A new variant of the notorious Mirai malware has been delivered by cybercriminals to network-attached storage (NAS) devices made by Zyxel through the exploitation of a recently patched vulnerability. read more Advertise on IT Security News. Read the complete…
Tag: SecurityWeek RSS Feed
UK Printing Company Exposed Military Documents
Cybersecurity researchers say UK-based document printing and binding company Doxzoo exposed hundreds of gigabytes of information, including documents related to the US and British military, by leaving an AWS S3 bucket unprotected. read more Advertise on IT Security News.…
Russian Cyberspies Hacked High-Profile Email Accounts for Phishing
The Russia-linked cyber-espionage group known as Pawn Storm has been leveraging hijacked email accounts to send phishing emails to potential victims, Trend Micro’s security researchers reveal. read more Advertise on IT Security News. Read the complete article: Russian Cyberspies…
Russia-Linked Cybercriminals Use Legitimate Tools in Attacks on German Firms
In a campaign targeting German companies, the infamous Russia-linked threat actor known as TA505 has been using legitimate tools in addition to malware, Prevailion reports. read more Advertise on IT Security News. Read the complete article: Russia-Linked Cybercriminals Use…
Oracle VirtualBox, Adobe Reader, Windows Hacked at Pwn2Own 2020
On the second day of the Pwn2Own 2020 hacking competition, participants earned a total of $90,000 for exploits targeting Oracle VirtualBox, Adobe Reader and Windows. read more Advertise on IT Security News. Read the complete article: Oracle VirtualBox, Adobe…
Android Surveillance Campaign Leverages COVID-19 Crisis
Amid numerous malicious attacks leveraging the current COVID-19 coronavirus crisis, security researchers have discovered an Android surveillance campaign targeting users in Libya. read more Advertise on IT Security News. Read the complete article: Android Surveillance Campaign Leverages COVID-19 Crisis
Drupal Updates CKEditor to Patch XSS Vulnerabilities
The developers of the Drupal content management system (CMS) announced on Wednesday that updates for versions 8.8.x and 8.7.x address a couple of vulnerabilities affecting the CKEditor library. read more Advertise on IT Security News. Read the complete article:…
NIST Updates Flagship SP 800-53 Security and Privacy Controls
NIST SP 800-53 Revision 5 Represents a Multi-Year Effort to Develop Next-Generation Security and Privacy Controls read more Advertise on IT Security News. Read the complete article: NIST Updates Flagship SP 800-53 Security and Privacy Controls
Google Patches High-Risk Chrome Flaws, Halts Upcoming Releases
Google this week rolled out an update to address multiple high-severity vulnerabilities in Chrome and also announced that it is pausing upcoming releases of the browser. The pause, the Internet giant says, was caused by an adjusted work schedule due…
RDP-Capable TrickBot Targets Telecoms Sectors in U.S. and Hong Kong
A recently discovered TrickBot variant targeting telecommunications organizations in the United States and Hong Kong includes a module for remote desktop protocol (RDP) brute-forcing, Bitdefender reports. read more Advertise on IT Security News. Read the complete article: RDP-Capable TrickBot…
NIST, DHS Publish Guidance on Securing Virtual Meetings, VPNs
With people worldwide forced to work from home due to the coronavirus epidemic, NIST and DHS published a series of recommendations on how to ensure that virtual meetings and connections to enterprise networks are protected from prying eyes. read more…
California Man Gets Prison for Hacking Atlanta-Based Company
A California man has been sentenced to more than seven years in prison for hacking an Atlanta-based company and trying to extort money in exchange for the return of the company’s intellectual property. read more Advertise on IT Security…
Patch for Recently Disclosed VMware Fusion Vulnerability Incomplete
The patch released recently by VMware for a privilege escalation vulnerability affecting Fusion for Mac have been found to be incomplete. read more Advertise on IT Security News. Read the complete article: Patch for Recently Disclosed VMware Fusion Vulnerability…
Researchers Hack Windows, Ubuntu, macOS at Pwn2Own 2020
On the first day of the Pwn2Own 2020 hacking competition, participants earned a total of $180,000 for demonstrating exploits targeting Windows 10, Ubuntu Desktop and macOS. read more Advertise on IT Security News. Read the complete article: Researchers Hack…
