All Recent News


ISACA.ORG

ISACA Introduces Accelerated Path to the CSX Cybersecurity Practitioner Certification ISACA’s State of Cybersecurity 2019 Survey: Retaining Qualified Cybersecurity Professionals Increasingly Challenging for Organizations
ISACA Honored As Most Important Non-Profit Shaping Cybersecurity Industry At SC Media 30th Anniversary Awards


NIST.GOV

NIST Threshold Cryptography Workshop 2019 NIST Threshold Cryptography Workshop 2019
D.C. Area Crypto Day - Spring 2019 Live Webinar: Considerations for a Core IoT Cybersecurity Capabilities Baseline
NICE Webinar: Women in Cybersecurity: Finding, Attracting and Cultivating Talent Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography: NIST SP 800-56B Rev. 2


SecurityWeek.com

Supply Chain Attacks Nearly Doubled in 2018: Symantec Rockwell Automation to Patch Publicly Disclosed Power Monitor Flaws
Cyber and Physical Convergence Opens Doors for Attackers: Report Microsoft Says Russian Hackers Targeted Democratic Institutions in Europe
Armorblox Emerges From Stealth With Natural Language Understanding Platform Kaspersky Lab Launches New Threat Intelligence Tool
As US Pushes to Ban Huawei, UK Considers Softer Approach Online ATM-style Scam Puts Shoppers at Risk: Symantec
Firms Moving Sensitive Data to Cloud, But Security Still a Problem: Oracle WinPot ATM Malware Resembles a Slot Machine
Critical Drupal Vulnerability Allows Remote Code Execution WinRAR Vulnerability Exposes Millions of Users to Attacks
Roger Stone Allegedly Communicated With Mysterious Hacker Guccifer 2.0 Adobe Releases Second Patch for Data Leakage Flaw in Reader
Cisco Patches High Severity Flaws in HyperFlex, Prime Infrastructure Researcher Earns $10,000 for Another XSS Flaw in Yahoo Mail
Cybercriminals Promise Millions to Skilled Black Hats: Report Warning Issued Over Attacks on Internet Infrastructure
Report: Apps Give Facebook Sensitive Health and Other Data New Service From Cisco's Duo Labs Analyzes Chrome Extensions
European Telecommunications Standards Institute Publishes New IoT Security Standard Serious Flaws in WibuKey DRM Impact Siemens Products
China's Telecom Dominance a Security Challenge: UK's GCHQ Hackers Can Plant Backdoors on Bare Metal Cloud Servers: Researchers
Drupal RCE Flaw Exploited in Attacks Days After Patch Backdoor Targets U.S. Companies via LinkedIn
Why Not Always Multi-Factor Authentication? Hackers Exploit WinRAR Vulnerability to Deliver Malware
NVIDIA Patches High Risk Vulnerabilities in GPU Display Drivers New Attacks Show Signed PDF Documents Cannot Be Trusted
Russia's Ex-Cybersecurity Chief Gets 22-Year Sentence in Jail 'Thunderclap' Flaws Expose Computers to Attacks via Peripheral Devices
The Time is Now to Secure for 5G Chrome Zero-Day Exploited to Harvest User Data via PDF Files
Intel SGX Card Extends Memory Protections to Existing Cloud Servers Microsoft Unveils New Azure, Windows Defender ATP Tools
