Cybersecurity News


Cybercriminals Swap Phishing for Credential Abuse, Vuln Exploits

Infection vectors were evenly divided among phishing, vulnerability exploitation, and unauthorized credential use in 2019.
11 February 2020

Macs See More Adware, Unwanted Apps Than PCs

The latest data from Malwarebytes show the average Mac sees almost twice as many bad apps as Windows systems, but actual malware continues to be scarce.
11 February 2020

What Are Some Basic Ways to Protect My Global Supply Chain?

What Are Some Basic Ways to Protect My Global Supply Chain? Assessing supply chains is one of the more challenging third-party risk management endeavors organizations can take on.
11 February 2020

What Are Some Foundational Ways to Protect My Global Supply Chain?

What Are Some Foundational Ways to Protect My Global Supply Chain? Assessing supply chains is one of the more challenging third-party risk management endeavors organizations can take on.
11 February 2020

Adobe Addresses Critical Flash, Framemaker Flaws

Adobe Addresses Critical Flash, Framemaker Flaws Overall, Adobe patched flaws tied to 42 CVEs as part of its regularly scheduled updates.
11 February 2020

CIA's Secret Ownership of Crypto AG Enabled Extensive Espionage

Crypto AG made millions selling encryption devices to more than 120 countries, which unknowingly transmitted intel back to the CIA.
11 February 2020

Keeping a Strong Security Metrics Framework Strong

Don't just report metrics -- analyze, understand, monitor, and adjust them. These 10 tips will show you how.
11 February 2020

Emotet trojan evolves to spread via WiFi connections

Security firm discovers what appears to be one of Emotet's most dangerous modules.
11 February 2020

Enterprise companies struggle to control security certificates, cryptographic keys

Certificate authority misuse, MiTM attacks, and problems with cryptographic key handling are now of serious concern to enterprise firms.
11 February 2020

KBOT virus takes out system files with no hope of recovery

In a blast from the past, KBOT has been deemed the first “living” virus detected in recent years.
11 February 2020

Dell Patches SupportAssist Flaw That Allows Arbitrary Code Execution

Dell Patches SupportAssist Flaw That Allows Arbitrary Code Execution The uncontrolled search path vulnerability allows a local user to use DLLs to escalate privileges and affects Windows PCs.
11 February 2020

Outlaw hacking group kills existing cryptocurrency miners in enterprise server attacks

A recent update also revealed a pivot towards corporate systems with weak patch management practices.
11 February 2020

Automaton takes center stage in enterprise cyberattacks

Massive repositories of stolen data are being weaponized in an attempt to compromise corporate networks.
11 February 2020

Competing in esports: 3 things to watch out for

If you’re looking to become a pro gamer, there are risks you shouldn’t play down

The post Competing in esports: 3 things to watch out for appeared first on WeLiveSecurity

11 February 2020

CEO Fraud

CEO Fraud / BEC is a type of targeted attack. It commonly involves a cyber criminally pretending to be your boss, then tricking or fooling you into sending the criminal highly sensitive information or initiating a wire transfer. Be highly suspicious of any emails demanding immediate action and/or asking you to bypass any security procedures.
11 February 2020

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

The U.S. Justice Department today unsealed indictments against four Chinese officers of the People's Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. DOJ officials said the four men were responsible for carrying out the largest theft of sensitive personal information by state-sponsored hackers ever recorded. 
10 February 2020

FBI warns about ongoing attacks against software supply chain companies

Exclusive: FBI alerts US private sectors about attacks aimed at their supply chain software providers.
10 February 2020

How North Korea's Senior Leaders Harness the Internet

Researchers learn how North Korea is expanding its Internet use in order to generate revenue and bypass international sanctions.
10 February 2020

Some Democrats Lead Trump in Campaign Domain-Security Efforts

Sanders and Trump campaigns lack proper DMARC security enforcement, study finds.
10 February 2020

BYO-Bug Tactic Attacks Windows Kernel with Outdated Driver

BYO-Bug Tactic Attacks Windows Kernel with Outdated Driver The RobbinHood ransomware is using a deprecated Gigabyte driver as the tip of the spear for taking out antivirus products.
10 February 2020