Feds issue emergency order for agencies to patch critical Windows flaw
Agencies that don't update must disconnect all domain controllers from networks.
21-09-2020 22:13

Remote Work Exacerbating Data Sprawl
More than three-quarters of IT executives worry that data sprawl puts their data at risk, especially with employees working from insecure home networks, survey finds.
21-09-2020 17:35

'Dark Overlord' Cyber Extortionist Pleads Guilty
Nathan Wyatt was sentenced to five years in prison after changing a previously not guilty plea.
21-09-2020 16:25

Understanding PCI SSF compliance standards and its benefits
The PCI Security Standards Council (PCI SSC) released a new framework known as the PCI Software Security Framework (SSF) to secure modern payment software. The new framework is a collection of standards and programs that were built to secure the design a
21-09-2020 16:04

CISA Releases Emergency Directive on Microsoft Windows Netlogon Remote Protocol
The Cybersecurity and Infrastructure Security Agency (CISA) has released Emergency Directive (ED) 20-04 addressing a critical vulnerability— CVE-2020-1472—affecting Microsoft Windows Netlogon Remote Protocol. An unauthenticated attacker with network acce
21-09-2020 14:04

Tweet Chat: Exploring the hidden world of Shadow Code
In the latest IT Security Guru Tweet chat, we were joined by PerimeterX, a leading voice in the world of application security, and a host of other voices from across the Infosec spectrum: Analysts, technical experts, members of the C-suite and profession
21-09-2020 12:30

Head of NCSC steps down
After 23 years of being a civil servant and the head of the National Cyber Security Centre (NCSC), Ciaran Martin is stepping down and passing the reins onto Lindy Cameron. The NCSC, a band of GCHQ was created to help protect and prevent hackers, from the
21-09-2020 10:58

Patch by Tonight: CISA Issues Emergency Directive for Critical Netlogon Flaw
The directive requires all federal agencies to apply a patch for Windows Netlogon vulnerability CVE-2020-1472 by midnight on Sept. 21.
21-09-2020 10:55

Experian data breach is not contained, despite claims it has
Experian recently experienced a data breach, which they claim has been contained, but it appears that it has not been. The breach exposed the personal information of 24 million South Africans, 800,000 business, and the bank accounts of 25,000 firms. The
21-09-2020 10:45

Email bungle exposed University of Tasmania students’ personal information
The University of Tasmania has realised an official apology after an email bugle released around 20,000 students personal details to the universities entire faculty. The information was made public from Microsoft Office365’s SharePoint platform, wh
21-09-2020 10:19

5 Steps to Greater Cyber Resiliency
Work from home isn't going away anytime soon, and the increased vulnerability means cyber resiliency will continue to be critical to business resiliency.
21-09-2020 10:00

Hacking Yourself: Marie Moe and Pacemaker Security
Future consumer devices, including pacemakers, should be built with security from the start.
21-09-2020 09:30

COVID-19: Latest Security News & Commentary
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
21-09-2020 08:00

Traders set to don virtual reality headsets in their home offices
UBS looks at recreating busy trading floors with HoloLens experiment.
20-09-2020 13:15

Companies can track your phone’s movements to target ads
A startup gathers data on when you pick up your phone or go out on a run.
20-09-2020 10:57

Telegram messages are a focus in newly uncovered hack campaign from Iran
Active since 2014, “Rampant Kitten” uses Windows and Android infostealers.
18-09-2020 20:36

Wayback Machine and Cloudflare team up to archive more of the Web
Cloudflare-enabled sites get automatic archiving through the Wayback Machine.
18-09-2020 17:53

A Hacker's Playlist
Nine security researchers share their favorite songs and genres.
18-09-2020 16:15

Deadly Ransomware Story Continues to Unfold
A ransomware attack with fatal consequences is attracting notice and comment from around the world.
18-09-2020 15:45

Comcast shut off Internet to hundreds, saying they were illegally connected
Comcast says Denver company resold Comcast service without permission.
18-09-2020 14:58

