All Recent News


ISACA.ORG

New Study Reveals Risk Levels Are Increasing, But Response Time Lags for Mitigating Emerging Threats


NIST.GOV

Cybersecurity Innovation at NIST... and Beyond National Cybersecurity Career Awareness Week
NICE Webinar: Cybersecurity Career Opportunities with the Federal Government National Cybersecurity Career Awareness Week is Here!


SecurityWeek.com

Public, Election Officials May Be Kept in the Dark on Hacks US, UK: Russian Hackers Hijacked Iranian Malware, Infrastructure
Avast Discloses New Supply-Chain Attack Attempt New Cybersecurity Bills Promote CISOs and Privacy
TorGuard, NordVPN Respond to Breach Reports Facebook Steps Up Security Amid Fresh Signs of Russia Meddling
Outdated OSs Still Present in Many Industrial Organizations: Report New Winnti Backdoor Targets Microsoft SQL
Gaining a Decisive Advantage in the Cyber Battle Microsoft Invests in Securing Device Firmware
New Variant of Gustuff Android Banking Trojan Emerges Tech, Security Firms Launch Operational Technology Cyber Security Alliance
Avast, Avira Products Vulnerable to DLL Hijacking Maxthon Browser Vulnerability Can Help Attackers in Post-Exploitation Phase
Chrome 78 Released With DoH, 37 Security Patches Cyberattack Causes Serious Disruptions at German Automation Firm Pilz
Trend Micro Patches Code Execution Vulnerability in Anti-Threat Toolkit 5G Myth Busting: Unpacking the Cybersecurity Risks and Realities
Some ICS Security Incidents Resulted in Injury, Loss of Life: Survey Click-Fraud Trojan Found in Apple App Store
Researchers Analyze North Korea-Linked NukeSped RAT Google Patches More High-Value Chrome Sandbox Escape Vulnerabilities
United Nations Organizations Targeted in Ongoing Phishing Campaign The Threat to SoHo IoT Devices is Growing Rapidly
Palo Alto Networks Blames Tariffs for Firewall Price Hikes New Jersey Man Pleads Guilty to Hacker Attack Involving Hardware Keyloggers
Data Breach at St. Louis Health Center Impacts up to 152,000 Millions Download Adware-Carrying Apps From Google Play
2,000 Georgia Websites Hit by Cyber Attacks City of Johannesburg Refuses to Pay Ransom to Hackers
U.S. Proposes Cutting Off Funds for Chinese Telecom Equipment U.S. Fast-Food Chain Krystal Investigating Payment Card Breach
Russian Cyberspies Again Target Sporting, Anti-Doping Organizations Clean Up Your Act with Better Cyber Hygiene
Slack Offers Bigger Rewards for Serious Vulnerabilities MikroTik Router Vulnerabilities Can Lead to Backdoor Creation
Digital Transformation in Pharma Introduces New OT Security Threats Critical Vulnerabilities Found in Rittal Cooling System
WhatsApp Sues Israeli Firm NSO Over Cyberespionage NSO Group: Israeli Firm Accused of Cyberespionage
Threat to US Elections Not Limited to Russia in 2020 Nuclear Power Plant in India Hit by North Korean Malware: Report
Reality Check on the Demise of Multi-Factor Authentication Apple Patches Tens of Vulnerabilities in macOS Catalina, iOS 13
21 Million Stolen Fortune 500 Credentials For Sale on Dark Web Florida Elections Chief: State Systems Prepared for Hackers
Hackers Plead Guilty in Data Breach that Uber Covered Up Corellium Responds to Apple's Copyright Infringement Lawsuit
Israel Approves Extradition to US of Russian 'Hacker' Norsk Hydro Receives First Insurance Payout Following Cyberattack
Chinese Cyberspies Use New Malware to Intercept SMS Traffic at Mobile Operators India Seeks Answers From WhatsApp After Cyberespionage
Cisco Firewall Vulnerability Exploited in Attack on U.S. Renewable Energy Provider Cyberbalkanization and the Future of the Internet
Chrome Zero-Day Vulnerability Exploited in Korea-Linked Attacks BlueKeep Vulnerability Exploited to Deliver Cryptocurrency Miner
Midwest's 1st Cyber Battalion to Be Based in Indiana Cybersecurity Executives Say Cost of Security Reasonable: Survey
