Microsoft is working on patches for a critical remote code execution vulnerability in Server Message Block 3.0 (SMBv3) that exposes systems to “wormable” attacks. read more Advertise on IT Security News. Read the complete article: Microsoft Working on Patches…
Category: SecurityWeek RSS Feed
Human Intelligence is Pivotal in a Data-Driven World
It’s Important to Enrich External Threat Intelligence With Context to Understand the Who, What, Where, When, Why and How of an Attack read more Advertise on IT Security News. Read the complete article: Human Intelligence is Pivotal in a…
European Electrical Energy Organization Discloses Breach
The European Network of Transmission System Operators for Electricity (ENTSO-E) revealed this week that malicious actors breached its corporate network. read more Advertise on IT Security News. Read the complete article: European Electrical Energy Organization Discloses Breach
Microsoft Patches 115 Vulnerabilities in Windows, Other Products
Microsoft’s Patch Tuesday updates for March 2020 address 115 vulnerabilities, including 26 critical issues affecting Windows, Word, Dynamics Business Central, and the company’s web browsers. read more Advertise on IT Security News. Read the complete article: Microsoft Patches 115…
Microsoft Cracks Infrastructure of Infamous Necurs Botnet
Necurs Botnet Takedown read more Advertise on IT Security News. Read the complete article: Microsoft Cracks Infrastructure of Infamous Necurs Botnet
Facebook Awards $55,000 for Flaw That Could Lead to Account Hijacking
A researcher has earned $55,000 from Facebook for reporting a serious vulnerability that could have been exploited by hackers to steal access tokens and hijack accounts. read more Advertise on IT Security News. Read the complete article: Facebook Awards…
Akamai’s CDN Logs Uncover Emerging Phishing Attacks
Akamai Uses CDN Logs to Gain Insight Into the Success of Phishing Attacks read more Advertise on IT Security News. Read the complete article: Akamai’s CDN Logs Uncover Emerging Phishing Attacks
Never a Dull Moment – RSA Conference Afterthoughts
There’s Never a Dull Moment in the World of Security read more Advertise on IT Security News. Read the complete article: Never a Dull Moment – RSA Conference Afterthoughts
Load Value Injection: Intel CPUs Vulnerable to Reverse Meltdown Attack
Many processors made by Intel are vulnerable to a newly disclosed type of attack named Load Value Injection (LVI), but the chip maker has told customers that the attack is not very practical in real world environments. read more …
Attacks Targeting Recent Microsoft Exchange Flaw Ramping Up
Multiple threat actors are already targeting Microsoft Exchange servers in an attempt to exploit a vulnerability fixed by Microsoft with its February 2020 Patch Tuesday updates. read more Advertise on IT Security News. Read the complete article: Attacks Targeting…
Hackers Hack Hacking Tools to Hack Hackers
Researchers Uncover Campaign Where Attackers Are Trojanizing Multiple Hacking Tools Used by Other Attackers read more Advertise on IT Security News. Read the complete article: Hackers Hack Hacking Tools to Hack Hackers
Hackers Exploiting Recently Patched ManageEngine Desktop Central Vulnerability
A recently disclosed vulnerability affecting Zoho’s ManageEngine Desktop Central endpoint management solution is already being exploited in attacks. read more Advertise on IT Security News. Read the complete article: Hackers Exploiting Recently Patched ManageEngine Desktop Central Vulnerability
Durham City, County Recovering After Ransomware Attack
The City of Durham and the Durham County government in North Carolina are in the process of recovery after experiencing what appears to be a ransomware attack on March 6. read more Advertise on IT Security News. Read the…
AT&T, Palo Alto Networks and Broadcom Develop Firewall Framework
New Framework Enables Deployment of Firewalls as Software-Based Platforms AT&T, Palo Alto Networks and Broadcom have been developing a framework that enables organizations to deploy firewalls as software-based platforms instead of hardware appliances. read more Advertise on IT Security…
Google Allows Enrolling Security Keys on More Devices
Google has announced that Android and macOS users can now use more web browsers to initially register security keys to their accounts. read more Advertise on IT Security News. Read the complete article: Google Allows Enrolling Security Keys on…
