All Recent News


ISACA.ORG

The Bank of Ghana Recommends ISACA Credentials for Cybersecurity Professionals


NIST.GOV

2018 NICE K-12 Cybersecurity Education Conference - Save The Date NICE Webinar: Encouraging Cybersecurity Career Discovery via Career Assessment Tools
Draft Project Description for “Securing Telehealth Remote Patient Monitoring Ecosystem” is Available for Comment NIST has published NIST Interagency Report (NISTIR) 8011 Volume 3, Automation Support for Security Control Assessments: Software Asset Management
NICE Webinar: Computational Thinking and Skills: A Foundation for STEM and Cybersecurity Education NIST Threshold Cryptography Workshop 2019


SecurityWeek.com

Dridex/Locky Operators Unleash New Malware in Recent Attack Trend Micro, Moxa Form New IIoT Security Company
Many ATMs Can be Hacked in Minutes: Report Europol, Diebold Nixdorf to Share Information on Cyber Threats
Does Not Compute: Japan Cyber Security Minister Admits Shunning PCs Suspected Russian Hackers Impersonate State Department Aide
Hackers Earn $1 Million for Zero-Day Exploits at Chinese Competition CVSS Scores Often Misleading for ICS Vulnerabilities: Experts
Singapore Signs Cybersecurity Agreements With US, Canada Iran-Linked Hackers Use Just-in-Time Creation of Weaponized Attack Docs
Microsoft Enhances Windows Defender ATP TP-Link Patches Remote Code Execution Flaws in SOHO Router
Surge in China Theft of Australia Company Secrets: Report TalkTalk Hackers Sentenced to Prison
Attackers Target Drupal Web Servers with Chained Vulnerabilities Flash Player Update Patches Disclosed Code Execution Flaw
Infamous Russian Hacking Group Used New Trojan in Recent Attacks Facebook Increases Rewards for Account Hacking Vulnerabilities
Patches Released for Flaws Affecting Dell EMC, VMware Products US Says China Hacking Increasing Ahead of Trump-Xi Meeting
Researchers Reveal Identity of Hacker Behind Massive Data Breaches Attackers Exploit Recently Patched Popular WordPress Plugin
European Privacy Search Engines Aim to Challenge Google VMware Patches Workstation Flaw Disclosed at Hacking Contest
North Korean Hackers Hit Latin American Banks Attackers Are Landing Email Inboxes Without the Need to Phish
Thai Minister Defends Controversial Cybersecurity Bill US Urging Allies to Shun Huawei: WSJ
Gov Committee Raises Concerns Over UK Critical Infrastructure Security U.S. Postal Service API Flaw Exposes Data of 60 Million Customers
DoS Vulnerabilities Impact Linux Kernel Uber Fined Nearly $1.2 Million by Dutch, UK Over Data Breach
Siemens Warns of Linux, GNU Flaws in Controller Platform Cisco Releases Second Patch for Webex Meetings Vulnerability
Cylance Adds AWS Support to CylancePROTECT Sophisticated '3ve' Ad Fraud Scheme Dismantled, Operators Indicted
Industry Reactions to USPS Exposing User Data Cyber Risk Exchange Startup CyberGRX Raises $30 Million
U.S. Charges Two Iranians Over SamSam Ransomware Attacks Threat Actor Targets Middle East With DNS Redirections
AWS Security Hub Aggregates Alerts From Third-Party Tools Researchers Introduce Smart Greybox Fuzzing
Cisco Patches SQL Injection Flaw in Prime License Manager Colorado Agency Targeted in Nationwide Ransomware Scheme
Zoom Conferencing App Exposes Enterprises to Attacks New PowerShell Backdoor Resembles "MuddyWater" Malware
Mitre Uses ATT&CK Framework to Evaluate Enterprise Security Products Hackers Using NSA Hacking Tools to Build Botnet
NATO Exercises Cyber Defences as Threat Grows Kaspersky's U.S. Government Ban Upheld by Appeals Court
Russian Hackers Use BREXIT Lures in Recent Attacks Lawsuits Filed Against Marriott Over Massive Data Breach
Lenovo Pays $7.3 Million to Settle Superfish Adware Lawsuit Knowing Value of Data Assets is Crucial to Cybersecurity Risk Management
XS-Search Flaw Found in Google's Issue Tracker Flaws in Siglent Oscilloscope Allow Hackers to Tamper With Measurements
Phishing Campaign Delivers FlawedAmmyy, RMS RATs Critical Privilege Escalation Flaw Patched in Kubernetes
Cybersecurity Storms: Visibility is Key to Cyber Protections Australia Set to Pass Sweeping Cyber Laws Despite Tech Giant Fears
House GOP Campaign Arm Targeted by 'Unknown Entity' in 2018 Symantec Unveils USB Scanning Station for ICS, IoT Environments
DHS Says SamSam Ransomware is Targeting Critical Infrastructure Entities Is Malware Heading Towards a WarGames-style AI vs AI Scenario?
Russian Hospital Targeted With Flash Zero-Day After Kerch Incident Ukraine Accuses Russia of Cyberattack on Judiciary Systems
2 Iranian Men Face New Charges Over Atlanta Cyberattack Attorneys General File First Multistate HIPPA-Related Data Breach Lawsuit
UK Spy Agency Joins NSA in Sharing Zero-Day Disclosure Process Australia Passes Cyber Snooping Laws With Global Implications
Google Patches More Than 50 Android Vulnerabilities in December Chinese Government Suspected in Marriott Hack: Report
Apple Patches Tens of Flaws in iOS, macOS, Safari Arrest of Tech Exec Signals Tougher US Stand on China Tech Firms
New Lawsuit Claims Marriott Still Exposes Customer Information North Korea-linked Hackers Target Academic Institutions
Preparing for Tomorrow's Threats Today Vulnerability Exposes Rockwell Controllers to DoS Attacks
DeepPhish Project Shows Malicious AI is Not as Dangerous as Feared Under Fire Huawei Agrees to UK Security Demands: Report
U.K. Teen Responsible for Bomb Threats, DDoS Attacks Sentenced to Prison Australia Anti-Encryption Law Rushed to Passage
Highly Active MuddyWater Hackers Hit 30 Organizations in 2 Months Organizations Still Slow to Detect Breaches: CrowdStrike
Italian Oil Services Company Saipem Hit by Cyberattack Russian Critical Infrastructure Targeted by Profit-Driven Cybercriminals
House Releases Cybersecurity Strategies Report Adobe Patches 87 Vulnerabilities in Acrobat Software
Windows Kernel Vulnerability Exploited in Attacks Windows Zero-Day Exploited by New 'SandCat' Group
Claroty Adds New Capabilities to Industrial Security Platform A New Year's Resolution: Security is Broken…Let's Fix It
SAP Patches Critical Vulnerability in Hybris Commerce Personal Details of 120 Million Brazilians Exposed
U.S. House Report Blasts Equifax Over Poor Security Leading to Massive 2017 Breach Grammarly Launches Public Bug Bounty Program
U.S. Believes Chinese Intelligence Behind Marriott Hack Rhode Island Sues Alphabet Over Google+ Security Incidents
France's Travel Alert Registry Hacked GitLab Launches Public Bug Bounty Program
Several Vulnerabilities Patched With Release of WordPress 5.0.1 "Operation Sharpshooter" Hits Global Defense, Critical Infrastructure Firms
Russia-Linked Phishing Attacks Hit Government Agencies on Four Continents Arctic Wolf Acquires Risk Assessment Firm RootSecure
AP Exclusive: Iran Hackers Hunt Nuke Workers, US Officials Authorities: Wave of Hoax Bomb Threats Made Across US
Siemens Patches Several Critical Flaws in SINUMERIK Controllers Google Unveils New Encryption Features for Android Developers


