All Recent News


ISACA.ORG

Cybersecurity, Privacy and a Host of Technologies Challenge Audit in the Enterprise


NIST.GOV

NCSI Seminar: Transforming Science through Cyberinfrastructure: NSCI and NSF’s Vision for a National Cyberinfrastructure Ecosystem NIST Links Federal Encryption Testing to International Standard for First Time 
Executive Order on America’s Cybersecurity Workforce Call for new National Cybersecurity Career Awareness Week Commitments NOW OPEN—November 11-16, 2019
NICE Webinar: Presidential Executive Order on America’s Cybersecurity Workforce - Enhancing Workforce Mobility and Supporting the Development of Cybersecurity Skills NICE Webinar: Tools in the Federal Cybersecurity Workforce Toolbox


SecurityWeek.com

Amnesty Says Hong Kong Office Hit by China-linked Cyber Attack Oracle, Gemalto Downplay Java Card Vulnerabilities
Special-Purpose Vehicle Maker Aebi Schmidt Hit by Malware Leaked Carbanak Source Code Reveals No New Exploits
Cybercriminals Using GitHub to Host Phishing Kits Reports Huawei to Supply UK Networks Draw Criticism
Cisco Finds Serious Flaws in Sierra Wireless AirLink Devices P2P Flaws Expose Millions of IoT Devices to Remote Attacks
AESDDoS Botnet Targets Vulnerability in Atlassian’s Confluence Server Slack Lists Cybersecurity Risks Ahead of Going Public
A Crash-Course in Card Shops Oracle Patches WebLogic Zero-Day Exploited in Attacks
GDPR Conformance Does Not Excuse Companies from Vicarious Liability Norsk Hydro Says Cyber Attack Cost It Around $50 Mln
Vodafone Identified Huawei Security Flaw Decade Ago Dutch Warn of 'Worrying' Russian, Chinese Cyber-Spying
Local Credit Union Sues Fiserv Over 'Amateurish Security Lapses' New Sodinokibi Ransomware Delivered via Oracle WebLogic Flaw
DHS Orders Agencies to Patch Critical Flaws Within 15 Days Two Vulnerabilities Expose Rockwell Controllers to DoS Attacks
Muhstik Botnet Exploits Recent Oracle WebLogic Vulnerability Kaspersky Analyzes Hacking Group's Homegrown Attack Tools
Hackers Had Access to Citrix Network for Five Months Many Vulnerabilities Found in Wireless Presentation Devices
You Want to Automate Your Security Architecture - Now What? Xinjiang Surveillance App Targets Legal, Everyday Behaviour: Rights Group
Cisco Patches Critical Vulnerability in Data Center Switches PoC Exploits for Old SAP Configuration Flaws Increase Risk of Attacks
Dell Patches Remote Code Execution Vulnerability in SupportAssist Client DoS Attack Blamed for U.S. Grid Disruptions: Report
TSA Lacks Cybersecurity Expertise to Manage Pipeline Security Program: Report Trump Signs Executive Order to Bolster Cybersecurity Workforce
Level the Security Operations Playing Field With MITRE ATT&CK Vulnerabilities Found in Over 100 Jenkins Plugins
Mozilla Bans Firefox Extensions Containing Obfuscated Code 2020 Campaign Staffers Being Trained to Handle Cyber Threats
Hundreds of Git Repositories Held for Ransom European, US Investigators Make Major Darknet Bust
Magecart Skimming Attack Hits Hundreds of Campus e-Commerce Sites Why Every Organization Needs to Rethink Workload Protection
Israel Bombs Hamas Cyber HQ in Response to Cyberattack Industry Reactions to Cybersecurity Workforce Executive Order
Several Vulnerabilities Found in GE Power Meter Software PrinterLogic Vulnerability Allows Remote Code Execution
Chinese Hackers Used NSA Tool a Year Before Shadow Brokers Leak Proofpoint to Acquire Meta Networks for $120 Million
Turla Uses Sophisticated Backdoor to Hijack Exchange Mail Servers How the Life of a Security Threat Can Inform Your Defense Strategy
Microsoft Launches New Solutions to Protect Elections From Hacking NIST Working on Industrial IoT Security Guide for Energy Companies
Verizon Publishes 2019 Data Breach Investigations Report (DBIR) Cyberattack Cripples Baltimore's Government Computer Servers
Hackers Steal $40 Million in Bitcoin From Cryptocurrency Exchange Binance Orange Acquires Cybersecurity Firm SecureLink
Jenkins Vulnerability Exploited to Deliver 'Kerberods' Malware Google Patches Remotely Exploitable Vulnerabilities in Android