Proposed Bill Seeks to Protect Researchers Disclosing Classified Government Backdoors
Newly introduced legislation seeks to protect journalist who publish classified information, as well as security researchers who discover classified government backdoors. read more Advertise on IT Security News. Read the complete article: Proposed Bill Seeks to Protect Researchers Disclosing…
Facilities That Lost Data Center Status at Increased Risk of Cyberattacks: GAO
Federal agencies participating in the Office of Management and Budget’s (OMB) Data Center Optimization Initiative (DCOI) report that they are on track with previously announced plans to close hundreds of outdated data centers, but many of the facilities that will…
Human-Operated Ransomware Is a Growing Threat to Businesses: Microsoft
Employing techniques usually associated with nation-state threat actors, human-operated ransomware attacks represent a growing threat to businesses, Microsoft warned last week. read more Advertise on IT Security News. Read the complete article: Human-Operated Ransomware Is a Growing Threat to…
Researchers Disclose Two New Attacks Against AMD CPUs
Researchers have identified two new methods for attacking AMD processors, but they are not as dangerous as some of the previously disclosed CPU attacks. read more Advertise on IT Security News. Read the complete article: Researchers Disclose Two New…
Aussie Watchdog Sues Facebook Over Cambridge Analytica Breach
Australia’s privacy watchdog announced legal action against Facebook Monday for alleged “systematic failures” exposing more than 300,000 Australians to a data breach by Cambridge Analytica. read more Advertise on IT Security News. Read the complete article: Aussie Watchdog Sues…
Virgin Media Accused of Downplaying Security Incident
Virgin Media has been accused of downplaying the recently disclosed cybersecurity incident that involved the personal information of roughly 900,000 people. read more Advertise on IT Security News. Read the complete article: Virgin Media Accused of Downplaying Security Incident
US, UK and Estonia Accuse Russia of Cyber Attack on Georgia
UNITED NATIONS (AP) — The United States, United Kingdom and Estonia accused Russia’s military intelligence Thursday of conducting cyber attacks against the Georgian government and media websites in an attempt “to sow discord and disrupt the lives of ordinary Georgians.”…
IoT Security Firm Ordr Increases Funding to $50 Million
Kaiser Permanente Ventures and Mayo Clinic Invest in Enterprise IoT Security Firm read more Advertise on IT Security News. Read the complete article: IoT Security Firm Ordr Increases Funding to $50 Million
Accenture Acquires UK-Based Context Information Security for $140 Million
Consulting giant Accenture has acquired UK-based cyber defense consultancy Context Information Security from Babcock International Group. Accenture says it’s not disclosing any financial terms, but aerospace and defense company Babcock revealed that it sold Context for £107 million, or roughly…
FBI Working to ‘Burn Down’ Cyber Criminals’ Infrastructure
To thwart increasingly dangerous cyber criminals, law enforcement agents are working to “burn down their infrastructure” and take out the tools that allow them to carry out their devastating attacks, FBI Director Christopher Wray said Wednesday. read more Advertise…
Facebook Sues Namecheap Over Fraudulent Domains
Facebook announced on Thursday that it has filed a lawsuit against domain registrar Namecheap and its Whoisguard privacy protection service over its refusal to provide information on a series of domains that impersonated the social media company and its services.…
Let’s Encrypt Will Not Replace 1 Million Bug-Affected Certificates
Free and open certificate authority (CA) Let’s Encrypt has decided that it will not revoke one million of the certificates affected by the recent CAA recheck bug. read more Advertise on IT Security News. Read the complete article: Let’s…
Zoho Working on Patch for Zero-Day Vulnerability in ManageEngine Product
Business tools development company Zoho says it’s working on a patch for a zero-day vulnerability affecting its ManageEngine Desktop Central product. read more Advertise on IT Security News. Read the complete article: Zoho Working on Patch for Zero-Day Vulnerability…
Virgin Media Exposed Personal Information of 900,000 People
