Threat Level as of APRIL 2020

MS ISAC Last Mnt Alert Level May 2019

On April 2020, the Cyber Threat Alert Level was evaluated and because of COVID-19 Pandemic, has been raised to "GUARDED" security levels.

Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to continue to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails especially from un-trusted sources.

MS ISAC Last Mnt Hot Topics MAR2020 2
MS ISAC Last Mnt Hot Topics MAR2020 3
MS ISAC Last Mnt Hot Topics MAR2020
MS ISAC Last Mnt Alert Map May 2019

"Knowledge about your enemies will help you win. Thus, treat threat intelligence with the respect it deserves and use it to protect your organization from all the relevant adversaries."

- How to Collect, Refine, Utilize and Create Threat Intelligence, October 2016, Gartner

Are you living in a SMART HOME?

SMART HOMES based on the IoT (Internet of Things - Amazon Alexa, Google Siri, Ring Doorbell etc) provide comfort & convenient management of our complicated life, however, SMART HOMES are also the largest threat to our privacy and risk of identity theft --

RSS Threats with IoTs

RSS IoT For All

  • How is Coronavirus Making the Data Science & AI Field Reactive? May 22, 2020
    The post How is Coronavirus Making the Data Science & AI Field Reactive? appeared first on IoT For All Even amidst million reports on coronavirus affecting the world adversely, there is one little ray of hope. The hope of data science and AI being into play to help predict and prevent the outbreak well within […]
  • 10 Ways AI is Transforming the Customer Experience May 21, 2020
    The post 10 Ways AI is Transforming the Customer Experience appeared first on IoT For All Artificial intelligence is continuing to change customers' expectations and the buying process. From automated content recommendations to voice-enabled shopping and customer eye-tracking, companies need to invest in the latest tech in order to stay competitive. Here are 10 examples […]
  • Powerful and New IoT Applications in Real Estate for 2020 May 20, 2020
    The post Powerful and New IoT Applications in Real Estate for 2020 appeared first on IoT For All In this article, we will discuss how new Internet of Things (IoT) applications for real estate are changing many aspects of the industry in 2020. We will discover what IoT use cases in real estate are the […]
  • IoT Home Irrigation System Using Losant and Particle Photon May 19, 2020
    The post IoT Home Irrigation System Using Losant and Particle Photon appeared first on IoT For All Stuck inside during the Coronavirus? This article teaches you how to build an IoT application that controls the irrigation of your houseplants. The post IoT Home Irrigation System Using Losant and Particle Photon appeared first on IoT For […]
  • How Do AI and Smart Automation Impact Modern Testing and QA? May 18, 2020
    The post How Do AI and Smart Automation Impact Modern Testing and QA? appeared first on IoT For All Artificial Intelligence and Smart Automation have the potential to change how we test for and ensure quality assurance in automation. The post How Do AI and Smart Automation Impact Modern Testing and QA? appeared first on […]

NIST National Vulnerabilty Database

Search the NIST database for a known vulnerability now ---

RSS National Vulnerability Database

RSS National Vulnerability Database

  • CVE-2020-13439 May 24, 2020
    ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c.
  • CVE-2020-13438 May 24, 2020
    ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c.
  • CVE-2020-13440 May 24, 2020
    ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c.
  • CVE-2020-13434 May 24, 2020
    SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.
  • CVE-2020-13433 May 24, 2020
    Jason2605 AdminPanel 4.0 allows SQL Injection via the editPlayer.php hidden parameter.
  • CVE-2020-13435 May 24, 2020
    SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.
  • CVE-2020-13429 May 24, 2020
    legend.ts in the piechart-panel (aka Pie Chart Panel) plugin before 1.5.0 for Grafana allows XSS via the Values Header (aka legend header) option.
  • CVE-2020-13430 May 24, 2020
    Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource.
  • CVE-2020-13425 May 23, 2020
    TrackR devices through 2020-05-06 allow attackers to trigger the Beep (aka alarm) feature, which will eventually cause a denial of service when battery capacity is exhausted.
  • CVE-2020-13424 May 23, 2020
    The XCloner component before 3.5.4 for Joomla! allows Authenticated Local File Disclosure.

