All Recent News


ISACA.ORG

ISACA’s New Cybersecurity Resources Include Hands-on Training to Mitigate OWASP Top 10 Vulnerabilities


NIST.GOV

NICE Webinar: Tools in the Federal Cybersecurity Workforce Toolbox Workshop on Core IOT Cybersecurity Baseline
NIST Updates SP 800-171 to Help Defend Sensitive Information from Cyberattack  How Talent Management Systems Help You Manage Your Cybersecurity Human Capital
Before Connecting an IoT Device, Check Out a New NIST Report for Cybersecurity Advice


SecurityWeek.com

U.S. Planted Powerful Malware in Russia's Power Grid: Report Investigation and Response is a Team Sport
DHS Issues Alert for Windows 'BlueKeep' Vulnerability Android Apps Target Bitcoin, By-Passing 2FA
Mirai Offspring "Echobot" Uses 26 Different Exploits Florida Effort to Block Election Hacking Gets Extra $2M
Serious Vulnerabilities in Linux Kernel Allow Remote DoS Attacks Russia Says Victim of US Cyberattacks 'for Years'
Cyberattacks Target DNA Sequencing software Critical Flaw Exposes TP-Link Wi-Fi Extenders to Remote Attacks
London Gallery Chief Quits After Israel Spyware Report New Variant of the Houdini Worm Emerges
France SeeksHacker for Trial Over Death Following Prank Firefox Zero-Day Vulnerability Exploited in Targeted Attacks
Oracle Patches Another Remote Code Execution Flaw in WebLogic Google Boosts Chrome Protection Against Deceptive Sites
Cyberespionage Campaign Targets Android Users in Middle East Florida City Pays $600,000 Ransom to Save Computer Records
MongoDB Introduces Client-Side Field Level Encryption to Aid Compliance Critical Vulnerabilities Patched in Cisco SD-WAN, DNA Center Products
Indegy Launches Industrial Cybersecurity-as-a-Service Offering Firefox Zero-Day Exploited to Deliver Malware to Cryptocurrency Exchanges
Russia-Linked Hackers Hijack Infrastructure of Iranian Threat Group Mozilla Patches Second Firefox Zero-Day Used in Cryptocurrency Attacks
Phishing Campaign Impersonates DHS Alerts UK Regulator Calls Out Compliance Failures in Targeted Advertising Industry
Millions of Devices Exposed to Attacks Due to Flaw in PC-Doctor Software New Botnet Exploits Android Debug Bridge and SSH
U.S. Launched Cyber Attacks on Iran After Drone Shootdown: Reports Report: Jet Propulsion Laboratory Hacked for 10 Months
U.S. Struck Iranian Military Computers This Week: AP Sources Mac Malware Delivered via Firefox Exploits Analyzed
Iran Denies Being Hit by US Cyber Attack New Attack Delivers FlawedAmmyy RAT Directly in Memory
Protection Against Side-Channel Attacks Added to OpenSSH Flaw in Outlook for Android Allows for Data Theft
VideoLAN Patches Critical Vulnerability in VLC Media Player Flaws in Phoenix Contact Automationworx Allow Code Execution via Malicious Files
LokiBot and NanoCore Malware Distributed in ISO Image Files ABB Patches Many Vulnerabilities in HMI Products
Telcos Pwned: Multi-Wave Attacks Stealing 'Obscene Amount of Data' From Providers Hackers Favoring Shimmers Over Skimmers for ATM Attacks
AWS Announces General Availability of Security Hub Senate Report Shows Decade-Long Failure of Gov Agencies to Protect Personal Data
EA Games Login Flaw Exposed Accounts of 300 Million Gamers Presidential Phone Alerts Can Be Spoofed, Researchers Say
Vulnerability Remediation Firm Vulcan Cyber Raises $10 Million US Cyber Attack on Iran Shrouded in Digital 'Fog of War'
French Consumer Group Launches Class Action Against Google Critical Flaws Found in Cisco Data Center Network Manager
Chrome OS 75 Adds More Mitigations for Intel MDS Flaws Hackers Steal Millions from Cryptocurrency Exchange Bitrue
2nd Florida City Pays Hackers, as 3rd City Faces Breach ENISA Transforms to European Union Agency for Cybersecurity
Iranian Cyberspies Update Infrastructure Following Recent Report Many Potential Backdoors Found in Huawei Equipment: Study
US Cyber Attack on Iran: Search to Exploit Flaw Russian Tech Giant Yandex Targeted With 'Regin' Malware: Report
Baltimore Approves $10M in Funding for Cyber Attack Relief Industry Reactions to Nation-State Hacking of Global Telcos