UK-based phone, TV and broadband services provider Virgin Media on Thursday admitted that it exposed the personal information of roughly 900,000 people. read more Advertise on IT Security News. Read the complete article: Virgin Media Exposed Personal Information of…
US Lawmakers Propose Internet Controls to Fight Child Porn
US lawmakers proposed legislation Thursday that could see internet companies held legally responsible for content on their platforms if they don’t do enough to police child pornography. read more Advertise on IT Security News. Read the complete article: US…
China’s TikTok Lures ADP Security Chief to Become New CISO
ADP Security Chief Roland Cloutier Departs to Become Chief Information Security Officer (CISO) at China-owned TikTok read more Advertise on IT Security News. Read the complete article: China’s TikTok Lures ADP Security Chief to Become New CISO
Nearly 1 Million Domains Use DMARC, but Only 13% Prevent Email Spoofing
Nearly one million domains use DMARC, but only 13% of them are configured to actually prevent email spoofing, according to a report published this week by anti-phishing solutions provider Valimail. read more Advertise on IT Security News. Read the…
Cathay Pacific Airways Fined Over Long-Running Breach
UK Information Commissioner Fines Cathay Pacific $646,000 Over Long-Running Breach read more Advertise on IT Security News. Read the complete article: Cathay Pacific Airways Fined Over Long-Running Breach
Cruise Operator Carnival Discloses 2019 Data Breach
Leisure travel company Carnival Corporation has started informing customers of a data breach that occurred last year and which resulted in their personal information being accessed by a third-party. read more Advertise on IT Security News. Read the complete…
Vulnerability in Intel Chipsets Allows Hackers to Obtain Protected Data
Most Intel chipsets released in the past five years are affected by a vulnerability that can be exploited to obtain encrypted data and compromise data protection technologies, Positive Technologies revealed on Thursday. read more Advertise on IT Security News.…
Hackers Scanning for Apache Tomcat Servers Vulnerable to Ghostcat Attacks
Hackers have started scanning the web in search of Apache Tomcat servers affected by a recently disclosed vulnerability tracked as CVE-2020-1938 and dubbed Ghostcat. read more Advertise on IT Security News. Read the complete article: Hackers Scanning for Apache…
T-Mobile Notifying Customers of Data Breach
Wireless carrier T-Mobile is sending notifications to its customers to inform them of a data breach that resulted in some of their personal information being compromised read more Advertise on IT Security News. Read the complete article: T-Mobile Notifying…
Over 600 Microsoft Subdomains Can Be Hijacked: Researchers
There are more than 600 legitimate Microsoft subdomains that can be hijacked and abused for phishing, malware delivery and scams, researchers warned this week. read more Advertise on IT Security News. Read the complete article: Over 600 Microsoft Subdomains…
US Lawmakers Told of Security Risks From China-owned TikTok
US officials on Wednesday stepped up warnings about the potential security risks from the fast-growing, Chinese-owned TikTok as a lawmaker unveiled legislation to ban the social media app from government devices. read more Advertise on IT Security News. Read…
Cisco Patches Remote Code Execution Flaws in Webex Player
Cisco has released patches to address more than a dozen vulnerabilities across various products, including two code execution bugs in Webex Player that could be exploited remotely. read more Advertise on IT Security News. Read the complete article: Cisco…
Hamas-Linked Hackers Add Insurance and Retail to Target List
MoleRATs, a politically-motivated threat actor apparently linked to the Palestinian terrorist organization Hamas, has expanded its target list to include insurance and retail industries, Palo Alto Networks’ security researchers report. read more Advertise on IT Security News. Read the…
D.C. Council Passes Data Security Legislation
The Council of the District of Columbia on Tuesday unanimously passed a bill whose goal is to expand data breach notification requirements and improve the way organizations protect personal information. read more Advertise on IT Security News. Read the…
A Zero-Day Homograph Domain Name Attack