RSS Tenable Product Security Advisories

  • [R1] Nessus Agent 7.6.3 Fixes Multiple Third-party Vulnerabilities April 28, 2020
    Nessus Agent leverages third-party software to help provide underlying functionality. One of the third-party components (OpenSSL) was found to contain a multiple vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to upgrade the bundled library to address the potential impact of […]
  • [R2] Tenable.sc 5.14.0 Fixes Multiple Vulnerabilities April 13, 2020
    Tenable.sc leverages third-party software to help provide underlying functionality. One third-party component (jQuery) was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to upgrade the bundled libraries to address the potential impact of these issues. Tenable.sc versions 5.14.0 […]
  • [R1] SimpleSAMLPHP Stand-alone Patch Available for Tenable.sc versions 5.9.x to 5.12.x January 6, 2020
    Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components (SimpleSAMLPHP) was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to provide a stand-alone patch to address the potential impact of these issues in […]
  • [R1] Tenable.sc 5.13.0 Fixes Multiple Third-Party Vulnerabilities December 30, 2019
    Tenable.sc leverages third-party software to help provide underlying functionality. Three separate third-party components (OpenSSL, Apache HTTP Server, SimpleSAMLphp) were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to upgrade the bundled libraries to address the potential impact of […]
  • [R1] Nessus Network Monitor 5.11.0 Fixes Multiple Third-party Vulnerabilities December 19, 2019
    Nessus Network Monitor leverages third-party software to help provide underlying functionality. Several third-party components (OpenSSL, jQuery and moment.js) were found to contain vulnerabilities, and updated versions have been made available by the providers.
  • [R1] PHP Stand-alone Patch Available for Tenable.sc versions 5.7.x to 5.11.x November 4, 2019
    Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components (PHP) was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to provide a stand-alone PHP patch to address the potential impact of these issues […]
  • [R1] Nessus 8.7.0 Fixes One Vulnerability October 22, 2019
    Nessus versions 8.6.0 and earlier were found to contain a Denial of Service vulnerability due to improper validation of specific imported scan types. An authenticated, remote attacker could potentially exploit this vulnerability to cause a Nessus scanner to become temporarily unresponsive.
  • [R1] Nessus 8.6.0 Fixes One Vulnerability August 13, 2019
    Nessus versions 8.5.2 and earlier on Windows platforms were found to contain a flaw where certain files could be overwritten arbitrarily. An authenticated, remote attacker could potentially exploit this vulnerability to create a denial of service condition.
  • [R2] Nessus 8.5.0 Fixes Multiple Vulnerabilities June 25, 2019
    Nessus versions 8.4.0 and earlier were found to contain multiple XSS vulnerabilities due to improper validation of user-supplied input. For CVE-2019-3961, an unauthenticated, remote attacker could exploit this vulnerability via a specially crafted request to execute arbitrary script code in a user's browser session.
  • [R1] Nessus Agent 7.4.0 Fixes One Third-party Vulnerability May 14, 2019
    Nessus Agent leverages third-party software to help provide underlying functionality. One of the third-party components (OpenSSL) was found to contain a single vulnerability, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to upgrade the bundled library to address the potential impact of […]