New Spelevo Exploit Kit Spreads via B2B Website Italy Fines Facebook Over Cambridge Analytica Case
Some Medtronic Insulin Pumps Vulnerable to Hacker Attacks Trump Hints at Softer Stance on China's Huawei
Cyber Deception Company TrapX Raises $18 Million Threat Actor Poisons OpenPGP Certificates
Risk-Based Vulnerability Management is a Must for Security & Compliance Smart Home Hacked via Vulnerabilities, Social Engineering
Hardcoded Credentials Expose SICK Controllers to Remote Attacks Researchers Analyze Vietnamese Hackers' Suite of RATs
Cyberattack Forces Georgia Agency to Shut Down Websites Google Patches Critical Code Execution Bugs in Android Media Framework
Defending Downwind as the Cyberwar Heats up Threat Actor Targets Libyans with Malware via Facebook
Americans Want to Protect Their Information, but Don't Know How: Survey U.S. Cyber Command Warns of Outlook Flaw Exploited by Iranian Hackers
Many VMware Products Affected by SACK Linux Vulnerabilities Nexus Repository Flaws Expose Thousands of Private Artifacts
Eight Arrested Over Cyberattacks Against Hong Kong Police Broadcom in Talks to Acquire Symantec in $15 Billion Deal: Reports
Dridex Operators Use New Trojan Downloader Multiple Chinese Groups Share the Same RTF Weaponizer
Georgia Failed to Subpoena Image of Wiped Elections Server Magento Patches Flaws Leading to Site Takeover
Hacker Who Disrupted Sony Gaming Firm Gets Federal Prison Cryptomining Campaign Targets Linux Servers with Go Malware
Eurofins Scientific Paid Up in Response to Ransomware Attack: Report Maryland Department of Labor Announces Data Breach
Iran-Linked Malware Shared by USCYBERCOM First Seen in December 2016: Kaspersky U.S. Coast Guard Issues Cybersecurity Warnings for Commercial Vessels
Indiana County Disabled by Malware Attack Several Siemens Devices Affected by Intel MDS Vulnerabilities
Adobe Fixes Low Priority Flaws With July 2019 Patch Tuesday Updates UK Spy Agency Decrypts Some Secrets With New Exhibition
Vulnerability Gives Attackers Remote Access to Zoom Users’ Cameras Two Windows Privilege Escalation Vulnerabilities Exploited in Attacks
GE Says Anesthesia Machine Vulnerability Poses No Risk to Patients Flaw in Rockwell PanelView Allows Root-Level Access to Devices
Sea Turtle's DNS Hijacking Continues Despite Exposure Intel Patches Serious Vulnerability in Processor Diagnostic Tool
Buhtrap Group Used Windows Zero-Day in Government Attack SAP Patches Critical Flaw in Diagnostics Agent
State of the Industry: Interoperability and Putting Security First Flaw in Walkie-Talkie App on Apple Watch Allows Spying
Incident Response is Changing, Here’s Why and How FIRST Announces CVSS Version 3.1
Bipartisan Legislation to Require DHS Alerts on Election Hacking Adoption of AI-enhanced Cybersecurity is Growing Rapidly: Report
Magecart Hackers Infect 17,000 Domains via Insecure S3 Buckets $5 Billion US Fine Set for Facebook on Privacy Probe: Report
Huawei Planning Major Job Cuts in US: WSJ Hackers Can Manipulate Media Files Transferred via WhatsApp, Telegram
Instagram Account Takeover Vulnerability Earns Hacker $30,000 Indiana County Pays $130,000 in Response to Ransomware Attack: Reports
Clemson and Other Universities Work to Improve Cybersecurity Forked Version of BitPaymer Ransomware Emerges
Tesla Awards Researcher $10,000 After Finding XSS Vulnerability Failures in Cybersecurity Fundamentals Still Primary Cause of Compromise: Report
Symantec Shares Plunge After Reports of Broadcom Deal Stall Russia-linked Hackers Use New Trojans in Recent Attacks
Thousands of Legacy Lenovo Storage Devices Exposed Millions of Files Bulgaria Probes Russia-Linked Leak of Taxpayer Data
Cyberattacks Inflict Deep Harm at Technology-Rich Schools Boost Infrastructure Immunity Against the Ransomware Epidemic
Hackers Access Sprint Accounts via Samsung Website SWEED Hackers Target Manufacturing, Logistics Organizations
Oracle's July 2019 CPU Includes 319 Fixes Bulgarian IT Specialist Held Over Taxpayer Data Hack
BMC Firmware Vulnerabilities Affect Lenovo, Gigabyte Servers SLUB Backdoor Spreads via Newly Patched Vulnerability
EvilGnome Malware Helps Hackers Spy on Linux Users