What started as almost casual research in November 2019 and disclosed to various vendors as a vulnerability in November and December 2019 and January 2020 was abruptly reclassified and treated as a zero-day vulnerability on February 13, 2020. read more…
Scouting the Adversary: Network Sensor Placement Considerations
Proper Network Sensor Placement Helps Security Analysts Focus on Events That Matter read more Advertise on IT Security News. Read the complete article: Scouting the Adversary: Network Sensor Placement Considerations
Bug Forces Let’s Encrypt to Revoke 3 Million Certificates
Free and open certificate authority (CA) Let’s Encrypt is revoking over 3 million currently-valid certificates after discovering a bug in its Certification Authority Authorization (CAA) code. read more Advertise on IT Security News. Read the complete article: Bug Forces…
CIA Hackers Targeted China in Decade-Long Campaign: Chinese Security Firm
A report published on Monday by Chinese cybersecurity firm Qihoo 360 claims that the U.S. Central Intelligence Agency (CIA) conducted an 11-year-long cyberespionage operation aimed at China’s critical industries. read more Advertise on IT Security News. Read the complete…
Mobile Payment Fraud on the Rise
Mobile payment fraud is growing, and is growing faster in the mobile ecosystem than anywhere else. While Windows remains the most popular operating system used by fraudsters at 38%, the combined figures for iOS and Android are now 51% of…
Google Patches Critical Remotely Exploitable Android Bug
Google’s March 2020 security updates for Android include fixes for over 70 vulnerabilities, including a critical flaw in media framework. read more Advertise on IT Security News. Read the complete article: Google Patches Critical Remotely Exploitable Android Bug
Google Launches Free Fuzzer Benchmarking Service
Google this week announced the launch of FuzzBench, a free and open source service for evaluating fuzzers. The fully automated service was designed to allow for an easy but rigorous evaluation of fuzzing research, in an attempt to boost the…
Legal Services Firm Epiq Hit by Ransomware
Legal services company Epiq has taken its systems offline globally after being hit by a piece of ransomware. Epiq said on Monday that it detected the malware on its systems on February 29. The company said it had found no…
The OT Security Opportunity for CISOs
In my previous column, I talked about the rapidly changing geopolitical landscape and the escalation of cyberattacks on critical infrastructure. Some of you may be wondering: “Why should I care? Russia and other nation-states aren’t focused on me and my…
Super Tuesday Marks First Major Security Test of 2020
Tuesday’s presidential primaries across 14 states mark the first major security test since the 2018 midterm elections, with state and local election officials saying they are prepared to deal with everything from equipment problems to false information about the coronavirus.…
Telecom Sector Increasingly Targeted by Chinese Hackers: CrowdStrike
Threat actors linked to China increasingly targeted the telecommunications sector in 2019, according to endpoint security firm CrowdStrike. CrowdStrike on Tuesday published its 2020 Global Threat Report, which provides data on both state-sponsored and financially-motivated operations observed by the company…
U.S. Government Warns of Continuous Election Meddling Efforts
Foreign actors continue to attempt to interfere with the election process, multiple United States departments and agencies warned in a joint statement released ahead of Tuesday’s presidential primaries. read more Advertise on IT Security News. Read the complete article:…
Coder Charged in Massive CIA Leak Portrayed as Vindictive
A software engineer on trial in the largest leak of classified information in CIA history was “prepared to do anything” to betray the agency, federal prosecutors said Monday as a defense attorney argued the man had been scapegoated for a…
U.S. Charges Two Chinese Nationals Linked to North Korean Hacker Attacks
The U.S. Department of Justice announced on Monday that two Chinese nationals have been charged with laundering over $100 million worth of cryptocurrency stolen by North Korean hackers from a cryptocurrency exchange. read more Advertise on IT Security News.…
Advancing DevSecOps Into the Future