Cisco Patches Several Vulnerabilities in SD-WAN Solution
Cisco on Wednesday announced that it has patched a total of five vulnerabilities in its SD-WAN solution, including three that have been assigned a “high severity” rating. read more Advertise on IT Security News. Read the complete article: Cisco…
Researchers Track Coronavirus-Themed Cyberattacks
Cybercriminals have always used crises and natural disasters to fuel their social engineering activities. The COVID-19 (Coronavirus) pandemic is a massive human crisis, and criminals have been quick to take advantage. People are afraid, and fear is a primary social…
Analyzing Cyberspace Solarium Commission’s Blueprint for a Cybersecure Nation
The Cyberspace Solarium Commission (CSC) is a modern iteration of Eisenhower’s original 1953 Project Solarium. Project Solarium was tasked with developing a national strategy to contain and counter the nuclear threat from the USSR. CSC has a similar task to…
Adobe Patches Critical Flaws in Reader, ColdFusion, Other Products
Security updates released this week by Adobe address numerous critical and important vulnerabilities in Genuine Integrity Service, Acrobat and Reader, Photoshop, Experience Manager, ColdFusion, and Bridge. read more Advertise on IT Security News. Read the complete article: Adobe Patches…
Sixgill Introduces Dark Web Data Feed Product
Threat intelligence provider Sixgill has announced a new product that allows organizations to integrate a real-time, actionable dark web data feed into any security platform. read more Advertise on IT Security News. Read the complete article: Sixgill Introduces Dark…
VMware Fixes Privilege Escalation Vulnerability in Fusion for Mac
VMware announced on Tuesday that it has patched a serious privilege escalation vulnerability that can be exploited on Mac systems where Fusion, Remote Console (VMRC) or Horizon Client are installed. read more Advertise on IT Security News. Read the…
The Human Element and Beyond: Why Static Passwords Aren’t Enough
Static Passwords Are No Longer Enough to Secure Systems read more Advertise on IT Security News. Read the complete article: The Human Element and Beyond: Why Static Passwords Aren’t Enough
Ransomware Is Mostly Deployed After Hours: Report
Most ransomware is deployed after hours, and usually several days after the initial compromise, newly published research from FireEye reveals. read more Advertise on IT Security News. Read the complete article: Ransomware Is Mostly Deployed After Hours: Report
The Other Virus Threat: Surge in COVID-Themed Cyberattacks
It may look like an email from a supervisor with an attachment on the new “work from home policy.” But it could be a cleverly designed scheme to hack into your network. read more Advertise on IT Security News.…
Barr: FBI Probing If Foreign Gov’t Behind HHS Cyber Incident
Attorney General William Barr vowed in an interview with The Associated Press on Tuesday that there would be swift and severe action if a foreign government is behind disinformation campaigns aimed at spreading fear in the U.S. amid the coronavirus…
Trend Micro Patches Two Vulnerabilities Exploited in the Wild
Trend Micro has patched several serious vulnerabilities in its Worry-Free Business Security, Apex One and OfficeScan products, including a couple of flaws that have been exploited in the wild. read more Advertise on IT Security News. Read the complete…
Financial Services Firms Exposed 500,000 Sensitive Documents
Researchers say two financial services companies have exposed over 500,000 sensitive legal and financial documents by storing them in an unprotected AWS S3 bucket. read more Advertise on IT Security News. Read the complete article: Financial Services Firms Exposed…
Tech Companies Partner to Securely Connect IoT to Cloud
Thales, Telstra, Microsoft, and Arduino this week announced a partnership aimed at enabling the secure connection of IoT devices to the cloud. Delivering end-to-end connectivity between devices and cloud platforms, the solution enables “instant and standardized mutual authentication” over cellular…
Private Application Access Firm Axis Security Emerges From Stealth
Axis Security, a company that specializes in private application access, emerged from stealth mode on Tuesday with $17 million in funding. read more Advertise on IT Security News. Read the complete article: Private Application Access Firm Axis Security Emerges…
Two Dozen Arrested for Laundering Funds From BEC, Other Scams
