RSS WeLiveSecurity
  • What does it take to attract top cybersecurity talent? November 20, 2019
    From professional backgrounds to competitive salaries – a study delves into what it takes to build strong cybersecurity teams The post What does it take to attract top cybersecurity talent? appeared first on WeLiveSecurity
  • Mispadu: Advertisement for a discounted Unhappy Meal November 19, 2019
    Another in our occasional series demystifying Latin American banking trojans The post Mispadu: Advertisement for a discounted Unhappy Meal appeared first on WeLiveSecurity
  • Disney+ accounts hacked – How to protect yourself November 18, 2019
    As users are losing access to their accounts by the dozens, we offer a few tips to help keep your streaming subscriptions safe The post Disney+ accounts hacked – How to protect yourself appeared first on WeLiveSecurity
  • Week in security with Tony Anscombe November 15, 2019
    ESET experts share how they got started in cybersecurity and whether or not a degree is needed for a career in the industry The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
  • Microsoft issues patch for Internet Explorer zero‑day November 14, 2019
    The critical vulnerability could also be exploited via a malicious Microsoft Office document The post Microsoft issues patch for Internet Explorer zero‑day appeared first on WeLiveSecurity
RSS McAfee Blogs
  • Threat Hunting or Efficiency: Pick Your EDR Path? November 12, 2019
    “Do You Want It Done Fast, Or Do You Want It Done Right?” “Yes.” “Help out more with our business objectives.” “Cover an increasing number of endpoints.” “Cut budgets.” “Make it all work without adding staff.” Cybersecurity teams face a lot of conflicting objectives—both within their teams and from upper management. But a May 2019 […]
  • It’s Beginning to Look a Lot Like Holiday Shopping: Secure Your Black Friday & Cyber Monday Purchases November 11, 2019
    As we gear up to feast with family and friends this Thanksgiving, we also get our wallets ready for Black Friday and Cyber Monday. Black Friday and Cyber Monday have practically become holidays themselves, as each year they immediately shift our attention from turkey and pumpkin pie to holiday shopping. Let’s take a look at […]
  • Sadfishing, Deepfakes & TikTok: Headlines You May Have Missed November 9, 2019
    Technology trends move fast and the digital newsfeeds run non-stop. No worries, we’ve got your backs, parents. Here are three important headlines you may have missed about some of the ways kids are using their devices and how you can coach them around the risks. What’s Sadfishing and is Your Child Doing it Online? Sadfishing […]
  • Spanish MSSP Targeted by BitPaymer Ransomware November 8, 2019
    Initial Discovery This week the news hit that several companies in Spain were hit by a ransomware attack. Ransomware attacks themselves are not new but, by interacting with one of the cases in Spain, we want to highlight in this blog how well prepared and targeted an attack can be and how it appears to […]
  • Veterans Day U.S. – A McAfee MoM’s Reflection November 7, 2019
    By: Deb, Executive Assistant, Plano TX On Monday, November 11, the U.S. celebrates Veterans Day. We at McAfee U.S. are able to spend this holiday paying tribute to coworkers, friends and family members who have served our country in the various branches of military service. Being able to honor, celebrate and remember our nation’s heroes […]
RSS Krebs on Security
  • DDoS-for-Hire Boss Gets 13 Months Jail Time November 20, 2019
    A 21-year-old Illinois man was sentenced last week to 13 months in prison for running multiple DDoS-for-hire services that launched millions of attacks over several years. This individual's sentencing comes more than five years after KrebsOnSecurity interviewed both the defendant and his father and urged the latter to take a more active interest in his […]
  • Ransomware Bites 400 Veterinary Hospitals November 19, 2019
    National Veterinary Associates (NVA), a California company that owns more than 700 animal care facilities around the globe, is still working to recover from a ransomware attack late last month that affected more than half of those properties, separating many veterinary practices from their patient records, payment systems and practice management software. NVA says it […]
  • Why Were the Russians So Set Against This Hacker Being Extradited? November 18, 2019
    The Russian government has for the past four years been fighting to keep 29-year-old alleged cybercriminal Alexei Burkov from being extradited by Israel to the United States. When Israeli authorities turned down requests to send him back to Russia -- supposedly to face separate hacking charges there -- the Russians then imprisoned an Israeli woman for […]
  • Orcus RAT Author Charged in Malware Scheme November 13, 2019
    In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT, a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This week, Canadian authorities criminally charged him with orchestrating an international malware scheme.