RSS The State of Security

  • Observing a Privacy Milestone: Expert Thoughts on GDPR’s 2nd Anniversary May 25, 2020
    May 25, 2020 marks the second anniversary of when the European Union’s General Data Protection Regulation (GDPR) took full effect. Undoubtedly, many organizations have succeeded in achieving compliance with the Regulation by now. But that raises some important questions. What benefits have those organizations experienced in achieving compliance, for instance? Have they encountered any drawbacks […]
  • U.S. Elections: Effectively Balancing Access and Security May 25, 2020
    For a Democratic Party desperate to unseat President Trump in November, the primary election process has been filled with large-scale technology failure, official miscalculations, voter annoyance and public embarrassment, not to mention piles of money spent in pursuit of an improved 21st-century process that turned out to be worse than what they had. They might […]
  • MilkmanVictory Ransomware Created for Purpose of Attacking Scammers May 22, 2020
    A hacking group claimed that it developed a new ransomware strain called “MilkmanVictory” for the purpose of attacking scammers. Collectively known as “CyberWare,” the group announced their creation on Twitter in mid-May. This is a ransomware i made to send to scammers. MAY I ASK WHY YOU ARE MAKING THINGS ABOUT ANTI-SCAMMER RANSOMWRE — CyberWare […]
  • BlockFi Hacked Following SIM Swap Attack, But Says No Funds Lost May 21, 2020
    For just under 90 minutes last Thursday, hackers were able to compromise the systems of cryptocurrency lending platform BlockFi, and gain unauthorised access to users’ names, email addresses, dates of birth, address and activity history. In an incident report published on its website, BlockFi was keen to stress that the hacker’s activity had been logged […]
  • Scattered Canary Behind Hundreds of Fraudulent Unemployment Claims May 21, 2020
    Security researchers discovered that the Scattered Canary group had filed hundreds of fraudulent unemployment claims in the wake of COVID-19. According to Agari Cyber Intelligence Division, at least some of the threat actors who took part in a large-scale fraud campaign targeting dozens of states’ unemployment insurance programs belonged to a Nigerian digital crime group […]
  • Verizon DBIR 2020: Cloud Apps, Stolen Credentials, and Errors May 20, 2020
    It’s DBIR season! Put down your pens, stop watching “The Last Dance” and get to reading the key findings of the 13th edition of the annual Verizon Data Breach Investigations Report! If “experience is merely the name men gave to their mistakes,” as Oscar Wilde puts it in The Picture of Dorian Gray, then the […]
  • The MITRE ATT&CK Framework: Collection May 20, 2020
    The Collection tactic outlines techniques an attacker will undertake in order to find and gather the data they need to meet their actions on objectives. I see most of these techniques as being useful for describing what a piece of malware or threat actor is up to rather than looking to them for guidance on […]
  • Attacks Targeting ICS & OT Assets Grew 2000% Since 2018, Report Reveals May 20, 2020
    The digital threat landscape is always changing. This year is an excellent (albeit extreme) example. With the help of Dimensional Research, Tripwire found out that 58% of IT security professionals were more concerned about the security of their employees’ home networks than they were before the outbreak of coronavirus 2019 (COVID-19). Slightly fewer percentages of […]
  • Winning with Cyber Threat Intelligence: Taking a More Personal View May 20, 2020
    In this final article of our trilogy, we investigate how a cyber threat intelligence (CTI) analyst and associated programmes provide insight about physical and cyber threats to your organisation. The value of these insights is reflected in the wins, which come as a result of context building, holistic understanding, and enhanced awareness in order to […]
  • Around 9 Million easyJet Customers’ Details Stolen in Hacking Incident May 19, 2020
    British low-cost airline group easyJet revealed that an hacking incident had exposed approximately nine million customers’ information. On May 19, easyJet issued a “Notice of cyber security incident” in which it revealed that it had fallen victim to a digital attack from a “highly sophisticated source.” An investigation revealed that those responsible for the security […]

RSS Attacks!

RSS Network Threats

RSS Mobile Device Threats

  • Security Standards For 5G March 24, 2020
    Gartner predicts that the 5G enterprise IoT endpoint installed base will more than triple between 2020 and 2021, from 3.5 million units in 2020 to 11.4 million units in 2021. By 2023, the enterprise 5...
  • RSAC2020: IoT Is Officially Part Of Enterprise Mobility March 6, 2020
    Risk that comes from mobile and IoT devices must be factored into the enterprise security program. Security leaders need to be looking at those risks holistically and strategically, rather than operat...
  • Email Phishing Overshadows Risk Of Mobile Malware January 2, 2020
    Like the mobile device’s counterpart, workstations and laptops, many loaded malware campaigns begin with phishing attempts. Cyber Security Hub developed a market report to explore the perceptions, cha...
  • Incident Of The Week: FaceApp Now Viral For Security Risks July 19, 2019
    FaceApp has become popular for its ability to take a photo of anyone’s face and age it, or transform its features. Developed by a Russian-based company, it has gone viral because many are questioning...
  • BYOD Rules And The Future Of Medical Data Security April 24, 2019
    Healthcare organizations have always been extremely attractive targets to cyber criminals, so the increasing use of personal or third party mobile devices highlights a need for the implementation of m...
  • Incident Of The Week: Group FaceTime Glitch Exposes Privacy Breach February 1, 2019
    According to The New York Times, on Jan. 19, a 14-year-old from Arizona discovered a glitch using FaceTime, Apple’s video chatting software — he could eavesdrop on his friend’s phone before his friend...
  • 5 Reasons To Use Biometrics To Secure Mobile Devices January 24, 2019
    It is no secret that mobile devices are under attack. From phishing scams to a host of other issues, mobile devices are increasingly seen as a vulnerability in the enterprise, and as an easy target fo...
  • 7 Mobile Security Bloggers To Follow January 15, 2019
    With new enterprise mobile device security threats and vulnerabilities being discovered on a frequent basis, it helps to read analysis from numerous industry leaders.
  • 11 Ways To Boost Your Mobile Device Security Now January 11, 2019
    Since mobile devices can represent an enormous security risk, enterprises need to be aware of every solution. Here are 11 initiatives from IQPC's Enterprise Mobility Exchange, to enhance mobile device...
  • Palo Alto Networks CSO Talks Risk Metrics, Algorithms & Automation October 30, 2018
    On the May 14 episode of “Task Force 7 Radio,” host George Rettas sat down with Palo Alto Networks CSO, Rick Howard, to outline risk management, the security kill-chain and much more.