Hackers Can Target Able2Extract Users With Malicious Image Files Proofpoint Acquires Insider Threat Management Firm ObserveIT for $225 Million
Europol on Methodology Behind Successful Spear Phishing Attacks PoC Exploits Published for Unpatched RCE Bugs in rConfig
Hackers Can Use Lasers to Send Voice Commands to Phones, Smart Speakers DarkUniverse APT Uses Just-in-Time Malware Creation
Google Patches Critical Flaws in Android's System Component Trend Micro Employee Sold Customer Data to Scammers
The Future of Cyber Through the Eyes of an Intelligence Firm Immersive Labs Raises $40 Million for Cyber Skills Platform
Bug Hunters Earn $195,000 for Hacking TVs, Routers, Phones at Pwn2Own Libarchive Vulnerability Impacts Multiple Linux Distributions
Documents Show Facebook Controlling Competitors With User Data: Report NVIDIA Patches Flaws in GPU Display Driver, GeForce Experience
Transitioning to a Security-Driven Networking Strategy Cisco Patches Vulnerabilities in Small Business Routers, RoomOS Software
Sepio Systems Raises $6.5 Million to Defend Against Rogue Hardware Accenture Launches Cyber Ranges for Industrial Companies
Hackers Can Target LEADTOOLS Users With Malicious Image Files Microsoft: BlueKeep Exploit Will Likely Deliver More Damaging Payloads
Cybersecurity Workforce Gap: 145% Growth Needed to Meet Global Demand DHS Warns of Critical Flaws in Medtronic Medical Devices
BlueKeep Attacks Crash Systems Due to Meltdown Patch Platinum Cyberspies Use Sophisticated Backdoor in Attacks
Zurich Announces New Cyber Insurance for Manufacturing Industry Hackers Receive $500,000 in One Week via Bugcrowd
You Can't Defend What You Can't See: Why Visibility is Critical for Improving Cyber Defense OpenText to Acquire Data Protection Firm Carbonite
Adobe Patches Vulnerabilities in Design, Web Products Magento Users Warned of Remote Code Execution Vulnerability
Microsoft Patches Another Internet Explorer Flaw Exploited in Attacks Call for Papers: SecurityWeek's 2020 Singapore ICS Cyber Security Conference
New PureLocker Ransomware Linked to MaaS Provider for Cobalt Gang, FIN6 'State of the Firewall' Report: Automation Key to Preventing Costly Misconfigurations
Intel Driver Vulnerability Can Give Attackers Deep Access to a Device Value and Limitations of Vendor Telemetry and Reported Incidents
Canada Spy Agencies Split Over Proposed Huawei 5G Ban: Media Automated Penetration Testing Startup Pcysys Raises $10 Million
Vulnerability in McAfee Antivirus Products Allows DLL Hijacking Australian Universities Adopt Foreign Interference Guidelines
Iranian APT33 Hackers Use Special Botnets for High-Value Targets in U.S. Online Retailers Ill-Prepared for Holiday Season
DLL Hijacking Flaw Impacts Symantec Endpoint Protection Corellium: Apple Sued Us After Failed Acquisition Attempt
LINE Launches Public Bug Bounty Program on HackerOne Undocumented Access Feature Exposes Siemens PLCs to Attacks
Fears Grow on Digital Surveillance: US Survey Zero-Day Exploits Earn Hackers Over $500K at Chinese Competition
WhatsApp Vulnerability Allows Code Execution Via Malicious MP4 File Security of North American Energy Grid Tested in GridEx Exercise
First Cypriot to Be Extradited to US, on Hacking Charges Vulnerability in ABB Plant Historian Disclosed 5 Years After Discovery
Payment Card Skimmer Found on Macy's Website Ransomware Attack Hits Louisiana State Servers
Support for Adobe Acrobat, Reader 2015 Will End on April 7, 2020 Vulnerabilities in Android Camera Apps Exposed Millions of Users to Spying
Technology Firms and Victim Advocacy Groups Launch Coalition Against Stalkerware US, Montenegro Plot Cyber Warfare Ahead of 2020 Elections
Cyber Risk Analytics Firm CyberCube Raises $35 Million