If DevOps represents the union of people, process, and technology to continually provide value to customers, then DevSecOps represents the fusion of value and security provided to those same customers. read more Advertise on IT Security News. Read the…
Patches Released for WordPress Plugin Vulnerabilities Exploited in Attacks
Patches released over the past several days for multiple WordPress plugins address vulnerabilities that have been actively exploited as part of the same website takeover campaign read more Advertise on IT Security News. Read the complete article: Patches Released…
US Congress Passes Bill Funding ‘Rip and Replace’ for Huawei Gear
US lawmakers have passed legislation offering $1 billion to help telecom carriers “rip and replace” equipment from Chinese tech firms Huawei and ZTE amid national security concerns. read more Advertise on IT Security News. Read the complete article: US…
Businesses at Risk for Cyberattack But Take Few Precautions
Although businesses are increasingly at risk for cyberattacks on their mobile devices, many aren’t taking steps to protect smartphones and tablets. read more Advertise on IT Security News. Read the complete article: Businesses at Risk for Cyberattack But Take…
Walgreens Discloses Data Breach Related to Mobile App
Pharmacy store chain Walgreens has started informing some users of its mobile application that their personal and health-related information may have been seen by other customers. read more Advertise on IT Security News. Read the complete article: Walgreens Discloses…
NVIDIA Patches DoS Flaws in GPU Driver and vGPU Software
Software security updates NVIDIA released on Friday address multiple denial-of-service (DoS) vulnerabilities in GPU display drivers and Virtual GPU Manager software. read more Advertise on IT Security News. Read the complete article: NVIDIA Patches DoS Flaws in GPU Driver…
Railroad Construction Firm RailWorks Falls Victim to Ransomware
Rail contractor RailWorks Corporation is notifying employees and third-parties that it recently fell victim to a ransomware attack in which sensitive information might have been compromised. read more Advertise on IT Security News. Read the complete article: Railroad Construction…
Checkpoint Creates Encyclopedia of Malware Evasion Techniques
Cybersecurity firm Checkpoint has created an encyclopedia of the various techniques used by malware to evade analysis. read more Advertise on IT Security News. Read the complete article: Checkpoint Creates Encyclopedia of Malware Evasion Techniques
Regulators Move to Fine Telecoms for Selling Location Data
US regulators moved to impose fines Friday against the nation’s four major wireless carriers for selling location data of customers without their consent. The Federal Communications Commission proposed fining T-Mobile more than $91 million; AT&T some $57 million; Verizon $48…
Apache Tomcat Affected by Serious ‘Ghostcat’ Vulnerability
A serious vulnerability affecting Apache Tomcat can be exploited to read files from a server and in some cases even to achieve remote code execution. read more Advertise on IT Security News. Read the complete article: Apache Tomcat Affected…
Microsoft Boosts PUA Protections in Edge
Microsoft this week announced new features in its Edge browser to prevent the download of potentially unwanted applications (PUA). read more Advertise on IT Security News. Read the complete article: Microsoft Boosts PUA Protections in Edge
ProtonMail Fights Email Spoofing With New DKIM Key Management Feature
ProtonMail on Thursday introduced a new feature designed to make it more difficult for hackers and spammers to impersonate users who have custom domain email addresses. The new feature, DKIM key management, is currently in beta and users have been…
Assange’s UK Extradition Hearing Paused Until May
A British judge on Thursday paused Julian Assange‘s extradition hearing following four days of intense legal wrangling over Washington’s request for the WikiLeaks founder to stand trial there on espionage charges. read more Advertise on IT Security News. Read…
Let’s Encrypt Issues Over 1 Billion Certificates
Free and open certificate authority Let’s Encrypt on Thursday issued its billionth certificate, four and a half years after issuing the first certificate. read more Advertise on IT Security News. Read the complete article: Let’s Encrypt Issues Over 1…
Intel Patched Over 230 Vulnerabilities in Its Products in 2019