Twenty-four individuals were arrested for laundering funds illegally obtained via business email compromise (BEC), romance, and retirement account scams targeting victims across the United States. The large-scale fraud operation facilitated by the arrested individuals has caused losses of more than…
Users Complain About Windows Update That Patches SMBGhost Vulnerability
Some users have complained that the Windows security update released recently by Microsoft to patch a wormable vulnerability related to Server Message Block 3.0 (SMBv3) is causing problems. read more Advertise on IT Security News. Read the complete article:…
Senate Votes to Renew Surveillance Powers, Delaying Changes
The U.S. Senate has voted to extend, rather than tweak, three surveillance powers that federal law enforcement officials use to fight terrorists, passing the bill back to an absent House and throwing the future of the authorities in doubt. read…
Rare Android Stalkerware Can Steal Data, Control Devices
A recently discovered piece of Android stalkerware can install itself persistently on the system partition and steals the file containing the hash sum for the screen unlock pattern or password to allow its operators to unlock devices. read more …
HHS Says DDoS Attack Failed to Cause Disruption
The U.S. Department of Health and Human Services (HHS) was targeted with a distributed denial-of-service (DDoS) attack on Sunday, but the agency said it did not experience any significant disruption as a result of the incident. read more Advertise…
PE Firm to Buy Application Security Specialist Checkmarx at $1.15 Billion Valuation
Checkmarx, a provider of tools for testing source code for security issues, announced on Monday that private equity firm Hellman & Friedman (“H&F”) has agreed to acquire a majority of the Company from Insight Partners in a deal valuing Checkmarx…
There Are Plenty of Phish in the Sea
There Are Plenty of Phish in the Sea for Commercial Phishers and Weekend Scammers Alike The phish market is open. And you don’t have to be an experienced angler to land a catch of the day. read more Advertise…
Organizations Slow to Patch Targeted Microsoft Exchange Vulnerability
Organizations have fallen behind with the patching of a Microsoft Exchange Server vulnerability addressed with Microsoft’s February 2020 Patch Day updates and already targeted in attacks. read more Advertise on IT Security News. Read the complete article: Organizations Slow…
There Are Plenty of Phish in the Sea for Commercial Phishers and Weekend Scammers Alike
Cybercrime Has Gone Mainstream With All the Tools You Need Now Easily Available on the Dark Web The phish market is open. And you don’t have to be an experienced angler to land a catch of the day. read more…
Slack Vulnerability Allowed Hackers to Hijack Accounts
A researcher earned $6,500 from Slack last year after finding a critical vulnerability that could have been exploited to hijack Slack accounts. Researcher Evan Custodio discovered in November 2019 that the enterprise collaboration platform’s slackb.com domain was vulnerable to HTTP…
COVID-19 Themed Phishing Campaigns Continue
Another COVID-19 (Coronavirus) phishing campaign has been discovered — this one apparently operated by the Pakistan-based APT36, which is thought to be nation-backed. APT36 has been active since 2016, and possibly earlier, performing cyber espionage activity against Indian defense and…
ProtonMail, ProtonVPN Will Use Alternative Routing to Bypass Censorship
Privacy-focused services provider Proton Technologies is deploying a new system to ensure that its email and VPN applications continue to be accessible even in scenarios where governments or ISPs attempt to block them. read more Advertise on IT Security…
Many Backdoors Found in Zyxel CloudCNM SecuManager Software
Researchers have discovered 16 types of vulnerabilities, including many backdoors, in Zyxel’s CloudCNM SecuManager network management software. The vendor has confirmed the flaws and says it’s working on patches. read more Advertise on IT Security News. Read the complete…
How National Security Surveillance Nabs More Than Spies
The case against Nassif Sami Daher and Kamel Mohammad Rammal, two Michigan men accused of food stamp fraud, hardly seemed exceptional. But the tool that agents used to investigate them was extraordinary: a secretive surveillance process intended to identify potential…
European Authorities Dismantle Two SIM Hijacking Gangs