Shift Left Becomes Shift Everywhere,
According to Synopsys‘ BSIMM11 Study, there are some key trends to take note of when it comes to software security practices. Firstly, it shows that CI/CD instrumentation and operations orchestration have become standard components of many business
18-09-2020 14:00

Indian government computers compromised
Back at the beginning of the month, computers containing highly sensitive information about government officials and national security were compromised due to a breach at the National Informatics Centre, according to Delhi Police. The computers contained
18-09-2020 13:18

A bevy of new features makes iOS 14 the most secure mobile OS ever
Behold: The useful and not-so-useful privacy features you've been waiting for.
18-09-2020 11:48

HMRC COVID-19 tax relief scam targets business owners
Business owners in the UK have been targetted by a phishing scam which captured sensitive information, such as passwords and payment details. The scam impersonated Her Majesty’s Revenue and Customs (HMRC), as reported by accountancy firm Lanop Outsourcin
18-09-2020 11:35

Ransomware attack on Californian schools stops remote learning
An attack on the Newhall District in Valencia is one of the many ransomware attacks targeting the education sector in America. As children head back to school and learning moves online it seems that schools are becoming a major target for ransomware atta
18-09-2020 11:12

Deepfake Detection Poses Problematic Technology Race
Experts hold out little hope for a robust technical solution in the long term.
18-09-2020 10:05

Mitigating Cyber-Risk While We're (Still) Working from Home
One click is all it takes for confidential information to land in the wrong hands. The good news is that there are plenty of ways to teach preventative cybersecurity to remote workers.
18-09-2020 10:00

The smart home revolution
18-09-2020 08:01

Video surveillance & analytics
18-09-2020 08:00

Patient dies after ransomware attack reroutes her to remote hospital
Outage caused an hour delay in treatment for woman with life-threatening condition.
17-09-2020 20:06

Defending Against Deepfakes: From Tells to Crypto
Detecting doctored media has become tricky -- and risky -- business. Here's how organizations can better protect themselves from fake video, audio, and other forms of content.
17-09-2020 18:40

Don't Fall for It! Defending Against Deepfakes
Detecting doctored media has become tricky -- and risky -- business. Here's how organizations can better protect themselves from fake video, audio, and other forms of content.
17-09-2020 18:40

Indictments Unlikely to Deter China's APT41 Activity
So far, at least, the threat group has not let public scrutiny slow it down, security researchers say.
17-09-2020 17:15

Iranian Hackers Indicted for Stealing Aerospace & Satellite Tracking Data
Also, the US Treasury sanctioned Iranian attack group APT39 following a years-long malware campaign.
17-09-2020 17:10

Microsegmentation and why it is a key element of network defence
Everyone has had to become accustomed to the phrase “social distancing” —  the practise of using distance from others to minimise health threats. Inevitably, people have started using the analogy “digital distancing” to talk about similar ide
17-09-2020 16:08

Ransomware Gone Awry Has Fatal Consequences
An attack that knocked hospital systems offline ends in death for patient who had to be sent to another facility.
17-09-2020 16:00

Now is the time for security leaders to build business resilience
COVID-19 has accelerated years of digital transformation into just a few months, weeks, and even days. Accenture recently moved 1.2 million NHS workers to Microsoft Teams in less than a week. And we are not alone – Satya Nadella recently said that Micros
17-09-2020 15:57

Businesses are confident that they have bots under control. They’re wrong.
Businesses can make better decisions if they have a good idea of who is using their website. Are they young or old? Male or female? It turns out they are very likely not even people. The majority of web traffic is made up of automated bots, and a great d
17-09-2020 15:45

Sumo Logic IPO Prices Higher Than Expected
Co-founder and CTO Christian Beedgen explains what this means for the future of the cloud-based data analytics company.
17-09-2020 15:45

Staying ahead in the regulatory race
Governments are playing catch-up across the world. Data privacy breaches from large tech companies, such as Nintendo and Marriott, are becoming more commonplace—and as a result are putting pressure on authorities to introduce stricter compliance policies
17-09-2020 15:35

