SecurityWeek

New Variant of Gustuff Android Banking Trojan Emerges

Security Week - Tue, 10/22/2019 - 3:04pm

Recent Gustuff Android banking Trojan campaigns featured an updated malware version, Cisco Talos security researchers report.

read more

Categories: SecurityWeek

Microsoft Invests in Securing Device Firmware

Security Week - Tue, 10/22/2019 - 1:18pm

Microsoft is working with PC manufacturing and silicon partners to design devices with a more secure firmware layer.

The initiative aims to combat threats that are specifically targeting the firmware and operating system levels with the help of Secured-core PCs, devices that apply security best practices to firmware.

read more

Categories: SecurityWeek

Gaining a Decisive Advantage in the Cyber Battle

Security Week - Tue, 10/22/2019 - 12:16pm

One the most significant challenges facing cybersecurity professionals today is the need to simplify and consolidate their existing cybersecurity infrastructure. This is a trend that I saw time and time again over my 33-year career at the National Security Agency (NSA) and USCYBERCOM.

read more

Categories: SecurityWeek

New Winnti Backdoor Targets Microsoft SQL

Security Week - Tue, 10/22/2019 - 11:35am

A recently identified backdoor used by the China-linked Winnti hackers and which targets Microsoft SQL (MSSQL) is very stealthy, ESET’s security researchers say.

read more

Categories: SecurityWeek

Historical Breadcrumbs Link Magecart 5 to Carbanak Group

Security Week - Tue, 10/22/2019 - 10:59am

Magecart is the umbrella term for a range of criminal groups that use software to perform digital credit card skimming. It isn't clear how many different Magecart groups are currently operating. There are some suggestions that there are dozens, but with counter-suggestions that some of these may be individual operators rather than groups.

read more

Categories: SecurityWeek

Microsoft Launches ElectionGuard Bug Bounty Program

Security Week - Tue, 10/22/2019 - 10:28am

Microsoft last week announced the launch of a new bug bounty program covering the ElectionGuard open source software development kit (SDK).

read more

Categories: SecurityWeek

New Azure AD Feature Detects Unauthorized Access Attempts

Security Week - Tue, 10/22/2019 - 8:54am

Microsoft this week announced the public preview of a new feature that allows enterprise users to check their Azure Active Directory sign-ins for any unusual activity.

read more

Categories: SecurityWeek

Outdated OSs Still Present in Many Industrial Organizations: Report

Security Week - Tue, 10/22/2019 - 6:10am

ATLANTA — SECURITYWEEK 2019 ICS CYBER SECURITY CONFERENCE — Outdated and unsupported operating systems are still present and they still pose a serious risk in many industrial organizations, according to a new report from industrial cybersecurity firm CyberX.

read more

Categories: SecurityWeek

Facebook Steps Up Security Amid Fresh Signs of Russia Meddling

Security Week - Mon, 10/21/2019 - 3:29pm

Facebook said Monday it was tightening its security for the 2020 US elections, amid signs of fresh activity from Russia attacking Democratic presidential candidates, including Joe Biden.

read more

Categories: SecurityWeek

TorGuard, NordVPN Respond to Breach Reports

Security Week - Mon, 10/21/2019 - 2:39pm

VPN providers TorGuard and NordVPN have responded to reports that their systems have been breached, and both blame the incident on a third-party service provider.

Hackers have leaked private RSA keys and information on configuration files that were stolen from a NordVPN server last year.

read more

Categories: SecurityWeek

Google Boosts Site Isolation in Chrome

Security Week - Mon, 10/21/2019 - 2:03pm

Google has improved the Site Isolation feature in Chrome to help defend against more types of attacks.

read more

Categories: SecurityWeek

New Cybersecurity Bills Promote CISOs and Privacy

Security Week - Mon, 10/21/2019 - 11:33am

Two bills, currently in the Senate, have the potential to change the U.S. cybersecurity landscape if passed into law. The first is the 'Cybersecurity Disclosure Act of 2019', introduced by Senator Jack Reed (D-RI) on 28 February 2019. The second is the 'Mind Your Own Business Act of 2019', introduced by Senator Ron Wyden (D-OR) last week on 17 October 2019.

read more

Categories: SecurityWeek

Trend Micro Acquires Cloud Security Firm Cloud Conformity

Security Week - Mon, 10/21/2019 - 11:18am

Trend Micro on Monday announced the acquisition of cloud security company Cloud Conformity for $70 million.

Founded in Australia, Cloud Conformity specializes in cloud security posture management (CSPM) and it provides cloud security, governance and compliance solutions for organizations using AWS, Microsoft Azure and Google Cloud.

read more

Categories: SecurityWeek

Georgia County's Experience Shows Perils of Ransomware

Security Week - Mon, 10/21/2019 - 10:10am

On the first Saturday in March, computer screens at the 911 dispatch center in this small town went dark.

Staff at the county jail around the same time could no longer open cell doors remotely with electronic controls, and sheriff's deputies lost the use of their laptops to look up license plates.

read more

Categories: SecurityWeek

Czech Police, Intelligence Bust Russian Spy Network

Security Week - Mon, 10/21/2019 - 10:00am

Czech police and intelligence services said on Monday they had busted a Russian espionage network operating through its Prague embassy.

It was allegedly set up to attack Czech and foreign targets through computer servers.

read more

Categories: SecurityWeek

Avast Discloses New Supply-Chain Attack Attempt

Security Week - Mon, 10/21/2019 - 9:27am

An unknown threat actor managed to access Avast’s network in yet another supply chain compromise attempt, the security company announced on Monday.

read more

Categories: SecurityWeek

US, UK: Russian Hackers Hijacked Iranian Malware, Infrastructure

Security Week - Mon, 10/21/2019 - 7:44am

The U.S. National Security Agency (NSA) and Britain’s National Cyber Security Centre (NCSC) reported on Monday that the Russia-linked threat group known as Turla has hijacked malware and infrastructure from Iranian hackers.

read more

Categories: SecurityWeek

Public, Election Officials May Be Kept in the Dark on Hacks

Security Week - Mon, 10/21/2019 - 6:34am

If the FBI discovers that foreign hackers have infiltrated the networks of your county election office, you may not find out about it until after voting is over. And your governor and other state officials may be kept in the dark, too.

read more

Categories: SecurityWeek

Best Practices for Evaluating and Vetting Third Parties

Security Week - Mon, 10/21/2019 - 12:05am

The global and interconnected nature of business today means that no company or organization is an island. Every modern business relies on many others, either as part of the supply or distribution chain, or for value-added services like accounting and social media marketing. 

read more

Categories: SecurityWeek

Ingredients Giant Ingredion Hit by Malware

Security Week - Fri, 10/18/2019 - 9:35am

Westchester, Illinois-based ingredients giant Ingredion Incorporated revealed this week that it recently detected suspicious activity on some data center servers.

Only a few details have been provided about the incident, but it appears that a piece of malware infected some of the company’s systems.

read more

Categories: SecurityWeek

Pages