European authorities managed to crack down on two cybercrime gangs responsible for stealing millions by employing SIM hijacking. read more Advertise on IT Security News. Read the complete article: European Authorities Dismantle Two SIM Hijacking Gangs
US Surveillance Powers Set to Temporarily Expire
Three surveillance powers available to the U.S. government are set to temporarily expire Sunday after a trio of senators opposed a bipartisan House bill that would renew the authorities and impose new restrictions. read more Advertise on IT Security…
Flaws in Popup Builder Plugin Impacted Over 100,000 WordPress Sites
More than 100,000 WordPress websites were potentially affected by a series of vulnerabilities recently discovered and addressed in the Popup Builder plugin. read more Advertise on IT Security News. Read the complete article: Flaws in Popup Builder Plugin Impacted…
Microsoft Deprecates Remote Desktop Connection Manager
Microsoft announced this week that has deprecated Remote Desktop Connection Manager (RDCMan) due to security concerns. read more Advertise on IT Security News. Read the complete article: Microsoft Deprecates Remote Desktop Connection Manager
Critical Flaw in VMware Workstation, Fusion Allows Code Execution on Host From Guest
VMware has patched three serious vulnerabilities in its products, including a critical flaw in Workstation and Fusion that can be exploited to execute arbitrary code on the host from the guest operating system. The critical flaw, tracked as CVE-2020-3947, is…
China-linked APT Hackers Launch Coronavirus-Themed Attacks
COVID-19 (Coronavirus) themed malware attacks are now common. The subject matter automatically contains at least two of the primary social engineering triggers, fear and urgency, making it an obvious lure for use by criminals. Even a long-standing China-based APT has…
Trump Signs Bill to Help Telecoms Replace Huawei Equipment
President Donald Trump on Thursday signed into law a bill that provides $1 billion to help small telecom providers replace equipment made by China’s Huawei and ZTE. read more Advertise on IT Security News. Read the complete article: Trump…
U.S. Senators Seek to Ban TikTok on Government Devices
read more Advertise on IT Security News. Read the complete article: U.S. Senators Seek to Ban TikTok on Government Devices
House Strikes Deal to Extend Surveillance Powers
House lawmakers prepared to extend surveillance authorities that expire this month, releasing legislation that represents a rare bipartisan agreement after members of both parties said they wanted to ensure the tools preserved civil liberties. read more Advertise on IT…
‘Cookiethief’ Android Malware Hijacks Facebook Accounts
A recently discovered Android Trojan was designed to gain root access on infected devices and hijack Facebook accounts by stealing cookies from the browser and the social media app. read more Advertise on IT Security News. Read the complete…
Currency Data Provider ‘Open Exchange Rates’ Discloses Breach
Currency data provider Open Exchange Rates has started informing customers that their information was likely stolen by hackers. read more Advertise on IT Security News. Read the complete article: Currency Data Provider ‘Open Exchange Rates’ Discloses Breach
Facebook Takedowns Reveal Sophistication of Russian Trolls
Facebook and Twitter revealed evidence Thursday suggesting that Russian efforts to interfere in the U.S. presidential election are getting more sophisticated and harder to detect. The companies said they have removed dozens of fake accounts and pages from their services.…
Out-of-Band Windows Updates Patch Wormable SMB Vulnerability
Microsoft has released out-of-band updates for Windows to patch a critical remote code execution vulnerability in Server Message Block 3.0 (SMBv3) that has been described as “wormable.” read more Advertise on IT Security News. Read the complete article: Out-of-Band…
Google Releases Tool to Block USB Keystroke Injection Attacks
Google has released a new software tool designed to identify potential USB keystroke injection attacks and block devices they originate from. read more Advertise on IT Security News. Read the complete article: Google Releases Tool to Block USB Keystroke…
Russia-Linked Turla Cyberspies Add More Malware to Arsenal
The Russia-linked threat group known as Turla was observed using two new pieces of malware in attacks launched over a period of roughly two months in the fall of 2019, ESET reports. read more Advertise on IT Security News.…
Several Vulnerabilities Expose Phoenix Contact Industrial 4G Routers to Attacks
