All Recent News


ISACA.ORG

New Report from RIMS and ISACA Helps Organizations Bridge the Digital Risk Gap CMMI Institute and CohnReznick Align to Offer Cybersecurity and Privacy Solutions By Design


NIST.GOV

NICE Webinar: Understanding Interventions that Broaden Underrepresented Minority Participation in Cybersecurity Careers Cybersecurity Innovation at NIST... and Beyond
Cybersecurity of Electric Vehicle Chargers Register Now: The 2019 NICE K12 Cybersecurity Education Conference
Get Involved in National Cybersecurity Career Awareness Week


SecurityWeek.com

Uganda, Zambia Deny Huawei Helped Spy on Political Opponents Organizations Expose Sensitive Data via Malware Analysis Sandboxes
UK Hacker Sentenced to 20 Months in Prison AWS: No Significant Issues at Other Alleged Targets of Capital One Hacker
Webmin Backdoored for Over a Year Facebook Offers Rewards for Instagram Data Abuse Reports
Harnessing Stunt Hacking for Enterprise Defense Flaw in New Facebook Design Allowed Removal of Profile Photos
VideoLAN Patches Dozen Vulnerabilities in VLC Chinese Cyber-Spies Target US-Based Research University
Internet-Exposed Sphinx Servers at Risk of Attacks Suspect in Huge Capital One Breach Seeks Release From Jail
Chinese Cyberspies Continue Targeting Medical Research Organizations Visa Tackles Payment Fraud with New Security Services
Russian APT 'Silence' Steals $3.5 Million in One Year Amazon, Microsoft, May be Putting World at Risk of Killer AI, Says Report
Cisco Patches Many Serious Vulnerabilities in Unified Computing Products Attackers Demand Millions in Texas Ransomware Incident
DLL Hijacking Flaw Found in Bitdefender Antivirus Free 2020 Remote Code Execution Flaws Impact Aspose APIs
Majority of Malicious Job Attacks on Microsoft SQL Server Target Asia Hackers Target Vulnerabilities in Fortinet, Pulse Secure Products
Claroty Releases Free Diagnostic Tool for Urgent/11 Vulnerabilities Microsoft Offers Up to $30,000 for Flaws in Chromium-Based Edge
Illegal Cryptocurrency Mining at Ukraine Nuclear Plant Exposed Sensitive Data Classification Concerns Over FISMA Report on Improving Agency Cybersecurity
Black Hat 2019: Bounties, Breaches and Deepfakes, Oh My! New Tool From Cisco Hunts Flaws in Automotive Computers
Asruex Malware Exploits Old vulnerabilities to Infect PDF, Word Docs US Wants Woman Accused in Capital One Hack to Stay Locked Up
Kubernetes Patches Recent HTTP/2 Vulnerabilities Cyberattacks on Texas Cities Put Other Governments on Guard
Vulnerability Found in SimpleMDM Apple Device Management Solution The Growing Threat of Deepfake Videos
Company Sues Black Hat Conference Over Mocked Presentation Hacker Finds Instagram Account Takeover Flaw Worth $10,000
Senators Question NHTSA on Risks of Connected Vehicles Code Execution Flaw in QEMU Mostly Impacts Development, Test VMs
Apple Patches Re-Introduced Jailbreak Vulnerability Dridex Operator Updates Tactics and Targets
Imperva Notifies Cloud WAF Customers of Security Incident Low Budgets, Limited Expertise Plague SMB Cybersecurity
Avast, French Police Remove Retadup Malware From 850,000 PCs DLL Hijacking Flaw Patched in Check Point Endpoint Security
Researchers Analyze Tools Used by 'Hexane' Attackers Against Industrial Firms Cisco UCS Vulnerabilities Allow Complete Takeover of Affected Systems
Pulse Secure Says Majority of Customers Patched Exploited Vulnerability Alleged Capital One Hacker Indicted on Wire Fraud, Computer Data Theft Charges
Disrupting Cybercriminal Strategy With AI and Automation US Waged Cyberattack on Database Used by Iran to Target Tankers: NY Times
Google Offers Big Bounties for Data Abuse Reports iOS Vulnerabilities Allowed Attackers to Remotely Hack iPhones for Years
Operation Indiscriminately Infects iPhones With Spyware TrickBot Tricks U.S. Users into Sharing their PIN Codes
SIM Swapping Blamed for Hacking of Twitter CEO's Account USBAnywhere: BMC Flaws Expose Supermicro Servers to Remote Attacks
