Cybersecurity News


The Annoying MacOS Threat That Won't Go Away

In two years, the adware-dropping Shlayer Trojan has spread to infect one in 10 MacOS systems, Kaspersky says.
23 January 2020

New York state wants to ban government agencies from paying ransomware demands

Another NY Senate bill would create a cyber security enhancement fund and restricting the use of taxpayer moneys in paying ransoms
23 January 2020

DHS Warns of Increasing Emotet Risk

Emotet is considered one of the most damaging banking Trojans, primarily through its ability to carry other malware into an organization.
23 January 2020

NSA Offers Guidance on Mitigating Cloud Flaws

A new document separates cloud vulnerabilities into four classes and offers mitigations to help businesses protect cloud resources.
23 January 2020

Critical, Unpatched ‘MDhex’ Bugs Threaten Hospital Devices

Critical, Unpatched ‘MDhex’ Bugs Threaten Hospital Devices The Feds have warned on six vulnerabilities in GE medical equipment that could affect patient monitor alarms and more.
23 January 2020

U.S. Gov Agency Targeted With Malware-Laced Emails

U.S. Gov Agency Targeted With Malware-Laced Emails The malicious email campaign included a never-before-seen malware downloader called Carrotball, and may be linked to the Konni Group APT.
23 January 2020

Shlayer, No. 1 Threat for Mac, Targets YouTube, Wikipedia

Shlayer, No. 1 Threat for Mac, Targets YouTube, Wikipedia The malware uses thousands of partner websites to spread malvertising code.
23 January 2020

Deconstructing Web Cache Deception Attacks: They're Bad; Now What?

Deconstructing Web Cache Deception Attacks: They're Bad; Now What? Expect cache attacks to get worse before they get better. The problem is that we don't yet have a good solution.
23 January 2020

Severe Vulnerabilities Discovered in GE Medical Devices

CISA has released an advisory for six high-severity CVEs for GE Carescape patient monitors, Apex Pro, and Clinical Information Center systems.
23 January 2020

MDhex vulnerabilities impact GE patient vital signs monitoring devices

GE Healthcare plans to release patches in Q2 2020.
23 January 2020

Someone is uninstalling the Phorpiex malware from infected PCs and telling users to install an antivirus

Malware analysts believe someone has hijacked the Phorpiex botnet from its creator and is sabotaging its operations by alerting users they've been infected.
23 January 2020

Cisco Warns of Critical Network Security Tool Flaw

Cisco Warns of Critical Network Security Tool Flaw The critical flaw exists in Cisco's administrative management tool, used with network security solutions like firewalls.
23 January 2020

Weathering the Privacy Storm from GDPR to CCPA & PDPA

A general approach to privacy, no matter the regulation, is the only way companies can avoid a data protection disaster in 2020 and beyond.
23 January 2020

Ryuk Ransomware Hit Multiple Oil & Gas Facilities, ICS Security Expert Says

Attackers 'weaponized' Active Directory to spread the ransomware.
23 January 2020

Microsoft exposed 250 million customer support records

Databases containing 14 years’ worth of customer support logs were publicly accessible with no password protection

The post Microsoft exposed 250 million customer support records appeared first on WeLiveSecurity

23 January 2020

Google: Flaws in Apple’s Private-Browsing Technology Allow for Third-Party Tracking

Google: Flaws in Apple’s Private-Browsing Technology Allow for Third-Party Tracking New research outlines vulnerabilities in Safari’s Intelligent Tracking Protection that can reveal user browsing behavior to third parties.
23 January 2020

To Avoid Disruption, Ransomware Victims Continue to Pay Up

For all the cautions against doing so, one-third of organizations in a Proofpoint survey said they paid their attackers after getting infected with ransomware.
23 January 2020

Securely Disposing Mobile Devices

Do you plan on giving away or selling one of your older mobile devices? Make sure you wipe or reset your device before disposing of it. If you don't, the next person who owns it will have access to all of your accounts and personal information.
23 January 2020

Pwn2Own Miami Contestants Haul in $180K for Hacking ICS Equipment

Pwn2Own Miami Contestants Haul in $180K for Hacking ICS Equipment The competition targets the systems that run critical infrastructure and more.
22 January 2020

Apple Addresses iPhone 11 Location Privacy Concern

Apple is rolling out a new update to its iOS operating system that addresses the location privacy issue on iPhone 11 devices that was first detailed here last month.
22 January 2020