Several potentially serious vulnerabilities have been discovered in some of the industrial 4G routers made by Phoenix Contact, a Germany-based provider of industrial automation, connectivity and interface solutions. read more Advertise on IT Security News. Read the complete article:…
Auth0 Adds Threat Intelligence Tools to Identification Platform
Identity management firm Auth0 has launched Auth0 Signals, a collection of threat intelligence tools and capabilities designed to protect customers from identity attacks. read more Advertise on IT Security News. Read the complete article: Auth0 Adds Threat Intelligence Tools…
Vulnerability Prompts Avast to Disable Emulator Used by Antivirus
Avast this week disabled a JavaScript interpreter that is part of its antivirus product, after a security researcher discovered a vulnerability that could potentially lead to remote code execution. The JavaScript interpreter was found to run unsandboxed, thus potentially exposing…
Tech Must Be Treated Like Tobacco, Says Facebook Whistleblower
Facebook and other tech companies need to be regulated like the tobacco industry, warned Christopher Wylie, the whistleblower who exposed the Cambridge Analytica scandal. read more Advertise on IT Security News. Read the complete article: Tech Must Be Treated…
Google Offering Higher Bonuses for Cloud Platform Vulnerabilities
Google announced on Wednesday that it’s prepared to pay out an extra $313,337 for interesting Cloud Platform vulnerabilities submitted in 2020. read more Advertise on IT Security News. Read the complete article: Google Offering Higher Bonuses for Cloud Platform…
Intel Patches 27 Vulnerabilities Across Product Portfolio
Intel this week released patches for more than two dozen vulnerabilities impacting graphics drivers, FPGA, processors NUC, BlueZ, and other products. read more Advertise on IT Security News. Read the complete article: Intel Patches 27 Vulnerabilities Across Product Portfolio
Critical Vulnerabilities in SAP Solution Manager Expose Companies to Attacks
SAP on Tuesday released 16 security notes and two updates to previously released patches as part of its March 2020 Security Patch Day, with three of the new notes rated hot news. read more Advertise on IT Security News.…
US Needs Top Cyber Coordinator, Better Hacker ‘Deterrence’: Panel
The US needs a top-level cybersecurity coordinator and a better strategy of “deterrence” to protect against hackers and other cyber threats, a congressionally mandated commission said Wednesday. read more Advertise on IT Security News. Read the complete article: US…
Tens of Vulnerabilities Expose WAGO Controllers, HMI Panels to Attacks
Tens of vulnerabilities discovered by Cisco Talos researchers in WAGO products expose some of the company’s controllers and human-machine interface (HMI) panels to remote attacks. read more Advertise on IT Security News. Read the complete article: Tens of Vulnerabilities…
Firefox 74 Patches Vulnerabilities, Disables TLS 1.0 and 1.1
Mozilla this week released Firefox 74 to the stable channel with several security improvements, including patches, a new add-ons policy, improved privacy, and versions 1.0 and 1.1 of the Transport Layer Security (TLS) protocol disabled by default. read more …
SOC-as-a-Service Specialist Arctic Wolf Raises $60 Million
Sunnyvale, Calif-based Arctic Wolf Networks has raised $60 million in a Series D funding round led by Blue Cloud Ventures and Stereo Capital. This brings the total raised to date to $148.2 million. read more Advertise on IT Security…
Dating App Maker Match Group Backs US Bill Seen as Privacy Threat
Match Group, the parent company of dating apps such as Tinder, on Tuesday publicly endorsed a US bill others in the tech industry fear will erode online privacy and speech in the name of fighting child abuse. read more …
Avast AntiTrack Flaw Allows MitM Attacks on HTTPS Traffic
A vulnerability in Avast’s anti-tracking solution could allow malicious actors to perform man-in-the-middle (MitM) attacks on HTTPS traffic, a security researcher has discovered. The security flaw, which impacts both Avast and AVG AntiTrack, as they share underlying code, resides in…
Microsoft Working on Patches for Wormable SMB Vulnerability
Microsoft is working on patches for a critical remote code execution vulnerability in Server Message Block 3.0 (SMBv3) that exposes systems to “wormable” attacks. read more Advertise on IT Security News. Read the complete article: Microsoft Working on Patches…
Human Intelligence is Pivotal in a Data-Driven World