  • Patch Tuesday, November 2019 Edition November 12, 2019
    Microsoft today released updates to plug security holes in its software, including patches to fix at least 74 weaknesses in various flavors of Windows and in software that runs on top of it. The November updates include patches for a zero-day flaw in Internet Explorer that is currently being exploited in the wild, as well […]
RSS Dark Reading:
RSS Schneier on Security
  • Iran Has Shut Off its Internet November 20, 2019
    Iran has gone pretty much entirely offline in the wake of nationwide protests. This is the best article detailing what's going on; this is also good. AccessNow has a global campaign to stop Internet shutdowns. TITLE EDITED TO REDUCE CONFUSION....
  • Security Vulnerabilities in Android Firmware November 18, 2019
    Researchers have discovered and revealed 146 vulnerabilities in various incarnations of Android smartphone firmware. The vulnerabilities were found by scanning the phones of 29 different Android makers, and each is unique to a particular phone or maker. They were found using automatic tools, and it is extremely likely that many of the vulnerabilities are not […]
  • Friday Squid Blogging: Planctotuethis Squid November 15, 2019
    Neat video, and an impressive-looking squid. I can't figure out how long it is. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here....
  • TPM-Fail Attacks Against Cryptographic Coprocessors November 15, 2019
    Really interesting research: TPM-FAIL: TPM meets Timing and Lattice Attacks, by Daniel Moghimi, Berk Sunar, Thomas Eisenbarth, and Nadia Heninger. Abstract: Trusted Platform Module (TPM) serves as a hardware-based root of trust that protects cryptographic keys from privileged system and physical adversaries. In this work, we per-form a black-box timing analysis of TPM 2.0 devices […]
  • Upcoming Speaking Engagements November 14, 2019
    This is a current list of where and when I am scheduled to speak: I'm speaking on "Securing a World of Physically Capable Computers" at the Indian Institute of Science in Bangalore, India on December 12, 2019. The list is maintained on this page....
RSS Threatpost
RSS Naked Security
RSS Quick Heal Blog | Latest computer security news, tips, and advice
  • Quick Heal Supports Windows 10 November 2019 Update November 15, 2019
    Microsoft has recently come up with a new update for Windows 10 PCs, called Windows 10 November 2019 Update (Build Version 1909). Here we’ll list down some of the highlights of this update and see how Quick Heal is compatible with this OS. Highlights of Windows 10 November 2019 Update Enhanced…
  • This Children’s Day, pledge the online security of your kids! November 14, 2019
    It’s Children’s Day and there couldn’t be a better day to pledge the security of our young minds, not just in the physical world but also virtual world. While technology has improved our lives in ways beyond our control and provided our kids with an ocean of knowledge, we cannot…
  • Think loud! Can the regular delivery boy at your office launch a malware? November 12, 2019
    Most companies employ strict security practices when it comes to the security of their office and infrastructure. There are security guards to monitor the entry and exit, surveillance cameras in place for 360° view and system administrators to keep a check on the security of systems and networks. While most…
  • BlueKeep Attacks seen in the wild! November 8, 2019
    CVE-2019-0708, popularly known as BlueKeep, is a RDP pre-authentication vulnerability which allows attacker to compromise a vulnerable system without user’s interaction. This exploit is also wormable, meaning that it can spread to other vulnerable systems in a similar way as the WannaCry malware spread across the globe in 2017. Interestingly,…
  • Have you updated your browser yet? Severe Chrome Zero-day vulnerability getting actively exploited November 4, 2019
    Attention! Are you using Chrome as your web browsing software on your Windows, Linux and Mac? High time you update your browser!! That’s right. With Google recently releasing Chrome version 78.0.3904.87 for Windows, Mac, and Linux, there come’s an urgent warning, requesting billions of users to update their software immediately. The warning comes after…
RSS Google Online Security Blog
  • Using a built-in FIDO authenticator on latest-generation Chromebooks November 19, 2019
    Posted by Christiaan Brand, Product Manager, Google Cloud We previously announced that starting with Chrome 76, most latest-generation Chromebooks gained the option to enable a built-in FIDO authenticator backed by hardware-based Titan security. For supported services (e.g. G Suite, Google Cloud Platform), enterprise administrators can now allow end users to use the power button on these […]
  • GWP-ASan: Sampling heap memory error detection in-the-wild November 7, 2019
    Posted by Vlad Tsyrklevich, Dynamic Tools TeamMemory safety errors, like use-after-frees and out-of-bounds reads/writes, are a leading source of vulnerabilities in C/C++ applications. Despite investments in preventing and detecting these errors in Chrome, over 60% of high severity vulnerabilities in Chrome are memory safety errors. Some memory safety errors don’t lead to security vulnerabilities but […]
  • The App Defense Alliance: Bringing the security industry together to fight bad apps November 6, 2019
