Attackers have little motivation to stop when businesses are paying increasingly larger ransoms, say security experts who foresee a rise in attacks. Security experts see little chance of ransomware attacks slowing down in 2021 given […]
Category: Security
Ransomware Group Makes Splashy $20K Donation to Charities
Cybercriminal gang Darkside sent $20K in donations to charities in a ‘Robin Hood’ effort that’s likely intended to draw attention to future data dumps, according to experts. Source link
Do Standards Exist That Certify Secure IoT Systems?
The IoT industry remains fragmented with a lot of players, big and small, churning out a lot of products. Question: Do standards or labels exist that certify secure Internet of Things (IoT) systems? Loren Browman, […]
NSA Reveals the Top 25 Vulnerabilities Exploited by …
Officials urge organizations to patch the vulnerabilities most commonly scanned for, and exploited by, Chinese attackers. The US National Security Agency (NSA) today published a list of the top 25 publicly known vulnerabilities most often […]
Adobe Fixes 16 Critical Code-Execution Bugs Across Portfolio
The out-of-band patches follow a lighter-than-usual Patch Tuesday update earlier this month. Source link
The Cybersecurity Maturity Model Certification: Are …
Let’s face it: Cybersecurity threat risk isn’t going anywhere, and it’s only going to get worse. This realization caused the Department of Defense (DoD) to create the Cybersecurity Maturity Model Certification (CMMC) early this year. […]
Russian “government hackers” charged with cybercrimes by the US – Naked Security
You’ve probably seen the news that six Russians, allegedly employed by the Russian Main Intelligence Directorate, better known as the GRU, have been charged with cybercrimes by the US Department of Justice (DOJ). The DOJ […]
Facebook: A Top Launching Pad For Phishing Attacks
Amazon, Apple, Netflix, Facebook and WhatsApp are top brands leveraged by cybercriminals in phishing and fraud attacks - including a recent strike on a half-million Facebook users. Source link
Farsight Labs Launched as Security Collaboration Platform
Farsight Security’s platform will offer no-cost access to certain tools and services. Source link
Pharma Giant Pfizer Leaks Customer Prescription Info, Call Transcripts
Hundreds of medical patients taking cancer drugs, Premarin, Lyrica and more are now vulnerable to phishing, malware and identity fraud. Source link
Businesses Rethink Endpoint Security for 2021
The mass movement to remote work has forced organizations to rethink their long-term plans for endpoint security. How will things look different next year? This year has put IT and security teams to the test […]
Office 365 OAuth Attack Targets Coinbase Users
Attackers are targeting Microsoft Office 365 users with a Coinbased-themed attack, aiming to take control of their inboxes via OAuth. Source link
Building the Human Firewall
Cybersecurity was a challenge before COVID-19 sent millions of employees home to work from their own devices and networks. Now what? The major shift to remote work in the COVID-19 economy has underscored the reality […]
Mobile Browser Bugs Open Safari, Opera Users to Malware
A set of address-spoofing bugs affect users of six different types of mobile browsers, with some remaining unpatched. Source link
Confronting Data Risk in the New World of Work
The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will […]
Trickbot Tenacity Shows Infrastructure Resistant to …
Both the US Cyber Command and a Microsoft-led private-industry group have attacked the infrastructure used by attackers to manage Trickbot — but with only a short-term impact. On Oct. 12, armed with a court order, […]
Google’s Waze Can Allow Hackers to Identify and Track Users
The company already patched an API flaw that allowed a security researcher to use the app to find the real identity of drivers using it. Source link
NSS Labs Shuttered
Testing firm’s website says it has ‘ceased operations’ as of Oct. 15. Security testing firm NSS Labs has halted operations, according to a post on its website that states: “Due to Covid-related impacts, NSS Labs […]
Russian Military Officers Unmasked, Indicted for …
US Department of Justice charges members of Sandworm/APT28 for BlackEnergy, NotPetya, Olympic Destroyer, and other major attacks. Six members of the pervasive yet elusive Russian military hacking operation behind some of the most destructive targeted […]
GravityRAT Spyware Targets Android & MacOS in India
The Trojan once used in attacks against Windows systems has been transformed into a multiplatform tool targeting macOS and Android. Researchers have identified GravityRAT, a spying remote access Trojan (RAT) known to target devices in […]
IoT Vulnerability Disclosure Platform Launched
VulnerableThings.com is intended to help vendors meet the terms of a host of new international IoT security laws and regulations. A new online platform for IoT vendors to use in receiving, assessing, managing, and mitigating […]
Microsoft Tops Q3 List of Most-Impersonated Brands
The technology sector was also the most likely targeted industry for brand phishing attacks, according to Check Point’s latest report on brand phishing. Microsoft bumped Amazon and Google to place first for the brand most […]
Rapper Scams $1.2M in COVID-19 Relief, Gloats with ‘EDD’ Video
“Nuke Bizzle” faces 22 years in prison after brazenly bragging about an identity-theft campaign in his music video, “EDD.” Source link
DOJ Charges 6 Sandworm APT Members in NotPetya Cyberattacks
DOJ charges six Russian nationals for their alleged part in the NotPetya, Ukraine power grid and Olympics cyberattacks. Source link