How to prevent a flood of security hacks by avoiding code leaks
This week sees us celebrate National Coding Week, an event designed to promote the vital role of coding and other digital skills in today’s connected world. Coding, and the languages it uses, provides the bedrock on which we’ve built our digital world –
17-09-2020 14:53

Time for CEOs to Stop Enabling China's Blatant IP Theft
Protecting intellectual property in the name of US economic and national security should be part of every company's fiduciary duty.
17-09-2020 14:00

Black Hat Europe
Virtual Event
17-09-2020 13:30

Hammer drops on hackers accused of targeting game and software makers
Men accused of spying on behalf of China and earning illicit hacking profits on the side.
17-09-2020 11:45

The NCSC issue new advice to academia
After an increase of cyber attacks on the education sector, the National Cyber Security Centre (NCSC) has issued a new warning for schools, colleges and universities. Over the last few months, cybercriminals have attacked schools and universities with ra
17-09-2020 11:25

Hacker finds former Prime Minister’s passport number
A hacker has managed to gain access to former Australian Prime Minister Tony Abbott’s passport and phone number. The hacker, Alex Hope was able to find this information through a picture of Mr Abbotts’s boarding pass he posted on Instagram ba
17-09-2020 10:46

Google place ‘formal’ ban on stalkerware apps
Google has ‘formally’ banned any stalkerware apps from their Play Store, but large loopholes have been left which allow stalkerware to be uploaded as child-tracking apps onto the Play Store. Stalkerware apps track a user’s movement, lis
17-09-2020 10:38

Struggling to Secure Remote IT? 3 Lessons from the Office
The great remote work experiment has exacerbated existing challenges and exposed new gaps, but there are things to be learned from office challenges.
17-09-2020 10:00

COVID-19: Latest Security News & Commentary
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
17-09-2020 08:40

What's on Your Enterprise Network? You Might be Surprised
The strangest connected devices are showing up, and the threats they pose to security should not be overlooked.
16-09-2020 19:00

Likely Links Emerge Between Lazarus Group and Russian-Speaking Cybercriminals
Researchers examine security incidents over the past several years that seemingly connect North Korea's Lazarus Group with Russian-speaking attackers.
16-09-2020 18:00

DDoS Attacks Rose 151% in First Half of 2020
Attacks grew in number, size, and sophistication as the coronavirus pandemic took hold.
16-09-2020 16:37

h2c Smuggling: A New 'Devastating' Kind of HTTP Request
The newly discovered form of HTTP request smuggling could have widespread impact because any proxy can be affected, researchers say. Here's what infosec pros should know.
16-09-2020 16:20

h2c Smuggling: A New 'Devastating' Kind of HTTP Request Smuggling
The newly discovered form of HTTP request smuggling could have widespread impact because any proxy can be affected, researchers say. Here's what infosec pros should know.
16-09-2020 16:20

AT&T wants to put ads on your smartphone in exchange for $5 discount
AT&T CEO: Customers would accept targeted ads if given $5 or $10 price cut.
16-09-2020 16:05

Most Organizations Plan to Make COVID-19 Changes Permanent
After the pandemic, companies will continue to invest in improving IT infrastructure and security as well as automate tasks to reduce errors and improve network resiliency.
16-09-2020 16:05

US Charges Five Members of China-Linked APT41 for Global Attacks
The five Chinese nationals are among seven defendants arrested for intrusion campaigns into more than 100 organizations, the DoJ reports.
16-09-2020 14:45

Boeing hid design flaws in 737 Max jets from pilots and regulators
Congressional report finds aerospace group cut corners.
16-09-2020 14:32

Securonix Adds C-Suite and Product Engineering Leadership
Securonix, Inc., has announced the appointment of Brett Bowman as Chief Financial Officer and Dilshan Ratnayake as Chief People Officer. The company also added product engineering leadership from companies including Amazon, Microsoft and IBM. The C-suite
16-09-2020 14:20

8 Reasons Perimeter Security Alone Won't Protect Your Crown Jewels
Most firewalls and security devices effectively protect systems and data, but are they enough to safeguard business-critical applications?
16-09-2020 14:00

