Cybersecurity News


CSO's Guide to 'Employee-First' Security Operations During COVID-19 & Beyond

As the work-at-home environment continues to inform new ways of doing business, it's important that security teams remain flexible and ready for change.
09 June 2020

KingMiner botnet brute-forces MSSQL databases to install cryptocurrency miner

The KingMiner gang is brute-forcing the "sa" user, the highest-privileged account on a MSSQL database.
09 June 2020

Malicious Android apps deactivated fraud code to bypass Google's security scans

Trick didn't work. Google banned them anyway.
09 June 2020

DARPA Launches Bug Bounty Program

Unlike most crowdsourced vulnerability-hunting projects, this one is targeted at hardware defenses.
08 June 2020

Chinese and Iranian APT Groups Targeted US Presidential Campaigns

Google analysts report advanced persistent threat groups linked to China and Iran launched phishing attacks against the Biden and Trump campaigns.
08 June 2020

Singapore’s Contact Tracing Wearable Causes Privacy Backlash

Singapore’s Contact Tracing Wearable Causes Privacy Backlash Thousands have signed a petition that underscores data privacy issues with Singapore's newly announced contact-tracing wearable, in development.
08 June 2020

Canada's Fitness Depot Alerts Customers to Data Breach

The retailer reports cybercriminals infected its online store and used a fraudulent form to steal shoppers' information.
08 June 2020

CallStranger vulnerability lets attacks bypass security systems and scan LANs

The CallStranger vulnerability can also be used to launch major DDoS attacks.
08 June 2020

SMBGhost RCE Exploit Threatens Corporate Networks

SMBGhost RCE Exploit Threatens Corporate Networks The release of a PoC for the Windows flaw known as "SMBGhost" could set off cyberattack waves, CISA warned.
08 June 2020

Phishing Attack Hits German Coronavirus Task Force

Phishing Attack Hits German Coronavirus Task Force More than 100 executives at a multinational company that's part of a German task force for creating coronavirus protective gear, were targeted in an ongoing phishing attack.
08 June 2020

Safeguard Your Remote Workforce

DDoS attacks on VPN servers can not only bring remote work to a standstill but also cut off admins from accessing their systems. Here are three ways to stay safer.
08 June 2020

Apple hopes to bolster password security with open source project

The tech giant wants developers of password managers to collaborate for better user experience and security

The post Apple hopes to bolster password security with open source project appeared first on WeLiveSecurity

08 June 2020

Can Governments Defeat Nation-State Attacks on Critical Infrastructures?

Can Governments Defeat Nation-State Attacks on Critical Infrastructures? The one cyber risk that governments are much better at controlling than we are is insider threats. Governments have been dealing with people threats for centuries and have powerful tools at their disposal for such investigations.
08 June 2020

Vulnerabilities in popular open source projects doubled in 2019

Jenkins and MySQL vulnerabilities have had the most weaponized vulnerabilities in the past five years.
08 June 2020

Defense Contractor Compromised with MAZE Ransomware

Westech MAZE Ransomware Compromise; InfoSec News asks an Expert About the Fallout By William Knowles @c4i Senior Editor InfoSec News June 8, 2020 Troubling Cybersecurity/National Security news via Sky News, which is reporting that criminal hackers have stolen confidential information from Westech International. Westech serves as a U.S. military contractor for a number of Washington […]
08 June 2020

Owners of DDoS-for-Hire Service vDOS Get 6 Months Community Service

The co-owners of vDOS, a now-defunct service that for four years helped paying customers launch more than two million distributed denial-of-service (DDoS) attacks that knocked countless Internet users and websites offline, each have been sentenced to six months of community service by an Israeli court.
07 June 2020

Apple publishes free resources to improve password security

The new tools are meant to help the developers of password managers and Apple hopes the tools will reduce the instances where users chose their own password rather than rely on the password manager.
05 June 2020

Q&A: Eugene Spafford on the Risks of Internet Voting

Q&A: Eugene Spafford on the Risks of Internet Voting Allowing people to cast their ballots online to circumvent coronavirus-related health concerns introduces problems that we simply don't know how to manage, says the Purdue University professor and security leader.
05 June 2020

Spear Phishing Campaign Hits Developer Collaboration System Users

Users of Zeplin, a popular developer and designer collaboration system, have been hit with new waves of spearphishing attacks in the last month.
05 June 2020

Flaws Found in Some Open Source Projects Exploited More Often

A study of major open source projects finds that 3.3% of vulnerabilities are exploited, but the rate of exploitation varies significantly.
05 June 2020