It’s Important to Enrich External Threat Intelligence With Context to Understand the Who, What, Where, When, Why and How of an Attack read more Advertise on IT Security News. Read the complete article: Human Intelligence is Pivotal in a…
European Electrical Energy Organization Discloses Breach
The European Network of Transmission System Operators for Electricity (ENTSO-E) revealed this week that malicious actors breached its corporate network. read more Advertise on IT Security News. Read the complete article: European Electrical Energy Organization Discloses Breach
Microsoft Patches 115 Vulnerabilities in Windows, Other Products
Microsoft’s Patch Tuesday updates for March 2020 address 115 vulnerabilities, including 26 critical issues affecting Windows, Word, Dynamics Business Central, and the company’s web browsers. read more Advertise on IT Security News. Read the complete article: Microsoft Patches 115…
Microsoft Cracks Infrastructure of Infamous Necurs Botnet
Necurs Botnet Takedown read more Advertise on IT Security News. Read the complete article: Microsoft Cracks Infrastructure of Infamous Necurs Botnet
Facebook Awards $55,000 for Flaw That Could Lead to Account Hijacking
A researcher has earned $55,000 from Facebook for reporting a serious vulnerability that could have been exploited by hackers to steal access tokens and hijack accounts. read more Advertise on IT Security News. Read the complete article: Facebook Awards…
Akamai’s CDN Logs Uncover Emerging Phishing Attacks
Akamai Uses CDN Logs to Gain Insight Into the Success of Phishing Attacks read more Advertise on IT Security News. Read the complete article: Akamai’s CDN Logs Uncover Emerging Phishing Attacks
Never a Dull Moment – RSA Conference Afterthoughts
There’s Never a Dull Moment in the World of Security read more Advertise on IT Security News. Read the complete article: Never a Dull Moment – RSA Conference Afterthoughts
Load Value Injection: Intel CPUs Vulnerable to Reverse Meltdown Attack
Many processors made by Intel are vulnerable to a newly disclosed type of attack named Load Value Injection (LVI), but the chip maker has told customers that the attack is not very practical in real world environments. read more …
Attacks Targeting Recent Microsoft Exchange Flaw Ramping Up
Multiple threat actors are already targeting Microsoft Exchange servers in an attempt to exploit a vulnerability fixed by Microsoft with its February 2020 Patch Tuesday updates. read more Advertise on IT Security News. Read the complete article: Attacks Targeting…
Hackers Hack Hacking Tools to Hack Hackers
Researchers Uncover Campaign Where Attackers Are Trojanizing Multiple Hacking Tools Used by Other Attackers read more Advertise on IT Security News. Read the complete article: Hackers Hack Hacking Tools to Hack Hackers
Hackers Exploiting Recently Patched ManageEngine Desktop Central Vulnerability
A recently disclosed vulnerability affecting Zoho’s ManageEngine Desktop Central endpoint management solution is already being exploited in attacks. read more Advertise on IT Security News. Read the complete article: Hackers Exploiting Recently Patched ManageEngine Desktop Central Vulnerability
Durham City, County Recovering After Ransomware Attack
The City of Durham and the Durham County government in North Carolina are in the process of recovery after experiencing what appears to be a ransomware attack on March 6. read more Advertise on IT Security News. Read the…
AT&T, Palo Alto Networks and Broadcom Develop Firewall Framework
New Framework Enables Deployment of Firewalls as Software-Based Platforms AT&T, Palo Alto Networks and Broadcom have been developing a framework that enables organizations to deploy firewalls as software-based platforms instead of hardware appliances. read more Advertise on IT Security…
Google Allows Enrolling Security Keys on More Devices
Google has announced that Android and macOS users can now use more web browsers to initially register security keys to their accounts. read more Advertise on IT Security News. Read the complete article: Google Allows Enrolling Security Keys on…
Proposed Bill Seeks to Protect Researchers Disclosing Classified Government Backdoors
Newly introduced legislation seeks to protect journalist who publish classified information, as well as security researchers who discover classified government backdoors. read more Advertise on IT Security News. Read the complete article: Proposed Bill Seeks to Protect Researchers Disclosing…
Facilities That Lost Data Center Status at Increased Risk of Cyberattacks: GAO