Facebook hacked by researchers exploiting MobileIron MDM flaw
The social networking site was hacked by a researcher who had identified a flaw on MobileIron’s Mobile Device Management (MDM) used by an employee. In this case, the vulnerability was not entirely Facebook’s fault as the weakness in a third-party s
16-09-2020 13:28

Portland joins other cities in banning facial recognition
Announced last week, Portland City Council has banned both personal and public use of facial recognition software. This ban will come into effect at the start of 2021 and the council will fine anyone caught using such technologies $1,000 a day of use. Po
16-09-2020 11:50

CISA Joins MITRE to Issue Vulnerability Identifiers
The Cybersecurity and Infrastructure Security Agency will become a peer of MITRE in the CVE program, likely leading to continued increases in disclosed vulnerabilities.
16-09-2020 11:50

French law enforcement deploy malware to hack into organised crime networks
French law enforcement have deployed malware to Encrochat devices in the effort to infiltrate criminal networks. Encrochat is largely used on Andriod phones using an encrypted network for communication, hence its popularity within organised crime includi
16-09-2020 11:10

Meet the Computer Scientist Who Helped Push for Paper Ballots
Security Pro File: Award-winning computer scientist and electronic voting expert Barbara Simons chats up her pioneering days in computer programming, paper-ballot backups, Internet voting, math, and sushi.
16-09-2020 11:00

Cybersecurity Bounces Back, but Talent Still Absent
While the demand for cybersecurity talent rebounds, organizations will need to focus on cyber-enabled roles to fill immediate skills gaps.
16-09-2020 10:00

COVID-19: Latest Security News & Commentary
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
16-09-2020 08:00

How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online at
16-09-2020 00:00

Oracle’s TikTok non-acquisition seeks Treasury, White House approval
Oracle looks victorious in the TikTok saga—but the deal is far from final.
15-09-2020 19:03

Rethinking Resilience: Tips for Your Disaster Recovery Plan
As more organizations face disruptions, a defined approach to recovery is imperative so they can successfully recover, experts say.
15-09-2020 18:10

Thermal vision solutions
15-09-2020 18:00

More Cyberattacks in the First Half of 2020 Than in All of 2019
The pandemic-related shift to remote work and the growing availability of ransomware-as-a-service were two major drivers, CrowdStrike says.
15-09-2020 17:55

5 Security Lessons Humans Can Learn From Their Dogs
Without the right reinforcements, you could be barking at the moon.
15-09-2020 17:15

New Google Fiber plan: $100 for 2Gbps, plus Wi-Fi 6 router and mesh extender
$100 plan in beta next month, should come to “most” Google Fiber cities in 2021.
15-09-2020 15:47

TikTok fixes flaws which compromised Android users
Researchers discovered four flaws in TikTok’s Android app which made users vulnerable to benign third-party Android apps. These flaws allowed attackers to possibly compromise a target’s TikTok account, along with access to their private messa
15-09-2020 14:39

CISA Issues Alert for Microsoft Netlogon Vulnerability
CISA has issued an alert following the discovery of publicly available exploit code for Windows elevation of privilege flaw CVE-2020-1472.
15-09-2020 14:15

Taking Security With You in the WFH Era: What to Do Next
As many organizations pivot to working from home, here are some considerations for prioritizing the new security protocols.
15-09-2020 14:00

Research Finds Nearly 800,000 Access Keys Exposed Online
The keys were primarily for access to databases and cloud services.
15-09-2020 13:15

Encrypted Traffic Inference: An Alternative to Enterprise Network Traffic Decryption
Finding threats in encrypted inbound network traffic is complex and expensive for enterprises, but a fascinating new approach could eliminate the need for decryption.
15-09-2020 12:00

Study identifies gaps in corporate cybersecurity systems
A survey of 13,000 remote workers conducted by Trend Micro has discovered that almost 40% are accessing company data from their personal computers, tablets and phones. This could be potentially damaging to a company as such devices often don’t have
15-09-2020 11:50