RSS Threats From Malware

RSS Threats to Data

RSS Cloud Threats

RSS Executive Decisions

RSS Security Strategy

  • Patchwork of Privilege May 24, 2020
    Product marketing manager from Thycotic, Erin Ducan, discusses privilege in this Digital Summit session. Erin sets the stage with this: “We know that cyber attackers are utilizing new technology and a...
  • Implementing A Layered Approach To Phishing And Whaling May 19, 2020
    During this digital summit panel, Suresh Chawdhary, head of security & privacy for Nokia, stresses the importance of a layered, multi-pronged cyber security approach to best protect from phishing and...
  • Enable Secure Velocity At Scale: DevOps Automation With Identity May 14, 2020
    Ivan Dwyer, group product marketing manager with Okta, begins this virtual session by acknowledging the challenges of security professionals as an increasing number of organizations adopt cloud and De...
  • Protecting People from the #1 Threat Vector May 4, 2020
    The FBI reported losses attributed to business email compromise (BEC) and Email Account Compromise (EAC) totalling over $26B between July 2016 and July 2019. While the scale of losses is staggering, h...
  • Scaling Enterprise Threat Detection And Response Is The Theme Of Cyber Security... April 20, 2020
    Cyber Security Hub has united experts from every aspect of this space to present their most compelling case studies and real-world advice. By the end of the event, you will have the tools necessary to...
  • A CISO's Take on Continuous Security Validation April 15, 2020
    The inability to continuously test security controls in the network and prioritize remediation according to business impact remains a challenge for security professionals worldwide. In this webinar,...
  • Free Resources And Advice For Keeping Remote Workers Secure April 13, 2020
    Right now, business nirvana means achieving on-premise security levels while workforces are increasingly remote. Regardless of the size of your business, the security perimeter has significantly shift...
  • Should CISOs Be Technical Leaders Or Business Leaders? April 8, 2020
    To “hyperspecialize” or be a security generalist. That was the topic of this week’s Task Force Radio episode. Both host George Rettas and guest Rafal Los, the founder of Rabbit 77 agreed that people a...
  • Cyber Security Is Integral To Business Continuity Planning April 6, 2020
    Communications are critical for an organization when an incident occurs. Threat actors will also use a disruption to business operations as an opportunity to spread misinformation. Steps are available...
  • Cyber Security Standards and Frameworks March 20, 2020
    No organization will ever be able to prevent 100 percent of cyber-attacks, but through careful due diligence, it’s possible to competitively outpace the threat with early detection and powerful respon...

RSS InfoSecurity Magazine

RSS Application and Cybersecurity Blog

  • Computer-Based Training: April 2020 Release in Review April 23, 2020
    As IT systems expand in their complexity, ensuring security diligence becomes increasingly challenging. More importantly, the need for job-specific guidance becomes critical for all those involved in the secure building and operating of them, whether in Program/Project Management and Acquisition, Network Services, Systems Architecture, Development, Risk Management, or even Threat Analysis. 
  • March Hackness 2020 Post Game Report March 27, 2020
    There’s no better way to put it - March Hackness 2020 was a slam dunk! The CMD+CTRL Cyber Range community shattered records of our previous quarterly events including most participants, most points scored, fastest time to solve all challenges (under 2 hours!) and many more. Many thanks to everyone that participated for choosing to spend […]
  • The Power of Community - PancakesCon 2020: Quarantine Edition March 25, 2020
    Like many industries, the cybersecurity community is full of smart, dedicated, and curious people that deliver surprising results in unusual times. When presented with unique circumstances and limitations, these minds start finding creative and innovative ways to not only maintain the norm, but often to advance it. There is no more recent and shining example […]
  • Profile of a Developer Turned Hacker March 19, 2020
    The struggle to find experienced Cybersecurity professionals is familiar to anyone who has tried to fill a team. With connected technology expanding at a rate far greater than can reasonably be secured, experienced professionals seemingly have swaths of opportunities from which to choose.  Fortunately, many Cybersecurity organizations understand that identifying and training less experienced talent […]
  • Start Stretching for March Hackness March 11, 2020
    As the days get warmer, the sun sets later, and birds chirp louder, the Security Innovation team has one more right of spring to get excited about - March Hackness! This year’s event is going to focus on one of the essential factors for rapidly growing cybersecurity skillsets - new users. To encourage the curiosity […]