Cybercriminals Unleash MegaCortex Ransomware in Global Attack Campaign IT Specialist Convicted on Cyber Hacking Charges Sentenced
Phar Vulnerabilities Patched in Drupal, TYPO3 Ex-Intelligence Analyst Charged With Leaks to Reporter
U.S. Government Details ELECTRICFISH Malware Used by North Korea Russian Hackers Claim Breach of Three U.S. Anti-Virus Companies
U.S. Charges Chinese Hackers Over Massive 2015 Anthem Breach Nigerian Cybercrime 'Group' Has 400 Malicious Actors
Over 100 Flaws Expose Buildings to Hacker Attacks Microsoft SharePoint Vulnerability Exploited in the Wild
NVIDIA Patches High Severity Bugs in GPU Display Driver Remote Code Execution Flaw Found in Kaspersky Products
North Korea-Linked 'ScarCruft' Adds Bluetooth Harvester to Toolkit An Ode to CISOs: How Real-World Risks Became Cyber Threats
Website Infections Holding Steady at 1%, But Attacks Becoming Stealthier: Report New Bill Proposes Cybersecurity Training for U.S. House Members
Facebook Patches WhatsApp Flaw Exploited to Spy on Users Report Links Vast Online Disinformation Campaign to Iran
Hackers Add Security Software Removal to Banload Banking Malware Siemens Addresses Vulnerabilities in LOGO, SINAMICS Products
Remote Code Execution Vulnerability Impacts SQLite Apple Patches 21 Vulnerabilities in WebKit
What Deep Learning Means for CyberSecurity Adobe Patches Over 80 Vulnerabilities in Acrobat Products
New Class of Vulnerabilities Leak Data From Intel Chips ZombieLoad: New Class of Vulnerabilities Leak Data From Intel Chips
Microsoft Patches RDS Vulnerability Allowing WannaCry-Like Attacks Intel MDS Vulnerabilities: What You Need to Know
Israel Spyware Firm NSO Operates in Shadowy Cyber World The Shortcomings of Network Monitoring in Fighting ICS Threats
Hackers Exploit ASUS Update Process to Install Backdoor Researchers Link Disparate Chinese Hacking Groups
Google's Titan Security Keys Vulnerable to Bluetooth Attacks Red Cross Website Hacked in Latest Singapore Cyber Attack
Google Starts Tracking Zero-Days Exploited in the Wild Business Email Compromise Still Reigns
Dutch Probe China's Huawei for Possible Spying: Report Cisco Patches Critical Vulnerabilities in Prime Infrastructure (PI) Software
Authorities Takedown GozNym Cybercrime Group That Stole an Estimated $100 Million Wormable Windows RDS Vulnerability Poses Serious Risk to ICS
Tenable Updates Free Vulnerability Assessment Solution Slack Flaw Allows Hackers to Steal, Manipulate Downloads
User Data Exposed in Stack Overflow Hack How to Evaluate Threat Intelligence Vendors That Cover the Deep & Dark Web
TeamViewer Confirms It Was Hacked in 2016 Linux Kernel Privilege Escalation Vulnerability Found in RDS Over TCP
DHS Highlights Common Security Oversights by Office 365 Customers Industrial Robotics - Are You Increasing Your Cybersecurity Risk?
US Warns Chinese Drones May Steal Data: Report Poor Security Hygiene Found Across Almost All Political Parties in US, Europe
Satan Ransomware Expands Portfolio of Exploits Researcher Drops Windows 10 Zero-Day Exploit
EU Adopts Powers to Respond to Cyberattacks Hunters.AI Emerges From Stealth With $5.4M in Seed Funding
Flaw Exposes Mitsubishi PLCs to Remote DoS Attacks Magecart Skimmer Poses as Payment Service Provider
Critical Vulnerabilities Plague South Korean ActiveX Controls Amazon Shareholders Support Selling Face Recognition Tech to Police
UK Has Warned 16 NATO Allies of Russia Hacking Attempts: Foreign Minister 5 Things Every SMB Should Know to Strengthen Defenses
Moody's Downgrades Equifax Outlook to Negative Over 2017 Data Breach PoC Exploits Created for Wormable Windows RDS Flaw
NATO Warns Russia of 'Full Range' of Responses to Cyberattack Siemens Teams With Chronicle on Cybersecurity Solutions for Energy Industry
Researcher Drops 3 Separate 0-Day Windows Exploits in 24 Hours US Officials Say Foreign Election Hacking Is Inevitable
The Intelligent SOC Can be a Reality Today New York Department of Financial Services Launches Cybersecurity Unit
One Year on, EU's GDPR Sets Global Standard for Data Protection