Federal agencies participating in the Office of Management and Budget’s (OMB) Data Center Optimization Initiative (DCOI) report that they are on track with previously announced plans to close hundreds of outdated data centers, but many of the facilities that will…
Human-Operated Ransomware Is a Growing Threat to Businesses: Microsoft
Employing techniques usually associated with nation-state threat actors, human-operated ransomware attacks represent a growing threat to businesses, Microsoft warned last week. read more Advertise on IT Security News. Read the complete article: Human-Operated Ransomware Is a Growing Threat to…
Researchers Disclose Two New Attacks Against AMD CPUs
Researchers have identified two new methods for attacking AMD processors, but they are not as dangerous as some of the previously disclosed CPU attacks. read more Advertise on IT Security News. Read the complete article: Researchers Disclose Two New…
Aussie Watchdog Sues Facebook Over Cambridge Analytica Breach
Australia’s privacy watchdog announced legal action against Facebook Monday for alleged “systematic failures” exposing more than 300,000 Australians to a data breach by Cambridge Analytica. read more Advertise on IT Security News. Read the complete article: Aussie Watchdog Sues…
Virgin Media Accused of Downplaying Security Incident
Virgin Media has been accused of downplaying the recently disclosed cybersecurity incident that involved the personal information of roughly 900,000 people. read more Advertise on IT Security News. Read the complete article: Virgin Media Accused of Downplaying Security Incident
US, UK and Estonia Accuse Russia of Cyber Attack on Georgia
UNITED NATIONS (AP) — The United States, United Kingdom and Estonia accused Russia’s military intelligence Thursday of conducting cyber attacks against the Georgian government and media websites in an attempt “to sow discord and disrupt the lives of ordinary Georgians.”…
IoT Security Firm Ordr Increases Funding to $50 Million
Kaiser Permanente Ventures and Mayo Clinic Invest in Enterprise IoT Security Firm read more Advertise on IT Security News. Read the complete article: IoT Security Firm Ordr Increases Funding to $50 Million
Accenture Acquires UK-Based Context Information Security for $140 Million
Consulting giant Accenture has acquired UK-based cyber defense consultancy Context Information Security from Babcock International Group. Accenture says it’s not disclosing any financial terms, but aerospace and defense company Babcock revealed that it sold Context for £107 million, or roughly…
FBI Working to ‘Burn Down’ Cyber Criminals’ Infrastructure
To thwart increasingly dangerous cyber criminals, law enforcement agents are working to “burn down their infrastructure” and take out the tools that allow them to carry out their devastating attacks, FBI Director Christopher Wray said Wednesday. read more Advertise…
Facebook Sues Namecheap Over Fraudulent Domains
Facebook announced on Thursday that it has filed a lawsuit against domain registrar Namecheap and its Whoisguard privacy protection service over its refusal to provide information on a series of domains that impersonated the social media company and its services.…
Let’s Encrypt Will Not Replace 1 Million Bug-Affected Certificates
Free and open certificate authority (CA) Let’s Encrypt has decided that it will not revoke one million of the certificates affected by the recent CAA recheck bug. read more Advertise on IT Security News. Read the complete article: Let’s…
Zoho Working on Patch for Zero-Day Vulnerability in ManageEngine Product
Business tools development company Zoho says it’s working on a patch for a zero-day vulnerability affecting its ManageEngine Desktop Central product. read more Advertise on IT Security News. Read the complete article: Zoho Working on Patch for Zero-Day Vulnerability…
Virgin Media Exposed Personal Information of 900,000 People
UK-based phone, TV and broadband services provider Virgin Media on Thursday admitted that it exposed the personal information of roughly 900,000 people. read more Advertise on IT Security News. Read the complete article: Virgin Media Exposed Personal Information of…
US Lawmakers Propose Internet Controls to Fight Child Porn
US lawmakers proposed legislation Thursday that could see internet companies held legally responsible for content on their platforms if they don’t do enough to police child pornography. read more Advertise on IT Security News. Read the complete article: US…