Cisco Releases Guides for Analyzing Compromised Devices Zyxel Devices Can Be Hacked via DNS Requests, Hardcoded Credentials
Huawei Accuses US of Cyberattacks, Coercing Employees Code Execution Flaws Found in EZAutomation PLC, HMI Software
MITRE ATT@CK Used for Cybersecurity Skills Development Countermeasure: Hack the Hacker?
Vulnerability in Network Provisioning Affects Majority of All Android Phones Android's September 2019 Patches Fix Nearly 50 Vulnerabilities
Google to Pay $170 mn Fine for Collecting YouTube Data From Kids Tech Firms, US Officials Talk Election Protection at Facebook
Crimeware Risk Underestimated, Chronicle Finds The Power of Visualization to Accelerate Security Operations
400 Mn Facebook Users' Phone Numbers Exposed in Privacy Lapse: Reports WordPress 5.2.3 Patches Several XSS Vulnerabilities
Ransomware Attack Locks Out New Bedford City Data Firefox 69 Patches Critical Code Execution Flaw
Unpatched Privilege Escalation Vulnerability Impacts Android Cisco Patches Remote Command Execution in Webex Teams Client
Exim Vulnerability Allows Remote Code Execution as Root Industry Reactions to Iranian Mole Planting Stuxnet: Feedback Friday
Oklahoma Pension Fund Reports $4.2 Million Cyber Theft Apple: Security Report on iPhone Hack Created 'False Impression'
China-Linked 'Thrip' Cyberspies Continue Attacks on Southeast Asia Several Vulnerabilities Found in Red Lion HMI Software
Private Equity Firms Interested in Buying Symantec for $16 Billion: Report BlueKeep Exploit Added to Metasploit
U.S. Cyber Command Adds North Korean Malware Samples to VirusTotal Cyberattack Disrupted Firewalls at U.S. Power Utility
HackerOne Raises $36.4 Million in Series D Funding Round Cyber Fusion Center-in-a-Box Firm Cyware Raises $3 Million in Seed Funding
Stop Using CVSS to Score Risk Vulnerabilities Exposed 2 Million Verizon Customer Contracts
Adobe Patches Two Code Execution Vulnerabilities in Flash Player New Stealth Falcon Backdoor Discovered
Microsoft Patches Two Privilege Escalation Flaws Exploited in Attacks Ransomware Attack Hits School District Twice in 4 Months
Hundreds Arrested in Joint US-Nigeria Crackdown on Cyber Scams NetCAT Attack: Hackers Can Remotely Steal Data From Servers With Intel CPUs
Siemens Issues Advisories for DejaBlue, SACK Panic Vulnerabilities SAP Patches Critical Vulnerability in NetWeaver
Credential Leaking Vulnerabilities Impact Comba, D-Link Routers Microsoft Makes Automated Incident Response in Office 365 ATP Generally Available
North Korean Hackers Use New Tricks in Attacks on U.S. Iran-Linked Hackers Again Target Universities
Simjacker: SIM Card Attack Used to Spy on Mobile Phone Users Poland to Launch Cyberspace Defense Force
Russian Hackers Behind Ukraine Power Outage May Have Sought More Damage DoS Vulnerabilities Patched in NETGEAR N300 Routers
Netanyahu, Trump Deny Report of Israeli Spying Near White House Sophos Makes Sandboxie Free in Transition to Open Source
US Puts Sanctions on N.Korea Hacking Groups Behind Major Thefts Car Dealer Marketing Firm Exposed 198 Million Data Records
Hundreds Laid Off by Symantec as Part of Restructuring Plan Securing the 2020 Elections From Multifarious Threats
Serious Flaws in CODESYS Products Expose Industrial Systems to Remote Attacks LastPass Patches Bug Leaking Last-Used Credentials
Saudi Attacks Expose Threat to Critical Infrastructure Security Firm: Data Breach Exposes Millions of Ecuadorians
SOHOpelessly Broken 2.0: 125 Vulnerabilities Found in Routers, NAS Devices Australia Knows China Hacked Its Parliament: Report
AMD Radeon Driver Flaw Leads to VM Escape US Justice Department Sues Snowden Over New Book
'Panda' Group Makes Thousands of Dollars Using RATs, Crypto-Miners Code Execution Vulnerabilities Found in Aspose PDF Processing Product
Top 10 Tactical Recommendations for SMB Cybersecurity U.S. Could Launch Cyberattack on Iran in Response to Saudi Oil Attack
300 More Chinese Arrested in Philippines Crackdown GitHub Becomes CVE Numbering Authority, Acquires Semmle