ThreatPost.com

Qualcomm Critical Flaw Exposes Private Keys For Android Devices Facial Recognition ‘Consent’ Doesn’t Exist, Threatpost Poll Finds
Critical Flaws in Sierra Wireless 5G Gateway Allow RCE, Command Injection News Wrap: Amazon Echo Privacy, Facebook FTC Fines and Biometrics Regulation
Users Urged to Disable WordPress Plugin After Unpatched Flaw Disclosed New ‘Sodinokibi’ Ransomware Exploits Critical Oracle WebLogic Flaw
Muhstik Botnet Variant Targets Just-Patched Oracle WebLogic Flaw DHS Shortens Deadline For Gov Agencies to Fix Critical Flaws
Ad Server Patched to Stop Possible Malware Distribution Cisco Warns of Critical Nexus 9000 Data Center Flaw
Dell Security Support Tool Harbors High-Severity Flaws D-Link Cloud Camera Flaw Gives Hackers Access to Video Stream
Critical Flaws Found in Eight Wireless Presentation Systems Multiple Sierra Wireless AirLink Routers Open to Remote Code Execution
News Wrap: Cartoon Network Hack, the Catholic Church and Jason Statham Scams Researchers Weigh in on Trump’s Cyber Workforce Executive Order
Amid Bug Bounty Hype, Sometimes Security is Left in the Dust Tor Security Add-On Abruptly Killed by Mozilla Bug
High-Severity PrinterLogic Flaws Enable Remote Code Execution WP Live Chat WordPress Plugin Re-Patches File Upload Flaw
Chinese Spies Stole NSA Cyberweapons Long Before Shadow Brokers Leak Critical Flaw in Cisco Elastic Services Controller Allows Full System Takeover
Cynet Provides Security Responders with Free IR Tool to Validate and Respond to Active Threats Top 5 Configuration Mistakes That Create Field Days for Hackers
Verizon Data Breach Report: Espionage, C-Suite and Cloud Attacks on the Rise Google Patches Critical Remote Code-Execution Flaws in Android
Serious Phar Flaw Allows Arbitrary Code Execution on Drupal Alpine Linux Docker Images Shipped for 3 Years with Root Accounts Unlocked
Hackers Take Over IoT Devices to ‘Click’ on Ads Chinese Hackers Behind 2015 Anthem Data Breach Indicted
ThreatList: Nigerian Cybercrime Surged 54 Percent in 2018 Nvidia Warns Windows Gamers on GPU Driver Flaws
News Wrap: Facebook Regulation, Verizon DBIR, Hidden Airbnb Cameras ThreatList: Top 5 Most Dangerous Attachment Types
WhatsApp Zero-Day Exploited in Targeted Spyware Attacks Linux Kernel Flaw Allows Remote Code-Execution
Adobe Addresses Critical Adobe Flash Player, Acrobat Reader Flaws Microsoft Patches Zero-Day Bug Under Active Attack
Intel ZombieLoad Side-Channel Attack: 10 Takeaways Cybercrime Gang Behind GozNym Banking Malware Dismantled
Mobile Risks Boom in a Post-Perimeter World News Wrap: WhatsApp, Microsoft, Intel and Cisco Flaws
Ransomware ‘Remediation’ Firm Exposed: Researchers Weigh in on Paying WordPress WP Live Chat Support Plugin Fixes XSS Flaw
ZombieLoad: How Intel’s Latest Side Channel Bug Was Discovered and Disclosed Behind the Naming of ZombieLoad and Other Intel Spectre-Like Flaws
Sharing Threat Intelligence: Time for an Overhaul HCL Exposes Customer, Personnel Info in Wide-Ranging Data Leak
Cisco Starts Patching Firmware Bug; Millions of Devices Still Vulnerable Data Security in the Cloud: How to Lock Down the Next-Gen Perimeter
Intel Fixes Critical, High-Severity Flaws Across Several Products Mozilla Tackles Two Critical Flaws with Firefox 67 Release
Critical Flaws in Khan Academy Opened Door to Account Takeovers WannaCry-Infested Laptop Starts at $1.13M in Art Auction
News Wrap: Which Companies Are Doing Privacy Right and Which Aren’t? Joomla and WordPress Found Harboring Malicious Redirect Code
Snapchat Privacy Blunder Piques Concerns About Insider Threats


US-CERT.GOV

ICS Releases BIND Security Updates FTC Releases Article on Keeping Children Safe Online
Oracle Releases Security Alert CISA Releases Binding Operational Directive on Vulnerability Remediation
Google Releases Security Updates for Chrome Cisco Releases Security Updates
PrinterLogic Print Management Software Vulnerabilities Cisco Releases Security Update for Elastic Services Controller
Drupal Releases Security Update North Korean Malicious Cyber Activity
Cisco Releases Security Updates Apple Releases Multiple Security Updates
Facebook Releases Security Advisory for WhatsApp Samba Releases Security Updates
Intel Releases Security Updates, Mitigations for Multiple Products Microsoft Releases May 2019 Security Updates
Adobe Releases Security Updates VMware Releases Security Updates
Cisco Releases Security Updates for Multiple Products Microsoft Releases Security Updates to Address Remote Code Execution Vulnerability
Staying Cyber Safe During Memorial Day Mozilla Releases Security Updates for Firefox
Privacy Awareness Week Tips for a Cyber Safe Vacation