Threatpost The First Stop For Security News
by Tara Seals on November 22, 2019 at 7:50 pm
Some of the bugs allow remote code-execution.
by Tara Seals on November 22, 2019 at 4:54 pm
Although the data was legitimately scraped by legally operating firms, the security and privacy implications are numerous.
by Tom Spring on November 22, 2019 at 1:32 pm
Financial institutions are in the crosshairs of hackers leveraging the malware to steal sensitive data.
by Lindsey O’Donnell on November 22, 2019 at 1:00 pm
From stalkerware to Amazon Ring doorbell outrage, Threatpost editors break down the top news stories of the week.
by Elizabeth Montalbano on November 22, 2019 at 11:53 am
The company expanded its Android bug bounty program as one of several recent moves to ramp up mobile security.
WeLiveSecurity News, views, and insight from the ESET security community
by Tomáš Foltýn on November 22, 2019 at 2:54 pm
ESET researchers publish their findings on Mispadu, a banking trojan targeting Brazil and Mexico, and on DePriMon, a downloader with a unique installation technique
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
by Juan Manuel Harán on November 22, 2019 at 10:30 am
Experts weigh in on whether schools should teach kids the skills they need to safely reap the benefits of the online world
The post Should cybersecurity be taught in schools? appeared first on WeLiveSecurity
by ESET Research on November 21, 2019 at 10:30 am
ESET researchers have discovered a new downloader with a novel, not previously seen in the wild installation technique
The post Registers as “Default Print Monitor”, but is a malicious downloader. Meet DePriMon appeared first on WeLiveSecurity
by Amer Owaida on November 20, 2019 at 3:48 pm
From professional backgrounds to competitive salaries – a study delves into what it takes to build strong cybersecurity teams
The post What does it take to attract top cybersecurity talent? appeared first on WeLiveSecurity
by ESET Research on November 19, 2019 at 10:30 am
Another in our occasional series demystifying Latin American banking trojans
The post Mispadu: Advertisement for a discounted Unhappy Meal appeared first on WeLiveSecurity
McAfee Blogs Securing Tomorrow. Today.
by Amber Wolff on November 12, 2019 at 3:00 pm
“Do You Want It Done Fast, Or Do You Want It Done Right?” “Yes.” “Help out more with our business objectives.” “Cover an increasing number of endpoints.” “Cut budgets.” “Make it all work without adding staff.” Cybersecurity teams face a lot of conflicting objectives—both within their teams and from upper management. But a May 2019
The post Threat Hunting or Efficiency: Pick Your EDR Path? appeared first on McAfee Blogs.
by McAfee on November 11, 2019 at 2:00 pm
As we gear up to feast with family and friends this Thanksgiving, we also get our wallets ready for Black Friday and Cyber Monday. Black Friday and Cyber Monday have practically become holidays themselves, as each year they immediately shift our attention from turkey and pumpkin pie to holiday shopping. Let’s take a look at
The post It’s Beginning to Look a Lot Like Holiday Shopping: Secure Your Black Friday & Cyber Monday Purchases appeared first on McAfee Blogs.
by Toni Birdsong on November 9, 2019 at 3:00 pm
Technology trends move fast and the digital newsfeeds run non-stop. No worries, we’ve got your backs, parents. Here are three important headlines you may have missed about some of the ways kids are using their devices and how you can coach them around the risks. What’s Sadfishing and is Your Child Doing it Online? Sadfishing
The post Sadfishing, Deepfakes & TikTok: Headlines You May Have Missed appeared first on McAfee Blogs.
by Marc Rivero Lopez on November 8, 2019 at 12:00 pm
Initial Discovery This week the news hit that several companies in Spain were hit by a ransomware attack. Ransomware attacks themselves are not new but, by interacting with one of the cases in Spain, we want to highlight in this blog how well prepared and targeted an attack can be and how it appears to
The post Spanish MSSP Targeted by BitPaymer Ransomware appeared first on McAfee Blogs.
by McAfee Enterprise on November 7, 2019 at 3:33 pm
By: Deb, Executive Assistant, Plano TX On Monday, November 11, the U.S. celebrates Veterans Day. We at McAfee U.S. are able to spend this holiday paying tribute to coworkers, friends and family members who have served our country in the various branches of military service. Being able to honor, celebrate and remember our nation’s heroes
The post Veterans Day U.S. – A McAfee MoM’s Reflection appeared first on McAfee Blogs.
Hacker News Links for the intellectually curious, ranked by readers.
Second Measure seeks eng/sales to grow transaction data platform (San Mateo+NYC)
on November 22, 2019 at 7:38 pm
Microsoft Fluent Design System
on November 22, 2019 at 7:04 pm
Going to court without a lawyer is new normal for U.S. litigants
on November 22, 2019 at 6:57 pm
Show HN: Wrapping Images Around Fractals
on November 22, 2019 at 6:20 pm
New Tricks for an Old Z-Machine, Part 3: A Renaissance Is Nigh
on November 22, 2019 at 5:58 pm
Krebs on Security In-depth security news and investigation
by BrianKrebs on November 20, 2019 at 1:05 pm
A 21-year-old Illinois man was sentenced last week to 13 months in prison for running multiple DDoS-for-hire services that launched millions of attacks over several years. This individual’s sentencing comes more than five years after KrebsOnSecurity interviewed both the defendant and his father and urged the latter to take a more active interest in his son’s online activities.
