Symantec Completes Internal Accounting Investigation
Symantec announced on Monday that it has completed its internal accounting audit, and while some issues have been uncovered, only one customer transaction has an impact on financial statements.
read more
U.S. General Service Administration Launches Bug Bounty Program
The United States General Service Administration’s (GSA) Technology Transformation Service (TTS) has launched a bug bounty program on HackerOne, the hacker-powered security platform announced on Friday.
read more
New Adwind Campaign Targets Linux, Windows, and macOS
Adwind remote access Trojan (RAT) samples detected in a recently campaign were configured to gain persistence on Linux, Windows, and macOS systems, Cisco Talos warns.
read more
Operator of Counter AV Service Sentenced to 14 Years in Prison
A 38-year-old Latvian resident was sentenced last week in the United States to 168 months in prison for his role in operating a counter antivirus service called Scan4You.
read more
Cisco Removes Default Password From Video Surveillance Manager
A critical vulnerability recently patched in the Cisco Video Surveillance Manager (VSM) could allow an unauthenticated attacker to log in as root.
read more
How to Make the Business Case for an Intelligence Program
It’s Crucial to Communicate the Benefits of an Intelligence Program in the Context of Risk
read more
Credential Stuffing Attacks Are Reaching DDoS Proportions
Credential stuffing is a growing threat. It is not new, but for many companies it is treated as annoying background noise that can be absorbed by bandwidth, handled by access controls, and ignored. New figures suggest that this is...
Millions of Twitter Users Affected by Information Exposure Flaw
Twitter has patched a bug that may have caused direct messages to be sent to third-party developers other than the ones users interacted with. The problem existed for well over a year and it impacted millions of users.
read more
Hackers Target Real Estate Deals, With Devastating Impact
James and Candace Butcher were ready to finalize the purchase of their dream retirement home, and at closing time wired $272,000 from their bank following instructions they received by email.
Within hours, the money had vanished.
read more
New Virobot Ransomware and Botnet Emerges
A newly discovered piece of malware combines ransomware and botnet capabilities in a single package, Trend Micro security researchers reveal.
read more
ZDI Shares Details of Microsoft JET Database Zero-Day
Trend Micro's Zero Day Initiative (ZDI) on Thursday made public details on a vulnerability impacting the Microsoft JET Database Engine, although a patch isn’t yet available for it.
read more
Cloudflare Launches Security Service for Tor Users
Cloudflare on Thursday announced a new service to provide Tor users with improved security and performance, while also aiming at reducing malicious network traffic.
read more
Accounting Firm Moss Adams Acquires Cybersecurity Firm AsTech
Moss Adams (an accounting firm founded 105 years ago) has merged in AsTech Consulting (a cyber risk management firm founded 11 years ago). Moss Adams is the thirteenth largest tax company in the U.S., and the leading firm on...
Legitimate RATs Pose Serious Risk to Industrial Systems
Remote administration tools (RATs) installed for legitimate purposes in operational technology (OT) networks can pose a serious security risk, allowing malicious actors to abuse them in attacks aimed at industrial organizations, Kaspersky Lab warns.
read more
Malware Businesses Blending the Legitimate and the Illegitimate
Whenever someone wants to invoke a hacker for any purpose, we usually get some (stock photography) image of a lone, hooded malware author bent over a dark keyboard. Movies, too, perpetuate the idea of some socially maladjusted loner wreaking...
Facebook Building a ‘War Room’ to Battle Election Meddling
Facebook on Wednesday said it will have a "war room" up and running on its Silicon Valley campus to quickly repel efforts to use the social network to meddle in upcoming elections.
read more
DMARC Fully Implemented on Two Thirds of U.S. Government Domains
DMARC has been fully implemented on roughly two thirds of U.S. government domains, but agencies have less than a month to roll out the email security standard on the remaining websites.
read more
Rockwell Automation Patches Severe Flaws in Communications Software
Rockwell Automation has patched several critical and high severity vulnerabilities in its RSLinx Classic communications software.
read more
U.S. Takes Off the Gloves in Global Cyber Wars: Top Oficials
The United States is taking off the gloves in the growing, shadowy cyber war waged with China, Russia and other rivals, a top White House official said Thursday.
read more
Breach at US Retailer SHEIN Hits Over Six Million Users
Breach at US Retailer SHEIN Hits Over Six Million UsersUS fashion retailer SHEIN has admitted suffering a major breach affecting the personal information of over six million customers.
The women’s clothing company revealed at the end of last week that...
Bug? Feature? Power users baffled as BitLocker update switch-off continues
Microsoft claims issue confined to older kit Three months on, users continue to report that Microsoft's BitLocker disk encryption technology turns itself off during security updates.…
UK issues first-ever GDPR notice in connection to Facebook data scandal
Canadian firm AggregateIQ, linked to the Facebook & Cambridge Analytica data scandal, is the first to be put on notice.
Symantec Completes Internal Accounting Investigation
Symantec announced on Monday that it has completed its internal accounting audit, and while some issues have been uncovered, only one customer transaction has an impact on financial statements.
read more
Are Colleges Teaching Real-World Cyber Security Skills?
The cybersecurity skill shortage is a well-recognized industry challenge, but the problem isn’t that there are too few people rather that many of them lack suitable skills and experience. Cybersecurity is a fast-growing profession, and talented graduates are in...