ThreatPost.com

Lock-Screen Bypass Bug Quietly Patched in Handsets Critical WordPress Flaw Grants Admin Access to Any Registered Site User
Cryptojacking Attack Targets Make-A-Wish Foundation Website VisionDirect Blindsided by Magecart in Data Breach
Critical Adobe Flash Bug Impacts Windows, macOS, Linux and Chrome OS Sofacy APT Takes Aim with Novel ‘Cannon’ Trojan
Podcast: Why ‘Throwing Money’ at Threats Won’t Work Podcast: Breaking Down the Magecart Threat (Part One)
ThreatList: One-Third of Firms Say Their Container Security Lags Old Printer Vulnerabilities Die Hard
Threatpost News Wrap Podcast for Nov. 23 USPS, Amazon Data Leaks Showcase API Weaknesses
Cisco Re-Issues Patch For High-Severity WebEx Flaw ThreatList: Cryptominers Dominate Malware Growth in 2018
Hackers Breach Dunkin’ Donuts Accounts in Credential Stuffing Attack Cisco Patches Critical Bug in License Management Tool
Critical Zoom Flaw Lets Hackers Hijack Conference Meetings 2014 Marriott Data Breach Exposed, 500M Guests Impacted
Podcast: Breaking Down the Magecart Threat (Part Two) Lenovo Ordered to Pay $7.3M in Superfish Fiasco
Lawsuit Claims Pegasus Spyware Helped Saudis Spy on Khashoggi Google Patches 11 Critical RCE Android Vulnerabilities
Adobe Patches Zero-Day Vulnerability in Flash Player Kubernetes Flaw is a “Huge Deal,” Lays Open Cloud Deployments
TA505 Crooks are Now Targeting US Retailers with Personalized Campaigns Australia Anti-Encryption Law Triggers Sweeping Backlash
ThreatList: Gift Card-Themed BEC Holiday Scams Spike Women in Cyber Take the Spotlight
Cobalt Group Pushes Revamped ThreadKit Malware Super Micro Says Its Gear Wasn’t Bugged By Chinese Spies
ThreatList: Holiday Spam, the Perfect Seasonal Gift for Criminals Grammarly Launches Public Bug Bounty Program
Bomb Threat Bitcoin Demands Cause Disruption, Evacuations Logitech Keystroke Injection Flaw Went Unaddressed for Months
Facebook Flaw Exposes Private Photos for 6.8M Users Electric Vehicle Charging Stations Open to IoT Attacks


US-CERT.GOV

Cybersecurity and Infrastructure Security Agency Google Releases Security Updates for Chrome
Holiday Scams and Malware Campaigns Adobe Releases Security Updates
VMware Releases Security Updates Securing Mobile Devices During Holiday Travel
VMware Releases Security Updates Samba Releases Security Updates
3ve – Fraudulent Online Advertising Cisco Releases Security Update
Protecting Against Identity Theft SamSam Ransomware
FTC Issues Alert on Recent Marriott Breach Google Releases Security Updates for Chrome
Apple Releases Multiple Security Updates Adobe Releases Security Updates
Adobe Releases Security Updates Mozilla Releases Security Updates for Firefox
Microsoft Releases December 2018 Security Updates Google Releases Security Updates for Chrome
WordPress Releases Security Update Bomb Threats Emailed Around the World