Intel patched over 230 vulnerabilities in its products last year, but less than a dozen impacted its processors, according to the company’s 2019 Product Security Report. read more Advertise on IT Security News. Read the complete article: Intel Patched…
Facebook Sues Analytics Firm for Data Misuse
Facebook on Thursday filed a federal lawsuit against oneAudience data intelligence firm over a tactic it used to gather information about users of social media platforms. read more Advertise on IT Security News. Read the complete article: Facebook Sues…
Cybercriminals Target Lincoln Health Care Company
A Lincoln health care company has been targeted by cybercriminals, but company officials said there’s no evidence of any patient data being compromised. read more Advertise on IT Security News. Read the complete article: Cybercriminals Target Lincoln Health Care…
Cisco to Release Updates for Wireless Products Affected by Kr00k Vulnerability
Cisco says it will release patches for wireless devices affected by the recently disclosed Wi-Fi chip vulnerability named Kr00k. The company says the flaw impacts some of its routers, firewalls, access points and phones. read more Advertise on IT…
Inside the Rising Cybercrime Threat in Latin America
Report Examines the Rise of Cybercrime Across Latin America read more Advertise on IT Security News. Read the complete article: Inside the Rising Cybercrime Threat in Latin America
Cisco Patches Flaws in FXOS, UCS Manager and NX-OS Software
Cisco on Wednesday released patches for 11 vulnerabilities in its products, including multiple flaws that impact Cisco UCS Manager, FXOS, and NX-OS software. read more Advertise on IT Security News. Read the complete article: Cisco Patches Flaws in FXOS,…
Hackers Looking for Exchange Servers Affected by Recently Patched Flaw
Hackers have started scanning the Internet for Microsoft Exchange Server instances that are affected by a remote code execution vulnerability patched earlier this month. read more Advertise on IT Security News. Read the complete article: Hackers Looking for Exchange…
Less Than Half of Vulnerabilities in Popular Docker Images Pose Risk: Study
Many Vulnerabilities Found in Popular Docker Images, But Most Are Not Loaded Into Memory Cloud security company Rezilion has analyzed some of the most popular Docker container images and determined that while they include many vulnerabilities, less than half of…
Framework Isolates Libraries in Firefox to Improve Security
A group of researchers has built a sandbox framework that can improve the security of Firefox by isolating third-party libraries used by the browser. read more Advertise on IT Security News. Read the complete article: Framework Isolates Libraries in…
Online ‘Impersonator’ Tried to Contact Campaigns, DNC Says
The Democratic National Committee has warned its presidential candidates to be cautious after Bernie Sanders’ campaign reported that an “impersonator” with a domain registered overseas had posed as one of its staffers and sought conversations with members of at least…
The Urgency for Having a True Security Platform
Ever since the birth of the Next-Generation Firewall, organizations have come to expect security devices that combine a variety of critical features and functions into a single package. To meet that demand, the number of security vendors referring to their…
Hacker Earns $8,500 for Vulnerability in HackerOne Platform
A white hat hacker has earned $8,500 for a serious vulnerability that exposed the email addresses of HackerOne users. read more Advertise on IT Security News. Read the complete article: Hacker Earns $8,500 for Vulnerability in HackerOne Platform
Spotting a Norman: How to Root Out Those Wasting Organizational Resources
In the 2016 film “Norman: The Moderate Rise and Tragic Fall of a New York Fixer”, Norman, the lead character, appears to be a successful businessman on the surface. Only after we begin to dig deeper do we learn that…
Facebook and Google Postpone Asia-Pacific Bug Hunting Conference
Facebook and Google this week announced the decision to postpone this year’s BountyCon bug hunting conference due to health risks. read more Advertise on IT Security News. Read the complete article: Facebook and Google Postpone Asia-Pacific Bug Hunting Conference
Over 20 Zyxel Firewalls Impacted by Recent Zero-Day Vulnerability
A recently disclosed zero-day vulnerability in Zyxel network-attached storage (NAS) devices also impacts over twenty of the vendor’s firewalls. read more Advertise on IT Security News. Read the complete article: Over 20 Zyxel Firewalls Impacted by Recent Zero-Day Vulnerability
