---

5 Common Errors That Allow Attackers to Go Undetected

Make these mistakes and invaders might linger in your systems for years.

---

Katie Moussouris: The Bug Bounty Conflict of Interest

Katie Moussouris sounds off on the challenges behind creating successful bug bounty programs.

---

Report to Your Management with the Definitive ‘IR Management and Reporting’ Presentation Template

The IR Management and Reporting Template attempt to assist the CISO – not only perform a top edge response to cyberattacks but also ensure that this professional and critical work is understood and acknowledged.

---

Apple joins FIDO Alliance, commits to getting rid of passwords

Passwords are a notorious security mess. The FIDO Alliance wants to replace them with better, more secure technology and now Apple is it them in this effort.

---

FBI: $3.5B Lost in 2019 to Known Cyberscams, Ransomware

Cybercriminals double down on successful internet scams, with a focus on phishing, BEC and other defrauding schemes that have proven to work.

---

Average tenure of a CISO is just 26 months due to high stress and burnout

Report: The vast majority of interviewed CISO executives (88%) report high levels of stress, a third report stress-caused physical health issues, half report mental health issues.

---

Intel warns of critical security flaw in CSME engine, issues discontinued product notices

The CSME system is subject to a severe bug leading to a host of different exploits.

---

Adobe squashes 35 critical vulnerabilities in security patch update

Arbitrary code execution issues have eclipsed other security problems in February’s patch round.

---

Play Protect blocked 1.9B malware installs from non-Google sources last year

The number of user attempts to install malware-infected apps from outside the Play Store has gone up from 1.6 billion, reported in 2017 and 2018, to 1.9 billion, last year.

---

Microsoft Patch Tuesday fixes IE zero‑day and 98 other flaws

February may be the shortest month of the year, but it brings a bumper crop of patches

The post Microsoft Patch Tuesday fixes IE zero‑day and 98 other flaws appeared first on WeLiveSecurity

---

Microsoft Patch Tuesday, February 2020 Edition

Microsoft today released updates to plug nearly 100 security holes in various versions of its Windows operating system and related software, including a zero-day vulnerability in Internet Explorer (IE) that is actively being exploited. Also, Adobe has issued a bevy of security updates for its various products, including Flash Player and Adobe Reader/Acrobat.

---

Healthcare Ransomware Damage Passes $157M Since 2016

Researchers found the total cost far exceeded the amount of ransom paid to attackers.

---

Microsoft Addresses Active Attacks, Air-Gap Danger with 99 Patches

There are 12 critical and five previously disclosed bugs in the February 2020 Patch Tuesday Update.

---

FBI: BEC scams accounted for half of the cyber-crime losses in 2019

Average loss per BEC scam amounted to nearly $75,000, per complaint, on average.

---

Microsoft Patches Exploited Internet Explorer Flaw

This month's Patch Tuesday brings fixes for 99 CVEs, including one IE flaw seen exploited in the wild.

---

Intel Patches High-Severity Flaw in Security Engine

The high-severity vulnerability could enable denial of service, privilege escalation and information disclosure.

---

Microsoft's February 2020 Patch Tuesday fixes 99 security bugs

This is one of Microsoft's biggest Patch Tuesday known to date.

---

Why Ransomware Will Soon Target the Cloud

As businesses' daily operations become more dependent on cloud services, ransomware authors will follow to maximize profits. The good news: Many of the best practices for physical servers also apply to the cloud.

---

Estée Lauder Exposes 440M Records, with Email Addresses, Network Info

Middleware data was exposed, which can create a secondary path for malware through which applications and data can be compromised.

---

Jenkins servers can be abused for DDoS attacks

DDoS attacks can reach an amplification factor of 100, but servers will crash very quickly.