Break the Daily Routine with Prioritization and Focus Lawyer: Russian Cybercrime Suspect on Hunger Strike
UN Aviation Agency Concealed Serious Hack: Media Ireland's Data Protection Commission Reports Multiple GDPR Investigations on Tech Giants
China's APT27 Hackers Use Array of Tools in Recent Attacks Magecart Hackers Change Tactics Following Public Exposure
Cisco Patches Critical Vulnerability in Wireless Routers Cobalt Strike Bug Exposes Attacker Servers
Two White Hats Earn Over $1 Million via Bug Bounty Programs Adobe Patches ColdFusion Vulnerability Exploited in the Wild
Data Breach Cost Marriott $28 Million So Far Better Security Not Sole Factor for Improved Breach Detection Times: FireEye
Eyeing Russia, EU Girds for Cyberthreats to Parliament Vote Tripwire Launches Industrial Cybersecurity Assessment Service
Security Shifts Left to be Part of Software Development Best Practice: Report State-Sponsored Hackers Supporting China’s Naval Modernization Efforts: Report
New VMware Firewall Focuses on Known Good Behavior Comcast Acquires AI Cybersecurity Firm BluVector
Iran-Linked Hackers Use Python-Based Backdoor in Recent Attacks Huawei Opens Brussels Security Lab in Bid to Reassure EU
Rush Health System Reports Data Breach Affecting 45,000 Rockwell Automation Patches Critical DoS/RCE Flaw in RSLinx Software
NTT Acquires WhiteHat Security Secureworks Launches Orchestration and Automation Solution
Massive Singapore Healthcare Breach Linked to 'Whitefly' Cyberspy Group Google Patches Actively Exploited Chrome Vulnerability
New CyberArk Solution Secures AWS Accounts Fortanix Releases Open Source SDK for Intel SGX Enclaves
Cybersecurity Startup PolySwarm Launches Malware Detection Marketplace Iranian Hackers Caused Losses in Hundreds of Millions: Report
Several Industrial Automation Products Affected by WibuKey DRM Flaws Cisco Patches Two Dozen Serious Flaws in Nexus Switches
Hungarian Judge OKs Extradition of Portuguese Hacker Organizations Not Positioned for Success in Tackling Cyber Demands: Deloitte
Zerodium Offers $500,000 for VMware ESXi, Microsoft Hyper-V Exploits Google Discloses Actively Exploited Windows Vulnerability
Flaws in Smart Alarms Exposed Millions of Cars to Dangerous Hacking Flaws in Smart Alarms Exposed Millions of Cars to Dangerous Hacking
Venezuela's Maduro Says Cyber Attack Prevented Power Restoration Attack on Software Giant Citrix Attributed to Iranian Hackers
Many Vulnerabilities Discovered in Moxa Industrial Switches Google Launches New Cloud Security Services
Research Firm Offers $3 Million for iOS, Android 0-Days GIF Attack on Facebook Messenger Earned Hacker $10,000
Equifax Was Aware of Cybersecurity Weaknesses for Years, Senate Report Says NASA's Cybersecurity Program Gets Failing Grade
Adobe Patches Flaws in Sandbox, Photoshop, Digital Editions Ten Principles for a New Approach to Regulating the Internet
Germany to Consult US Over Huawei Security Fears: Merkel Senators Reintroduce IoT Cybersecurity Improvement Bill