Privacy Management Firm OneTrust Raises $210 Million at $2.7 Billion Valuation
OneTrust, a provider of privacy and security compliance tools, has raised $210 million in Series B funding at a valuation of $2.7 billion. The Series B round was led by Coatue and Insight Partners, and combined with OneTrust’s $200 million…
RSA Conference 2020: Product Announcement Summary (Day 3)
read more Advertise on IT Security News. Read the complete article: RSA Conference 2020: Product Announcement Summary (Day 3)
McAfee Buys Browser Isolation Firm Light Point Security
Santa Clara, Calif-based McAfee has entered into a definitive agreement to acquire Baltimore, MD-based Light Point Security. Financial details have not been disclosed, but on completion of the acquisition, the Light Point staff will join McAfee, while the Light Point…
Google Boosts Detection of Malicious Documents in Gmail
New scanning capabilities that Google rolled out to Gmail have resulted in an increased overall detection rate of malicious documents. read more Advertise on IT Security News. Read the complete article: Google Boosts Detection of Malicious Documents in Gmail
Kr00k Vulnerability Exposed Data From Over a Billion Wi-Fi Devices
A new vulnerability, which may have affected over one billion Wi-Fi-capable devices before patches were released, could have allowed hackers to obtain sensitive information from wireless communications, cybersecurity firm ESET revealed on Wednesday. read more Advertise on IT Security…
Iranian Cyberspies Focus on Long-Running Operations
The Iranian cyber-espionage group referred to as MuddyWater continues to focus on long-running operations even after a U.S. airstrike killed General Qassem Soleimani on January 2. read more Advertise on IT Security News. Read the complete article: Iranian Cyberspies…
Intel Announces New Hardware-based Security Capabilities
read more Advertise on IT Security News. Read the complete article: Intel Announces New Hardware-based Security Capabilities
FBI Official: Russia Wants to See US ‘Tear Ourselves Apart’
Russia wants to watch Americans “tear ourselves apart” as the United States heads toward elections, an FBI official warned Monday. read more Advertise on IT Security News. Read the complete article: FBI Official: Russia Wants to See US ‘Tear…
Massachusetts Electric Utility Hit by Ransomware
The Reading Municipal Light Department (RMLD), an electric utility in Massachusetts, informed customers on Monday that its systems were targeted last week in a ransomware attack. RMLD says it serves over 68,000 residents in the towns of Reading, North Reading,…
OpenSMTPD Vulnerability Leads to Command Injection
An update released this week for the OpenSMTPD mail server addresses an out-of-bounds read vulnerability that could lead to arbitrary command execution. OpenSMTPD is the open source implementation of the Simple Mail Transfer Protocol (SMTP) in OpenBSD, and its portable…
Is Conditional Access the Right Approach to Authentication? It Depends.
What You Need to Know to Make Sure You’re Headed in the Right Direction on Your Authentication Journey. As Risk-Based Authentication Methods Continue to Evolve, Is It Time to Revisit Your Approach? read more Advertise on IT Security…
UK Financial Regulator Admits to Data Breach
Britain’s Financial Conduct Authority on Tuesday admitted to a data breach, in an embarrassing revelation for the regulator and its boss, who shortly takes over at the Bank of England. read more Advertise on IT Security News. Read the…
Firefox Gets DNS-over-HTTPS as Default in U.S.
Mozilla has started rolling out encrypted DNS-over-HTTPS (DoH) by default for its Firefox users in the United States. read more Advertise on IT Security News. Read the complete article: Firefox Gets DNS-over-HTTPS as Default in U.S.
Samsung Says it Leaked Data on Handful of UK Customers
Samsung said Tuesday that a “technical error” caused its website to display other customers’ personal information. The technology company said the error affected only its U.K. website at http://samsung.com/UK and affected fewer than 150 customers. read more Advertise on…
RSA Conference 2020: Product Announcement Summary (Day 2)
read more Advertise on IT Security News. Read the complete article: RSA Conference 2020: Product Announcement Summary (Day 2)