Cybersecurity News


Man-in-the-Middle Attacks: A Growing but Preventable Mobile Threat

Hackers are upping their game, especially as they target mobile devices.
15 April 2020

Which InfoSec Jobs Will Best Survive a Recession?

Which InfoSec Jobs Will Best Survive a Recession? With COVID-19 making a mess of the global economy, companies are seeking to cut corners - and some boardrooms still see security as a "cost center." Are infosec careers vulnerable now?
15 April 2020

'Nothing's Off the Table': Will Infosec Jobs Survive the Recession?

'Nothing's Off the Table': Will Infosec Jobs Survive the Recession? With COVID-19 making a mess of the global economy, companies are seeking to cut corners - and some boardrooms still see security as a "cost center." Are infosec careers vulnerable now?
15 April 2020

New York State Confirms Breach of Government Network

The January incident led state officials to hire an external forensics firm and change thousands of employee passwords.
15 April 2020

Tencent Ups Top Bug-Bounty Award to $15K

Tencent Ups Top Bug-Bounty Award to $15K The Chinese ISP has expanded its program via HackerOne.
15 April 2020

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

The Coronavirus has prompted thousands of information security professionals to volunteer their skills in upstart collaborative efforts aimed at frustrating cybercriminals who are seeking to exploit the crisis for financial gain. Whether it's helping hospitals avoid becoming the next ransomware victim or kneecapping new COVID-19-themed scam websites, these nascent partnerships may well end up saving lives. But can this unprecedented level of collaboration survive the pandemic?
15 April 2020

Intel Fixes High-Severity Flaws in NUC, Discontinues Buggy Compute Module

Intel Fixes High-Severity Flaws in NUC, Discontinues Buggy Compute Module Intel fixed nine high- and medium-severity flaws in its April security update, which could enable privilege escalation and denial of service attacks.
15 April 2020

PPE, COVID-19 Medical Supplies Targeted by BEC Scams

PPE, COVID-19 Medical Supplies Targeted by BEC Scams FBI said that government agencies aiming to buy critical items like ventilators have unknowingly transferred funds to threat actors.
15 April 2020

Cybersecurity Prep for the 2020s

The more things change, the more they stay the same. Much of the world is still behind on the basics.
15 April 2020

Rapid7 launches AttackerKB, a service for crowdsourcing vulnerability assessments

AttackerKB portal enters public beta.
15 April 2020

New tool detects AWS intrusions where hackers abuse self-replicating tokens

New SkyWrapper tool generates Excel spreadsheets so AWS account owners can easily spot compromised tokens.
15 April 2020

Nemty ransomware operation shuts down

Another ransomware operation bites the dust. Good riddance!
15 April 2020

Phishing kit prices skyrocketed in 2019 by 149%

The average price for a phishing kit in 2019 was $304, up from $122 recorded in 2018.
15 April 2020

Patch-a-Palooza: More Than 560 Flaws Fixed in a Single Day

Software vendors keep pushing patches to the same Tuesday once a month, or once a quarter, and the result can be overwhelming. Six enterprise software makers issued patches for 567 issues in April.
14 April 2020

Microsoft Patch Tuesday, April 2020 Edition

Microsoft today released updates to fix 113 security vulnerabilities in its various Windows operating systems and related software. Those include at least three flaws that are actively being exploited, as well as two others which were publicly detailed prior to today, potentially giving attackers a head start in figuring out how to exploit the bugs.
14 April 2020

Microsoft opens AccountGuard to healthcare providers on the COVID-19 front lines

Microsoft says the service will remain free for all healthcare organizations "until the COVID-19 pandemic subsides."
14 April 2020

Will Gentler HIPAA Rules on Telehealth Now Protect Us From Breach Litigation Later?

Will Gentler HIPAA Rules on Telehealth Now Protect Us From Breach Litigation Later? To enable medical care while encouraging social distancing during the COVID-19 pandemic, the Department of Health and Human Services temporarily loosened up on some of its HIPAA noncompliance enforcement on telehealth. But what happens if there's a PHI slip-up?
14 April 2020

Microsoft Patches 113 Bugs, 3 Under Active Attack

Microsoft has seen a 44% jump in the number of CVEs fixed between January and April 2020 compared with the same period in 2019.
14 April 2020

Insecure Home Office Networks Heighten Work-at-Home Risks

Nearly one in two organizations has one or more devices accessing its corporate network from a home network with at least one malware infection, BitSight says.
14 April 2020

April Patch Tuesday: Microsoft Battles 4 Bugs Under Active Exploit

April Patch Tuesday: Microsoft Battles 4 Bugs Under Active Exploit Microsoft issued 113 patches in a big update, unfortunately for IT staff already straining under WFH security concerns.
14 April 2020