ThreatPost.com

Coordinated Ransomware Attack Hits 23 Texas Government Agencies Google Nest Security Cam Bugs Allow Device Takeover
Post GandCrab, Cybercriminals Scouring the Dark Web for the Next Top Ransomware Apple iOS Patch Blunder Opens Updated iPhones to Jailbreaks
Microsoft Offers $30K Rewards For Chromium Edge Beta Flaws Cisco Patches Six Critical Bugs in UCS Gear and Switches
The Texas Ransomware Attacks: A Gamechanger for Cybercriminals Researcher Discloses Second Steam Zero-Day After Valve Bug Bounty Ban
Lenovo High-Severity Bug Found in Pre-Installed Software News Wrap: Linux Utility Backdoor, Steam Zero Day Disclosure Drama
WordPress Plugins Exploited in Ongoing Attack, Researchers Warn ThreatList: Half of All Social Media Logins Are Fraud
Apple Fixes iOS Flaw That Opened iPhones to Jailbreaks Oil and Gas Firms Targeted By New LYCEUM Threat Group
Defense Takeaways from Three Adversary Playbooks Google Squashes High-Severity Blink Browser Engine Flaw
Critical Cisco VM Bug Allows Remote Takeover of Routers News Wrap: Dentist Offices Hit By Ransomware, Venmo Faces Privacy Firestorm
Six Hackers Have Now Pocketed $1M From Bug Bounty Programs Gamification Can Transform Company Cybersecurity Culture
‘USBAnywhere’ Bugs Open Supermicro Servers to Remote Attackers How to Get a Handle on Patch Management
Firefox 69 Release Kills Default Tracking Cookies, Flash Support CEO ‘Deep Fake’ Swindles Company Out of $243K
Half of Android Handsets Susceptible to Clever SMS Phishing Attack Critical Bugs Open Food-Safety Systems to Remote Attacks
Android Zero-Day Bug Opens Door to Privilege Escalation Attack, Researchers Warn News Wrap: Deepfake CEO Voice Scam, Facebook Phone Data Exposed
China’s APT3 Pilfers Cyberweapons from the NSA ThreatList: Police Use of Facial Recognition is Just Fine, Say Most Americans
Apple Claims Google is Spreading FUD Over Patched iPhone Bugs Critical Exim Flaw Opens Millions of Servers to Takeover
Wikipedia, World of Warcraft Downed By Weekend DDoS Attacks Stealth Falcon Targets Middle East with Windows BITS Feature
Vulnerabilities in D-Link, Comba Routers Can Leak Credentials Adobe Fixes Critical Flash Player Code Execution Flaws
ThreatList: Amidst Data Breaches, Account Creation Fraud Soars in 2019 Insider Threats Are Rising – But They Shouldn’t Be
Strangest Phishing Lures of 2019: From Divorce Papers to Real Estate Decoys CISO/CIO: Get an iPad and Apple Watch with an App Monitoring your Security 24/7
ThreatList: Apple Adware, Phishing, APT Attacks Threaten macOS Users 1B Mobile Users Vulnerable to Ongoing ‘SimJacker’ Surveillance Attack
Cybercriminals Adding Sophistication to BEC Threats News Wrap: IoT Radio Telnet Backdoor And ‘SimJacker’ Active Exploit
iPhone iOS 13 Lockscreen Bypass Flaw Exposes Contacts New Threat Actor Fraudulently Buys Digital Certificates to Spread Malware
U.S. Sanctions North Korean Group Behind WannaCry, Sony Hacks Asus, Lenovo and Other Routers Riddled with Remotely Exploitable Bugs
LastPass Fixes Bug That Leaks Credentials Cisco Extends Patch for IPv6 DoS Vulnerability
Panda Threat Group Mines for Monero With Updated Payload, Targets Marc Rogers: Success of Anonymous Bug Submission Program ‘Takes A Village’


US-CERT.GOV

Cyber Safety for Students CISA Insights: Ransomware Outbreak
Cisco Releases Security Updates CISA Strategic Intent: Defend Today, Secure Tomorrow
FISMA Annual Report to Congress IRS Warns of New Email Scam
Google Releases Security Updates for Chrome Protect Against Romance Scams
Apple Releases Multiple Security Updates September is National Preparedness Month: Be Prepared, Not Scared
Cisco Releases Security Updates for Multiple Products Potential Hurricane Dorian Cyber Scams
Mozilla Releases Security Updates for Firefox and Firefox ESR Supermicro Releases Security Updates
NCSC Releases UK Cyber Incident Trends Report Samba Releases Security Updates
Cisco Releases Security Updates FBI Releases Article on Think Before You Post Campaign
MS-ISAC Releases Advisory on PHP Vulnerabilities WordPress Releases Security Update
Ransomware Protection Strategies Exim Releases Security Patches
U.S. Cyber Command Shares 11 New Malware Samples FBI Safe Online Surfing Challenge
North Korean Malicious Cyber Activity Adobe Releases Security Updates
Microsoft Releases September 2019 Security Updates MS-ISAC Releases Security Event Primer on Malware
Google Releases Security Updates for Chrome Intel Releases Security Updates
2019 CWE Top 25 Most Dangerous Software Errors VMware Releases Security Updates for Multiple Products