SecurityWeek

Latest IT Security News and Expert Insights Via RSS Feed
  1. A recently discovered variant of the Mirai Internet of Things (IoT) malware uses a total of 26 different exploits for the infection phase, Akamai reports. 

    read more

  2. Last week researchers reported on apps abusing the Android push notifications feature to deliver spam. Now other researchers have described apps using a similar but more advanced approach to by-pass two-factor authentication.

    read more

  3. Venmo is a peer-to-peer mobile app designed to make it easy to send and receive payments from friends. It is owned by PayPal -- and it is no stranger to security issues.

    read more

  4. The Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. Department of Homeland Security (DHS) on Monday issued an alert for the Windows vulnerability tracked as BlueKeep and CVE-2019-0708.

    read more

  5. A free decryption tool is now available for the victims of the latest variants of the GandCrab ransomware. 

    read more

  6. Researchers have detected an Android trojan that abuses the web push technology. In its benign use, web push is used by legitimate websites -- such as news sites -- to send out new event notifications. The less benign use is to employ the technology to send out what amounts to phishing notifications.

    read more

  7. Some U.S. government agencies still rely on knowledge-based identity verification despite the fact that this system has been easy to beat following the massive data breaches suffered by the Office of Personnel Management (OPM) and Equifax

    read more

  8. I’ve talked before about how we have the tools and technologies to make the intelligent SOC a reality. It’s a welcomed development given the global cybersecurity skills shortageof three million and growing.

    read more

  9. The New York Times reported over the weekend that the United States planted potentially destructive malware in Russia’s electric power grid, but President Donald Trump has denied the claims.

    read more

  10. Cybercriminals are already targeting a recently disclosed vulnerability in the open-source Exim mail server, Cybereason reports. 

    read more

  11. The French Ministry of Interior has released a free decryption tool for the PyLocky ransomware to help victims recover their data. 

    read more

  12. CyberMDX, a research and analysis company specializing in medical device security, on Thursday revealed that its employees identified two serious vulnerabilities in infusion therapy products from medical technology firm BD.

    read more

  13. Security updates released by Mozilla this week for the Thunderbird email client address vulnerabilities that could be exploited to execute arbitrary code on impacted systems. 

    read more

  14. The City of Burlington, Ontario, revealed Thursday that it fell prey to "a complex phishing email" that cost the City CAD $503,000 (around USD $375,000). Few details have yet been released.

    read more

  15. Xenotime, the threat actor behind the 2017 Trisis/Triton malware attack, is now targeting — in addition to oil and gas organizations — electric utilities in the United States and the Asia-Pacific (APAC) region.

    read more

  16. Six weeks ago, we celebrated World Password Day. Yet, unfortunately, not much has changed since last year. Cyber breaches are bigger and worse than ever. Hardly a week goes by without headlines about some new devastating cyber-attack. In fact, a CyberEdge report (PDF) found that a stunning 77 percent of surveyed organizations had suffered a breach over the past year. 

    read more

  17. Google this week announced the introduction of a new API that effectively changes the manner in which ad blockers work in Chrome. 

    read more

  18. Facebook has curbed access to a controversial feature allowing searches of the vast content within the social network -- a tool which raised privacy concerns but was also used for research and investigative journalism.

    read more

  19. Yubico is in the process of replacing YubiKey FIPS (Federal Information Processing Standards) security keys following the discovery of a potentially serious cryptography-related issue that can cause RSA keys and ECDSA signatures generated on these devices to have reduced strength.

    read more

  20. A newly discovered piece of malware uses a peer-to-peer (p2p) network on top of InterPlanetary File System’s (IPFS) p2p network, Anomali’s security researchers report. 

    read more

Website Copyright 1998-2019 by PCBest. All Rights Reserved.
we accept credit cards