ThreatPost.com

A Spate of University Breaches Highlight Email Threats in Higher Ed Irked Researcher Discloses Facebook WordPress Plugin Flaws
Linux Kernel Bug Knocks PCs, IoT Gadgets and More Offline Consumers Urged to Junk Insecure IoT Devices
Mozilla Patches Firefox Critical Flaw Under Active Attack EatStreet Hackers Chow Down on Diner Data
Oracle Warns of New Actively-Exploited WebLogic Flaw Feds: Cyberattack on NASA’s JPL Threatened Mission-Control Data
Cisco DNA Center Critical Flaw Opens Access to Internal Servers Tor Browser Issues Update for Critical System Takeover Flaw
Post-Ransomware Attack, Florida City Pays $600K Millions of Dell PCs Vulnerable to Flaw in Third-Party Component
Mozilla Fixes Second Actively-Exploited Firefox Flaw Podcast: Dating App Privacy and NASA Cyberattack
Microsoft Outlook for Android Open to XSS Attacks Iran Targeting U.S. With Destructive Wipers, Warns DHS
Facebook Faces Lawsuit Over Massive 2018 Data Breach Newly-Discovered Malware Targets Unpatched MacOS Flaw
Second Florida City Pays Hackers $500k Post-Ransomware Attack EA Games Patches Account-Hijacking Bug
Iran-linked APT33 Shakes Up Cyberespionage Tactics Cisco Warns of Critical Flaws in Data Center Network Manager
Thousands of IoT Devices Bricked By Silex Malware Scammers Prey on Instagram Vanity and ‘Verified Account’ Status
FDA Warns of Potentially Fatal Flaws in Medtronic Insulin Pumps Google July Android Security Bulletin Fixes 3 Critical RCE Bugs
IBM Patches Critical, High-Severity Flaws in Spectrum Protect Apple Transparency Report Now Includes App Store Takedown Requests
WordPress Plugin WP Statistics Patches XSS Flaw Zoom Zero-Day Bug Opens Mac Users to Webcam Hijacking
Microsoft Patches A Pair of Zero-Days Under Active Attack Intel Patches High-Severity Flaw in Processor Diagnostic Tool
Zoom Pushes Emergency Patch for Webcam Hijack Flaw Bug in Anesthesia Respirators Allows Cyber-Tampering
Implementing Bug Bounty Programs: The Right and Wrong Approaches Apple Disables Walkie-Talkie App Due to Eavesdropping Flaw
Google Home Silently Captures Recordings of Domestic Violence and More Hacked Hair Straighteners Can Threaten Homes
Heather Mills Gets An Apology and ‘Substantial’ Settlement in Spyware Case Exploring the Top 15 Most Common Vulnerabilities with HackerOne and GitHub
Threatlist: 68% of Overwhelmed IT Managers Can’t Keep Up with Cyberattacks Why Cities Are a Low-Hanging Fruit For Ransomware
The Future is Female: A Key to the Cybersecurity Workforce Challenge LenovoEMC Storage Gear Leaks Sensitive Financial Data


US-CERT.GOV

Mozilla Releases Security Updates for Firefox and Firefox ESR DHS Email Phishing Scam
Samba Releases Security Updates Oracle Releases Security Advisory for WebLogic
Cisco Releases Security Updates for Multiple Products ISC Releases BIND Security Updates
Mozilla Releases Security Updates for Firefox and Firefox ESR Microsoft Releases Outlook for Android Security Update
Multiple Vulnerabilities Affecting Linux, FreeBSD Kernels Apple Releases Security Updates for AirPort 802.11n Wi-Fi Base Stations
Apache Releases Security Advisory for Apache Tomcat Dell Releases Security Advisory for Dell SupportAssist
CISA Statement on Iranian Cybersecurity Threats Cisco Releases Security Updates for Multiple Products
ISC Releases BIND Security Updates Mozilla Releases Security Updates for Firefox, Thunderbird
Microsoft Releases Outlook for Android Security Update Multiple Vulnerabilities Affecting Linux, FreeBSD Kernels
Apache Releases Security Advisory for Apache Tomcat Dell Releases Security Advisory for Dell SupportAssist
CISA Statement on Iranian Cybersecurity Threats NIST Releases Report on Managing IoT Risks
Google Releases Security Updates for Chrome OS Cisco Releases Security Updates for Multiple Products
ACSC Releases Updated Essential Eight Maturity Model U.S. Coast Guard Releases Cybersecurity Measures for Commercial Vessels
Adobe Releases Security Updates Mozilla Releases Security Updates for Firefox and Firefox ESR
Intel Releases Security Updates Microsoft Releases July 2019 Security Updates
Atlassian Releases Security Updates for Jira NCSC Releases Advisory on Ongoing DNS Hijacking Campaign
Google Releases Security Updates for Chrome IRS Releases Six Cybersecurity Safeguards
DHS Webinar: Cybersecurity Threats to the Healthcare Sector Oracle Releases July 2019 Security Bulletin
Microsoft Releases Security Updates for PowerShell Core NCSC Releases 2019 Active Cyber Defence Report