Tenable.com

Executive Authentication Summary Report Operations Authentication Report


ThreatPost.com

Avast Network Breached As Hackers Target CCleaner Again Survey Finds People are Privacy Hypocrites
Cynet’s free vulnerability assessment offering helps organizations significantly increase their security Three Service Account Secrets Straight from Hackers and Security Pros
Magecart 5 Linked to Carbanak Gang ThreatList: Google’s Advertising Network Dominates Global Data Collection
Fujitsu Wireless Keyboard Plagued By Unpatched Flaws ThreatList: Sharp Increase in Fake Mobile Apps Impersonating Legit Ones
Samsung Rolls Out Fix For Galaxy S10 Fingerprint Sensor Glitch Raccoon Malware Scavenges 100,000+ Devices to Steal Data
Religious Website Data Exposed for Months Ransomware, Mobile Malware Attacks to Surge in 2020
News Wrap: Hotel Robot Hacks, FTC Stalkerware Crackdown 7M Adobe Creative Cloud Users Exposed to Hackers
Cybercriminals Impersonate Russian APT ‘Fancy Bear’ to Launch DDoS Attacks PHP Bug Allows Remote Code-Execution on NGINX Servers
Pwn2Own Expands Into Industrial Control Systems Hacking UniCredit Suffers Third Breach Despite Investing Billions in Cybersecurity
ThreatList: Most Retail Hardware Bug Bounty Flaws Are Critical Country of Georgia Suffers Widespread Cyberattack
Joker’s Stash Drops Largest-Ever Credit Card Cache on Dark Web Facebook Sues NSO Group Over Alleged WhatsApp Hack
City of Johannesburg, on Second Hit, Refuses to Pay Ransom U.S. Universities Get Failing Grades for DMARC Adoption
WhatsApp Spyware Attack: Uncovering NSO Group Activity Insurance Pays Out a Sliver of Norsk Hydro’s Cyberattack Damages
China-Linked Hackers Spy on Texts With MessageTap Malware Calypso APT Emerges from the Shadows to Target Governments
Google Discloses Chrome Flaw Exploited in the Wild News Wrap: APTs, Office 365 Voicemail Phish and Bed Bath & Beyond Breach
Solar, Wind Power Utility Disrupted in Rare Cyberattack BlueKeep Attacks Have Arrived, Are Initially Underwhelming
Critical Remote Code Execution Flaw Found in Open Source rConfig Utility Trump, Putin and Politics Name-Dropped to Peddle Malware
Gamers Hit with Nvidia GPU Driver, GeForce Flaws Amazon Kindle, Embedded Devices Open to Code-Execution
Amazon Fixes Ring Video Doorbell Flaw That Leaked Wi-Fi Credentials News Wrap: Voice Assistant Laser Hack, Twitter Insider Threats, Data Breach Fine Fails
Pwn2Own Tokyo Roundup: Amazon Echo, Routers and Smart TVs Fall to Hackers Understanding the Ripple Effect: Large Enterprise Data Breaches Threaten Everyone
ThreatList: Data Breaches Batter Stock Prices at Public Companies, For Months Magento Warns E-Commerce Sites to Upgrade ASAP to Prevent Attacks
Insider Threats, a Cybercriminal Favorite, Not Easy to Mitigate Innovative PureLocker Ransomware Emerges in Targeted Attacks
ENFUSE 2019: Security Regulations, Insider Threats, and IoT Privacy Risks Threat Actor Impersonates USPS to Deliver Backdoor Malware
Just-Released Checkra1n iPhone Jailbreak Stirs Security Concerns Stealthy Malware Flies Under AV Radar with Advanced Obfuscation
Lizard Squad Threatens UK’s Labour Leader with Cyberattacks Against His Family James Clapper: Lessons Learned in a Post-Snowden World
Tianfu Cup Round-Up: Safari, Chrome, D-Link Routers and Office 365 Successfully Hacked Pipka Card Skimmer Removes Itself After Infecting eCommerce Sites
‘Wildly Different’ Privacy Regulations Causing Compliancy Chaos WhatsApp Remote Code Execution Triggered by Videos
Macy’s Suffers Data Breach by Magecart Cybercriminals ‘Windows Update’ Installs Cyborg Ransomware


US-CERT.GOV

NSA and NCSC Release Joint Advisory on Turla Group Activity FTC Promotes International Charity Fraud Awareness Week
Juniper Networks Releases Junos OS Security Advisory Mozilla Releases Security Updates for Firefox and Firefox ESR
Google Releases Security Updates for Chrome Beware of Stalking Apps
FBI Releases Article on Defending Against E-Skimming IRS Releases Recommendations to Keep Children and Teens Safe Online
EOL D-Link Routers Vulnerable to Remote Command Execution NCSC Releases 2019 Annual Review
FBI Expands Election Security Resources Mozilla Releases Security Update for Thunderbird
ACSC Releases Advisory on Emotet Malware Campaign FTC Provides Tips for Warding Off Hackers
Samba Releases Security Updates Microsoft Reports Global Cyberattacks on Sporting and Anti-Doping Organizations from Russian Espionage Actors
Apple Releases Security Updates MS-ISAC Releases Advisory on PHP Vulnerabilities
MS-ISAC Releases EOS Software Report List North Korean Malicious Cyber Activity
Google Releases Security Updates for Chrome National Critical Infrastructure Security and Resilience Month
CSET Version 9.2 Now Available U.S. Cyber Command Shares Seven New Malware Samples
CISA Launches “Cyber Essentials” for Small Businesses and Small SLTT Governments Cisco Releases Security Updates
Holiday Shopping, Phishing, and Malware Scams Microsoft Releases November 2019 Security Updates
Intel Releases Security Updates Adobe Releases Security Updates
VMware Releases Security Updates NCSC-NZ Releases Annual Cyber Threat Report
Reminder: Malware Can Exploit Improper Configurations Google Releases Security Updates for Chrome
National Tax Security Awareness Week is December 2–6 FTC Provides Tips on Safeguarding Data Before Upgrading Mobile Phones
NSA Releases Cyber Advisory: Managing Risk from Transport Layer Security Inspection