Microsoft Patches Two Windows Flaws Exploited in Targeted Attacks Venezuelan 'Cyber-Attack' Possible But Unlikely, Experts Say
Windows Zero-Day Exploited by FruityArmor, SandCat Threat Groups GDPR - Improving Data Privacy and Cyber Resilience?
Serious Crypto Flaw Affects Swiss, Australian E-Voting Systems Multiple Security Flaws Discovered in Visitor Management Systems
Facebook Faces Criminal Probe of Data Deals: Report Many Security Apps on Google Play Inefficient, Fake: Study
Default Account in Cisco CSPC Allows Unauthorized Access US Warns of Sophisticated Cyberattacks From Russia, China
U.S. Senators Want Transparency on Senate Cyberattacks Code Execution Flaw Found in Sonatype Nexus Repository Manager
WordPress 5.1.1 Patches Remote Code Execution Vulnerability Details of Actively Exploited Windows Flaw Made Public
Leading Israeli Candidate for PM Targeted by Iranian Hackers Recently Patched WinRAR Flaw Exploited in APT Attacks
Hackers Bypass MFA on Cloud Accounts via IMAP Protocol Ukraine Ready to Take on Russian Election Hackers
Dragos Acquires NexDefense, Releases Free ICS Assessment Tools Beto O'Rourke 'Mortified' Over Articles Written as Teen Member of Cult of the Dead Cow Hacker Group
Australia's Intelligence Agency Publishes its Vulnerability Disclosure Process Not All Context in Threat Intelligence is Created Equal
EU Adopts New Response Protocol for Major Cyberattacks 'Shameless' Scammers Seek to Cash in on Christchurch Massacre
Slack Introduces Enterprise Key Management Tool Norway's Norsk Hydro Hit by 'Extensive' Cyberattack
Aluminum Giant Norsk Hydro Hit by Ransomware Microsoft Dominates 2018's Most Exploited Vulnerabilities
Industrial Cybersecurity Firm Nozomi Launches Research Department Kaspersky Files Complaint Against Apple Over App Store Policy
Webinar Today: Managing Cyber Threats in the Era of Industry 4.0 Norsk Hydro Restoring Systems, But Not Paying Ransom
European Government Websites Are Delivering Tracking Cookies to Visitors Google Photos Flaw Allowed Hackers to Track Users
Vulnerability in NSA's Reverse Engineering Tool Allows Remote Code Execution Authentication Bypass Vulnerability Found in SoftNAS Cloud
Multiple Vulnerabilities Fixed in CUJO Smart Firewall Windows Hello Support Added to Firefox 66
Schneider Electric Working on Patch for Flaw in Triconex TriStation Emulator Many Vulnerabilities Found in Oracle's Java Card Technology
Securing Industrial IoT in the Modern World FIN7 Hackers Use New Malware in Recent Attacks
Facebook Pays Big Bounty for DoS Flaw in Fizz TLS Library Multiple Vulnerabilities Patched in PuTTY and LibSSH2
How Three of 2018's Critical Threats Used Email to Execute Attacks Threat Hunting Tips to Improve Security Operations
Researchers Earn $270,000 for Firefox, Edge Hacks at Pwn2Own 2019 Observations From RSA Conference 2019
Microsoft Launches Defender ATP Endpoint Security for macOS Russian Hackers Target European Governments Ahead of Elections: FireEye