Twitter to flag misinformation tweets
Social media giants are coming together to fight against misinformation in lieu of the US election in November. The most recent platform to join the likes of Facebook and Google is Twitter which will prohibit any information about presumed winners pre-el
15-09-2020 11:30

Simplify Your Privacy Approach to Overcome CCPA Challenges
By building a privacy-forward culture from the ground up and automating processes, organizations can simplify their approach to privacy and be prepared for any upcoming regulations.
15-09-2020 10:00

COVID-19: Latest Security News & Commentary
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
15-09-2020 08:00

Physical/cybersecurity defence: Waking up to the reality of hybrid attack
For us to begin, do me a favour and google search “hybrid attacks”. Cybrary defines a Hybrid attack as “a blend of both a dictionary attack method as well as brute force attack. This means that while a dictionary attack method would include a wordlist of
15-09-2020 07:00

New Windows exploit lets you instantly become admin. Have you patched?
Zerologon lets anyone with a network toehold obtain domain-controller password.
14-09-2020 23:20

Microsoft declares its underwater data center test was a success
Underwater pods can reduce latency by moving cloud services closer to customers.
14-09-2020 19:58

Researchers, Companies Slam Mobile Voting Firm Voatz for 'Bad Faith' Attacks
In a letter, almost 70 different security firms and individual researchers criticize Voatz for misrepresenting to the US Supreme Court widely accepted security research practices.
14-09-2020 18:15

Large Cloud Providers Much Less Likely Than Enterprises to Get Breached
Pen-test results also show a majority of organizations have few protections against attackers already on the network.
14-09-2020 18:05

E-Commerce Sites Hit With New Attack on Magento
The campaign targeted sites running Magento Version 1, a version of the e-commerce software that is past end-of-life.
14-09-2020 17:15

Security Through an Economics Lens: A Guide for CISOs
An expert in economics and cybersecurity applies opportunity cost and other concepts of the "dismal science" to infosec roles.
14-09-2020 17:10

Verizon to buy TracFone, expanding big carriers’ control of prepaid industry
Verizon would surpass AT&T and T-Mobile in prepaid if TracFone deal is approved.
14-09-2020 17:00

Cyber security in the new Wild West
For millions, work used to be somewhere you go. Now it’s something you do. From an IT point of view, being unable to control the security of the remote working environment is a significant concern. The employee now sits at home on their laptop, con
14-09-2020 14:36

A unified approach to cybersecurity will help fix your IT blind spots
Companies are under siege. With attackers growing ever more creative, many security vendors are assembling a laundry list of cybersecurity solutions in response. Businesses have at their fingertips a variety of vendors to choose from – each offering top-
14-09-2020 14:03

Ransomware Hits US District Court in Louisiana
The ransomware attack has exposed internal documents from the court and knocked its website offline.
14-09-2020 14:00

Private data gone public: Razer leaks 100,000+ gamers’ personal info
No need to breach any systems when the vendor gives the data away for free.
14-09-2020 13:35

Virginia's Largest School System Hit With Ransomware
Fairfax County Public Schools has launched an investigation following a ransomware attack on some of its technology systems.
14-09-2020 11:45

American public schools investigate ransomware attack
Fairfax County Public Schools are working alongside the FBI to investigate a ransomware attack on their technology system. The schools were targeted by a hacking group who admitted to stealing information from the school district. FCPS said “we are takin
14-09-2020 11:30

Increase in cyber attacks for healthcare providers
The use of online services as a result of the coronavirus has increased exponentially compared to this time last year. However, the risk of cyber-attacks has also increased along with it. This has particularly been the case within the healthcare industry
14-09-2020 11:16

The UK’s contact-tracing app’s launch date has been announced
The government has announced that their new contact-tracing app for coronavirus will be launched from 24th September across England and Wales. The app will allow people to scan QR codes to register their visits to hospitality venues, such as restaurants,
14-09-2020 11:01

Open Source Security's Top Threat and What To Do About It
With open source developers regularly churning out new tools, the risk landscape has become too fragmented to properly monitor.
14-09-2020 10:00

source : arstechnica, darkreading, itsecurityguru