Danger with 99 Patches There are 12 critical and five previously disclosed bugs in the February 2020 Patch Tuesday Update.
11 February 2020

FBI: BEC scams accounted for half of the cyber-crime losses in 2019

Average loss per BEC scam amounted to nearly $75,000, per complaint, on average.
11 February 2020

Microsoft Patches Exploited Internet Explorer Flaw

This month's Patch Tuesday brings fixes for 99 CVEs, including one IE flaw seen exploited in the wild.
11 February 2020

Intel Patches High-Severity Flaw in Security Engine

Intel Patches High-Severity Flaw in Security Engine The high-severity vulnerability could enable denial of service, privilege escalation and information disclosure.
11 February 2020

Microsoft's February 2020 Patch Tuesday fixes 99 security bugs

This is one of Microsoft's biggest Patch Tuesday known to date.
11 February 2020

Why Ransomware Will Soon Target the Cloud

As businesses' daily operations become more dependent on cloud services, ransomware authors will follow to maximize profits. The good news: Many of the best practices for physical servers also apply to the cloud.
11 February 2020

Estée Lauder Exposes 440M Records, with Email Addresses, Network Info

Estée Lauder Exposes 440M Records, with Email Addresses, Network Info Middleware data was exposed, which can create a secondary path for malware through which applications and data can be compromised.
11 February 2020

Jenkins servers can be abused for DDoS attacks

DDoS attacks can reach an amplification factor of 100, but servers will crash very quickly.
11 February 2020