ThreatPost.com

Microsoft: Russia’s Fancy Bear Working to Influence EU Elections GitHub Increases Rewards, Scope For Bug-Bounty Program
Password Manager Firms Blast Back at ‘Leaky Password’ Revelations Researcher: Not Hard for a Hacker to Capsize a Ship at Sea
19-Year-Old WinRAR Flaw Plagues 500 Million Users Highly Critical Drupal RCE Flaw Affects Millions of Websites
Adobe Re-Patches Critical Acrobat Reader Flaw ThreatList: Porn-Focused Malware Triples, Dark Web Loves It
Threatpost Poll: Are Password Managers Too Risky? Threatpost News Wrap Podcast For Feb. 22
Video: HackerOne CEO on the Evolving Bug Bounty Landscape ToRPEDO Privacy Attack on 4G/5G Networks Affects All U.S. Carriers
Threatpost Data: Password Managers Are Worth the Risk, Readers Say Critical WinRAR Flaw Found Actively Being Exploited
High-Severity SHAREit App Flaws Open Files for the Taking ‘Cloudborne’ IaaS Attack Allows Persistent Backdoors in the Cloud
Bronze Union APT Updates Remote Access Trojans in Fresh Wave of Attacks Thunderclap Flaws Shatter Peripheral Security
Cisco Patches High-Severity Webex Vulnerability For Third Time Ring Doorbell Flaw Opens Door to Spying
Cisco Fixes Critical Flaw in Wireless VPN, Firewall Routers Podcast: RSA Conference 2019 Preview
Adobe Patches Critical ColdFusion Vulnerability With Active Exploit RSAC 2019: An Antidote for Tech Gone Wrong
RSAC 2019: 58% of Orgs Have Unfilled Cyber Positions Project Zero Discloses High-Severity Apple macOS Flaw
Smart Ski Helmet Headphone Flaws Leak Personal, GPS Data Teen Becomes First to Earn $1M in Bug Bounties with HackerOne
RSAC 2019: Picking Apart the Foreshadow Attack RSAC 2019: Joomla! Mail Flaw Exploited to Create Mass Phishing Infrastructure
RSA Conference: Data-Wiping Cyberattacks Plague Financial Firms RSA Conference 2019: How to Defend Against an AI vs AI ‘Flash War’
RSA Conference 2019: The Sky’s the Limit For Satellite Hacks RSA Conference 2019: UniKey Patches BleedingBit Flaws Granting Access To Hotel Rooms, Cars
RSAC 2019: For Domestic Abuse, IoT Devices Pose New Threat RSA Conference 2019 Recap
RSA Conference 2019: Emotet Takes Aim at Latin America Citrix Falls Prey to Password-Spraying Attack
Forrester: Ransomware Set to Resurge As Firms Pay Off Attacks Google Patches Critical Bluetooth RCE Bug
Adobe Patches Critical Photoshop, Digital Edition Flaws ThreatList: Phishing Attacks Doubled in 2018
Federal Focus on Cyber Plays Out in President’s Budget, IoT Legislation Threat Groups SandCat, FruityArmor Exploiting Microsoft Win32k Flaw
Three Ways DNS is Weaponized and How to Mitigate the Risk MAGA ‘Safe Space’ App Developer Threatens Security Researcher
Intel Windows 10 Graphics Drivers Riddled With Flaws Insider Threats Get Mean, Nasty and Very Personal
Cisco Patches Critical ‘Default Password’ Bug Threatlist: IMAP-Based Attacks Compromising Accounts at ‘Unprecedented Scale’
Unpatched Fujitsu Wireless Keyboard Bug Allows Keystroke Injection Lenovo Patches High-Severity Arbitrary Code Execution Flaws
ThreatList: DDoS Attack Sizes Drop 85 Percent Post FBI Crackdown Researcher Says NSA’s Ghidra Tool Can Be Used for RCE
Podcast: The High-Risk Threats Behind the Norsk Hydro Cyberattack Host of Flaws Found in CUJO Smart Firewall
Uber Deployed ‘Surfcam’ Spyware in Australia to Crush the Competition Fin7 Ramps Up Campaigns With Two Fresh Malware Samples
Post-Perimeter Security: Addressing Evolving Mobile Enterprise Threats Cisco Patches High-Severity Flaws in IP Phones
Hackers Take Down Safari, VMware and Oracle at Pwn2Own WordPress Plugin Removed After Zero Day Discovered
Medtronic Defibrillators Have Critical Flaws, Warns DHS Analysis: Drone Tech Creates New Type of Blended Threat
Firefox and Edge Fall to Hackers on Day Two of Pwn2Own


US-CERT.GOV

Cisco Releases Security Updates Adobe Releases Security Updates
Drupal Releases Security Updates ISC Releases Security Updates for BIND
OpenSSL Releases Security Update National Consumer Protection Week
Cisco Releases Security Updates Adobe Releases Security Updates for ColdFusion
IRS Launches ‘Dirty Dozen’ Campaign on Tax Scams Cisco Releases Security Updates
ICSJWG Spring Meeting and Call for Abstracts (Deadline Extended) Google Releases Security Updates for Chrome
Adobe Releases Security Updates Microsoft Releases March 2019 Security Updates
Google Releases Security Updates for Chrome Cisco Releases Security Updates
WordPress Releases Security Update MS-ISAC Releases Security Primer on TrickBot Malware
Microsoft Releases Security Update for Azure Linux Guest Agent VMware Releases Security Updates for Workstation and Horizon
Intel Releases Security Advisories on Multiple Products New Zealand Tragedy-Related Scams and Malware Campaigns
Now Available: Recording of Chinese Malicious Cyber Activity Briefing Microsoft Ending Support for Windows 7
Mozilla Releases Security Updates for Firefox Cisco Releases Security Advisories for Multiple Products
Drupal Releases Security Updates Mozilla Releases Security Updates for Firefox