by BrianKrebs on November 19, 2019 at 2:43 pm
National Veterinary Associates (NVA), a California company that owns more than 700 animal care facilities around the globe, is still working to recover from a ransomware attack late last month that affected more than half of those properties, separating many veterinary practices from their patient records, payment systems and practice management software. NVA says it expects to have all facilities fully back up and running normally within the next week.
by BrianKrebs on November 18, 2019 at 9:19 pm
The Russian government has for the past four years been fighting to keep 29-year-old alleged cybercriminal Alexei Burkov from being extradited by Israel to the United States. When Israeli authorities turned down requests to send him back to Russia — supposedly to face separate hacking charges there — the Russians then imprisoned an Israeli woman for seven years on trumped-up drug charges in a bid to trade prisoners. That effort failed as well, and Burkov had his first appearance in a U.S. court last week. What follows are some clues that might explain why the Russians are so eager to reclaim this young man.
by BrianKrebs on November 13, 2019 at 3:41 pm
In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT, a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This week, Canadian authorities criminally charged him with orchestrating an international malware scheme.
by BrianKrebs on November 12, 2019 at 10:04 pm
Microsoft today released updates to plug security holes in its software, including patches to fix at least 74 weaknesses in various flavors of Windows and in software that runs on top of it. The November updates include patches for a zero-day flaw in Internet Explorer that is currently being exploited in the wild, as well as a sneaky bug in certain versions of Office for Mac that bypasses security protections and was detailed publicly prior to today’s patches.
Dark Reading: Dark Reading: Connecting the Information and Security Community
by Dark Reading Staff on November 22, 2019 at 7:45 pm
The funds would cover some of the money Target paid to reimburse financial institutions for credit card replacement after the 2013 breach.
by Kelly Sheridan Staff Editor, Dark Reading on November 22, 2019 at 7:25 pm
As security tools gather growing amounts of intelligence, experts explain how companies can protect this data from rogue insiders and other threats.
by Alex Wawro, Special to Dark Reading on November 22, 2019 at 6:00 pm
Security consultant Joel Noguera describes how he got involved in testing anti-cheat software security, and what to expect from his upcoming Black Hat Europe talk.
by Dark Reading Staff on November 22, 2019 at 4:30 pm
A single server leaked 4 terabytes of personal data, including social media profiles, work histories, and home and mobile phone numbers.
by Avidan Avraham Security Researcher at Cato Networks on November 22, 2019 at 3:00 pm
Bot detection over IP networks isn’t easy, but it’s becoming a fundamental part of network security practice.
Schneier on Security A blog covering security and security technology.
The NSA Warns of TLS Inspection
by Bruce Schneier on November 22, 2019 at 12:16 pm
The NSA has released a security advisory warning of the dangers of TLS inspection: Transport Layer Security Inspection (TLSI), also known as TLS break and inspect, is a security process that allows enterprises to decrypt traffic, inspect the decrypted content for threats, and then re-encrypt the traffic before it enters or leaves the network. Introducing this capability into an enterprise…
by Bruce Schneier on November 21, 2019 at 12:26 pm
Long article on the manipulation of GPS in Shanghai. It seems not to be some Chinese military program, but ships who are stealing sand. The Shanghai "crop circles," which somehow spoof each vessel to a different false location, are something new. "I’m still puzzled by this," says Humphreys. "I can’t get it to work out in the math. It’s an…
Iran Has Shut Off its Internet
by Bruce Schneier on November 20, 2019 at 12:52 pm
Iran has gone pretty much entirely offline in the wake of nationwide protests. This is the best article detailing what’s going on; this is also good. AccessNow has a global campaign to stop Internet shutdowns. TITLE EDITED TO REDUCE CONFUSION….
Security Vulnerabilities in Android Firmware
by Bruce Schneier on November 18, 2019 at 12:33 pm
Researchers have discovered and revealed 146 vulnerabilities in various incarnations of Android smartphone firmware. The vulnerabilities were found by scanning the phones of 29 different Android makers, and each is unique to a particular phone or maker. They were found using automatic tools, and it is extremely likely that many of the vulnerabilities are not exploitable — making them bugs…
Friday Squid Blogging: Planctotuethis Squid
by Bruce Schneier on November 15, 2019 at 10:13 pm
Neat video, and an impressive-looking squid. I can’t figure out how long it is. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here….
Naked Security Computer Security News, Advice and Research
by John E Dunn on November 22, 2019 at 1:59 pm
Android could be returning to its roots.
by Danny Bradbury on November 22, 2019 at 1:32 pm
Iran’s elite hacking group is upping its game, according to new evidence delivered at a cybersecurity conference this week.
by Naked Security writer on November 22, 2019 at 11:12 am
What are ICOs, why are they so popular and why do crooks love them so much?
by Lisa Vaas on November 22, 2019 at 11:11 am
He was supposed to be serving a 24-year sentence in the “maximum security” prison, not continuing the fraud… and going to parties.
by John E Dunn on November 21, 2019 at 3:22 pm
Microsoft will soon add the ability to use DNS-over-HTTPS and DNS-over-TLS into its networking client.