Cybersecurity News
Software AG Data Released After Clop Ransomware Strike – Report
The Clop group attacked Software AG, a German conglomerate with operations in more than 70 countries, threatening to dump stolen data if the whopping $23 million ransom isn’t paid.
13 October 2020
Treasury Dept. Advisory Shines Spotlight on Ransomware Negotiators
With attacks showing no signs of abating, some companies have begun offering services to help reduce ransom demands, buy more time, and arrange payments.13 October 2020
25% of BEC Cybercriminals Based in the US
While the US is known to be a prime target for BEC attacks, just how many perpetrators are based there came as a surprise to researchers.13 October 2020
Where are the 'Great Exits' in the Data Security Market?
If data security were a student, its report card would read "Not performing to potential." Here's why.
13 October 2020
Critical Flash Player Flaw Opens Adobe Users to RCE
The flaw stems from a NULL Pointer Dereference error and plagues the Windows, macOS, Linux and ChromeOS versions of Adobe Flash Player.
13 October 2020
Microsoft October 2020 Patch Tuesday fixes 87 vulnerabilities
Fixes for 21 remote code execution (RCE) vulnerabilities included for products like Excel, Outlook, the Windows Graphics component, and the Windows TCP/IP stack.13 October 2020
Attackers chain Windows, VPN flaws to target US government agencies
Bad actors have accessed US elections support systems, although there's no evidence to suggest that election data has been compromised, say FBI and CISA
The post Attackers chain Windows, VPN flaws to target US government agencies appeared first on WeLiveSecurity
13 October 2020
Election Systems Under Attack via Microsoft Zerologon Exploits
Cybercriminals are chaining Microsoft's Zerologon flaw with other exploits in order to infiltrate government systems, putting election systems at risk, a new CISA and FBI advisory warns.
13 October 2020
Authentication Bug Opens Android Smart-TV Box to Data Theft
The streaming box allows arbitrary code execution as root, paving the way to pilfering social-media tokens, passwords, messaging history and more.
13 October 2020
Trickbot Botnet Response Highlights Partnerships Preventing U.S. Election Interference
Recent efforts by USCYBERCOM and Microsoft to disrupt the Trickbot botnet highlight the importance of partnerships in successful malware botnet disruption.13 October 2020
TrickBot Takedown Disrupts Major Crimeware Apparatus
Microsoft and partners went after the botnet using a copyright infringement tactic and hunting down C2 servers.
13 October 2020
Online Voting Is Coming, but How Secure Will It Be?
It's time for state governments to act as leaders, adopt digital ID standards, enable new online voting systems, and provide broad-based access to all communities for the benefit of all.13 October 2020
Office 365: A Favorite for Cyberattack Persistence
Bad actors are leveraging legitimate services and tools within Microsoft's productivity suite to launch cyberattacks on COVID-19 stay-at-home workers, new research finds.
13 October 2020
Malware gangs love open source offensive hacking tools
Hacking tools released by security researchers often end up being abused by bad guys as well.13 October 2020
Software AG Continues Efforts Against $20M Ransomware Attack
The attack, which now includes extortion components, has moved into its second week.12 October 2020
Security Firms & Financial Group Team Up to Take Down Trickbot
Microsoft and security firms ESET, Black Lotus Labs, and Symantec collaborated with the financial services industry to cut off the ransomware operation's C2 infrastructure.12 October 2020
What is End-to-End Encryption?
Many services advertise E2EE, but not all of them actually offer it.
12 October 2020
Security Officers, Are Your Employees Practicing Good Habits from Home?
Even if you can't see your employees in the office, they still need to be reminded that criminals are always trying to spot a weak link in the chain.12 October 2020
Security Officers, Are Your Employers Practicing Good Habits from Home?
Even if you can't see your employees in the office, they still need to be reminded that criminals are always trying to spot a weak link in the chain.12 October 2020
A 7-Step Cybersecurity Plan for Healthcare Organizations
With National Cybersecurity Awareness Month shining a spotlight on the healthcare industry, security pros share best practices for those charged with protecting these essential organizations.
12 October 2020