RSS Naked Security

RSS Cyber security

RSS Cyber Security

RSS Cyber Attacks, Cyber Crime and Cyber Security

RSS Krebs on Security

  • Riding the State Unemployment Fraud ‘Wave’ May 23, 2020
    When a reliable method of scamming money out of people, companies or governments becomes widely known, underground forums and chat networks tend to light up with activity as more fraudsters pile on to claim their share. And that's exactly what appears to be going on right now as multiple U.S. states struggle to combat a […]
  • Ukraine Nabs Suspect in 773M Password ‘Megabreach’ May 19, 2020
    In January 2019, dozens of media outlets raised the alarm about a new “megabreach” involving the release of some 773 million stolen usernames and passwords that was breathlessly labeled “the largest collection of stolen data in history.” A subsequent review by KrebsOnSecurity quickly determined the data was years old and merely a compilation of credentials […]
  • This Service Helps Malware Authors Fix Flaws in their Code May 18, 2020
    Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security researchers or ne’er-do-wells to liberate or else seize control over already-hacked systems. Here’s a […]
  • U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs May 16, 2020
    A well-organized Nigerian crime ring is exploiting the COVID-19 crisis by committing large-scale fraud against multiple state unemployment insurance programs, with potential losses in the hundreds of millions of dollars, according to a new alert issued by the U.S. Secret Service. A memo seen by KrebsOnSecurity that the Secret Service sent to field offices around […]
  • Microsoft Patch Tuesday, May 2020 Edition May 12, 2020
    Microsoft today issued software updates to plug at least 111 security holes in Windows and Windows-based programs. None of the vulnerabilities were labeled as being publicly exploited or detailed prior to today, but as always if you're running Windows on any of your machines it's time once again to prepare to get your patches on.
  • Ransomware Hit ATM Giant Diebold Nixdorf May 11, 2020
    Diebold Nixdorf, a major provider of automatic teller machines (ATMs) and payment technology to banks and retailers, recently suffered a ransomware attack that disrupted some operations. The company says the hackers never touched its ATMs or customer networks, and that the intrusion only affected its corporate network.
  • Meant to Combat ID Theft, Unemployment Benefits Letter Prompts ID Theft Worries May 8, 2020
    Millions of Americans now filing for unemployment will receive benefits via a prepaid card issued by U.S. Bank, a Minnesota-based financial institution that handles unemployment payments for more than a dozen U.S. states. Some of these unemployment applications will trigger an automatic letter from U.S. Bank to the applicant. The letters are intended to prevent […]
  • Tech Support Scam Uses Child Porn Warning May 7, 2020
    A new email scam is making the rounds, warning recipients that someone using their Internet address has been caught viewing child pornography. The message claims to have been sent from Microsoft Support, and says the recipient's Windows license will be suspended unless they call an "MS Support" number to reinstate the license, but the number […]
  • Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware May 6, 2020
    Fresenius, Europe's largest private hospital operator and a major provider of dialysis products and services that are in such high demand thanks to the COVID-19 pandemic, has been hit in a ransomware cyber attack on its technology systems. The company said the incident has limited some of its operations, but that patient care continues.
  • How Cybercriminals are Weathering COVID-19 April 30, 2020
    In many ways, the COVID-19 pandemic has been a boon to cybercriminals: With unprecedented numbers of people working from home and anxious for news about the virus outbreak, it's hard to imagine a more target-rich environment for phishers, scammers and malware purveyors. In addition, many crooks are finding the outbreak has helped them better market […]