    Posted by Dave Kleidermacher, VP, Android Security & Privacy Fighting against bad actors in the ecosystem is a top priority for Google, but we know there are others doing great work to find and protect against attacks. Our research partners in the mobile security world have built successful teams and technology, helping us in the […]
  • OpenTitan - open sourcing transparent, trustworthy, and secure silicon November 5, 2019
    Posted by Royal Hansen, Vice President, Google and Dominic Rizzo, OpenTitan Lead, Google Cloud Security begins with secure infrastructure. To have higher confidence in the security and integrity of the infrastructure, we need to anchor our trust at the foundation - in a special-purpose chip.Today, along with our partners, we are excited to announce OpenTitan - […]
  • How Google adopted BeyondCorp: Part 4 (services) October 31, 2019
    Posted by Guilherme Gonçalves, Site Reliability Engineer and Kyle O'Malley, Security Engineer IntroThis is the final post in a series of four, in which we set out to revisit various BeyondCorp topics and share lessons that were learnt along the internal implementation path at Google.The first post in this series focused on providing necessary context for […]
RSS Graham Cluley
RSS Infosecurity Magazine
RSS CSO Online
  • Best new Windows 10 security features: Longer support, easier deployment November 20, 2019
    With the new era of Windows as a service, Microsoft is rolling out changes to the operating system twice a year. Many of those changes will allow you to improve your security posture and offer more security choices. You no longer have to wait for a new operating system to deploy new security features. [ […]
  • Everything you need to know about 10G, the future of broadband technology November 20, 2019
    With the emergence of more connected devices and immersive content experiences happening alongside an unparalleled boom of video streaming platforms, there’s never been a more critical time to have a powerful and reliable network than can meet the demands of the future. And that next big leap for digital mankind is 10G.What is 10G?  Not […]
  • A common user interface for security operations? November 20, 2019
    For years, enterprises have dealt with security analytics and operations using an assortment of point tools.  According to research by my employer ESG, 35% of organizations today use more than 26 such commercial, homegrown, and/or open source tools in their security operations center (SOC).To read this article in full, please click here(Insider Story)
  • How to build a Windows disaster recovery toolkit November 20, 2019
    Over the weekend I dealt with a misbehaving server. That experience reminded me that no matter how large or small your business is, you need a security disaster toolkit at the ready should any event occur. You’ll also need a disaster checklist that maps out processes and resources to speed recovery.To read this article in […]
  • How a bank got hacked (a study in how not to secure your networks) November 19, 2019
    Robbing a bank is easier than you might think, especially if you don't care which bank you rob, according to a "how to rob a bank" manifesto by the apparently vigilante hacker Phineas Phisher. The PwC incident response report, which Phineas Phisher leaked, backs up that claim. The report details the intrusion to management at […]
RSS Symantec Blogs
RSS Security Affairs
  • Chicago student charged with writing code to spread ISIS propaganda November 20, 2019
    US authorities arrested Thomas Osadzinski, a student at DePaul University, because he allegedly built a custom Gentoo Linux distro for ISIS. Thomas Osadzinski (20), a student at DePaul University, Chicago, was arrested because he allegedly built a custom Gentoo Linux distro for ISIS, he could now face up to 20 years in prison. The Chicago […]
  • Monero Project website has been compromised to deliver a coin stealer November 20, 2019
    The official website of the Monero Project has been compromised to deliver a coin stealer. The official website of the Monero Project has been compromised to deliver a cryptocurrency stealer on November 18. The hack was discovered after a user downloaded a Linux 64-bit command line (CLI) Monero binary that was containing a coin stealer. […]
  • Hackers leak 2TB of Data From Cayman National Bank stolen by Phineas Fisher November 20, 2019
    New data leak threatens the world of finance after the Panama Papers, hackers published 2TB of the Cayman National bank’s confidential data. The Cayman Islands are a fiscal paradise that attracts money of questionable origin from all over the world, for this reason, the content of a new data leak is scaring the global finance. […]
  • Ransomware Revival: Troldesh becomes a leader by the number of attacks November 20, 2019
    Ransomware accounted for over half of all malicious mailings in H1 2019, Troldesh aka Shade being the most popular tool among cybercriminals. Group-IB, a Singapore-based cybersecurity company: ransomware accounted for over half of all malicious mailings in H1 2019, detected and analyzed by Group-IB’s Computer Emergency Response Team (CERT-GIB), with Troldesh aka Shade being the most popular tool […]
  • CTHoW v2.0 – Cyber Threat Hunting on Windows November 19, 2019
    Why did I started CTHoW? As someone with a huge passion for information security. It is always a must to keep on top of the latest TTPs of adversaries to be able to defend your network. I was always impressed with the MITRE ATT&CK framework that helps the community by sharing the latest techniques, attackers […]
RSS CIO Security