RSS WeLiveSecurity

  • Week in security with Tony Anscombe May 22, 2020
    ESET research into Winnti Group's new backdoor – A dangerous Android app under the microscope – The BIAS Bluetooth bug The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
    Tomáš Foltýn
  • Insidious Android malware gives up all malicious features but one to gain stealth May 22, 2020
    ESET researchers detect a new way of misusing Accessibility Service, the Achilles’ heel of Android security The post Insidious Android malware gives up all malicious features but one to gain stealth appeared first on WeLiveSecurity
    Lukas Stefanko
  • How encryption can help protect your sensitive data May 22, 2020
    Here’s how encryption can help keep your data safe from prying eyes – even if your device is stolen or your cloud account is hacked The post How encryption can help protect your sensitive data appeared first on WeLiveSecurity
    Amer Owaida
  • Chrome 83 arrives with enhanced security and privacy controls May 21, 2020
    New features include DNS over HTTPS, a Safety Check section and simpler cookie management The post Chrome 83 arrives with enhanced security and privacy controls appeared first on WeLiveSecurity
    Amer Owaida
  • No “Game over” for the Winnti Group May 21, 2020
    The notorious APT group continues to play the video game industry with yet another backdoor The post No “Game over” for the Winnti Group appeared first on WeLiveSecurity
    Mathieu Tartare
  • These things may be cool, but are they safe? May 20, 2020
    In the rush to embrace IoT devices, we shouldn’t trade in our privacy and security for the added convenience The post These things may be cool, but are they safe? appeared first on WeLiveSecurity
    Amer Owaida
  • Bluetooth flaw exposes countless devices to BIAS attacks May 19, 2020
    As many as 30 different smartphones, laptops and other devices were tested – and all were found to be vulnerable The post Bluetooth flaw exposes countless devices to BIAS attacks appeared first on WeLiveSecurity
    Amer Owaida
  • European supercomputers hacked to mine cryptocurrency May 18, 2020
    Several high-performance computers working on COVID-19 research have been forced offline following a string of attacks The post European supercomputers hacked to mine cryptocurrency appeared first on WeLiveSecurity
    Amer Owaida
  • Week in security with Tony Anscombe May 15, 2020
    ESET research into malware taking aim at air-gapped networks – Dissecting a backdoor hitting high-profile targets in Asia – WannaCryptor three years later The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
    Tomáš Foltýn
  • Microsoft fixes vulnerability affecting all Windows versions since 1996 May 15, 2020
    Another vulnerability in the same Windows component was abused by Stuxnet a decade ago The post Microsoft fixes vulnerability affecting all Windows versions since 1996 appeared first on WeLiveSecurity
    Amer Owaida

RSS We Live CyberSecurity Feed

  • Week in security with Tony Anscombe May 22, 2020
    ESET research into Winnti Group's new backdoor – A dangerous Android app under the microscope – The BIAS Bluetooth bug The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
  • Insidious Android malware gives up all malicious features but one to gain stealth May 22, 2020
    ESET researchers detect a new way of misusing Accessibility Service, the Achilles’ heel of Android security The post Insidious Android malware gives up all malicious features but one to gain stealth appeared first on WeLiveSecurity
  • How encryption can help protect your sensitive data May 22, 2020
    Here’s how encryption can help keep your data safe from prying eyes – even if your device is stolen or your cloud account is hacked The post How encryption can help protect your sensitive data appeared first on WeLiveSecurity
  • Chrome 83 arrives with enhanced security and privacy controls May 21, 2020
    New features include DNS over HTTPS, a Safety Check section and simpler cookie management The post Chrome 83 arrives with enhanced security and privacy controls appeared first on WeLiveSecurity
  • No “Game over” for the Winnti Group May 21, 2020
    The notorious APT group continues to play the video game industry with yet another backdoor The post No “Game over” for the Winnti Group appeared first on WeLiveSecurity
  • These things may be cool, but are they safe? May 20, 2020
    In the rush to embrace IoT devices, we shouldn’t trade in our privacy and security for the added convenience The post These things may be cool, but are they safe? appeared first on WeLiveSecurity
  • Bluetooth flaw exposes countless devices to BIAS attacks May 19, 2020
    As many as 30 different smartphones, laptops and other devices were tested – and all were found to be vulnerable The post Bluetooth flaw exposes countless devices to BIAS attacks appeared first on WeLiveSecurity
  • European supercomputers hacked to mine cryptocurrency May 18, 2020
    Several high-performance computers working on COVID-19 research have been forced offline following a string of attacks The post European supercomputers hacked to mine cryptocurrency appeared first on WeLiveSecurity
  • Week in security with Tony Anscombe May 15, 2020
    ESET research into malware taking aim at air-gapped networks – Dissecting a backdoor hitting high-profile targets in Asia – WannaCryptor three years later The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
  • Microsoft fixes vulnerability affecting all Windows versions since 1996 May 15, 2020
    Another vulnerability in the same Windows component was abused by Stuxnet a decade ago The post Microsoft fixes vulnerability affecting all Windows versions since 1996 appeared first on WeLiveSecurity