SecurityWeek

Vollgar Campaign Targets MS-SQL Servers With Backdoors, Crypto-Miners

Security Week - 4 hours 16 min ago

A recently uncovered attack campaign that stayed under the radar since May 2018 is targeting devices running MS-SQL servers with backdoors and crypto-miners, Guardicore Labs reveals.

read more

Categories: SecurityWeek

Keeping Your Security Strategy on Track Amidst Tactical Distractions

Security Week - Wed, 04/01/2020 - 2:56pm

“Goodbye to Rosie, the queen of Corona” - Paul Simon, Me and Julio Down by the Schoolyard

read more

Categories: SecurityWeek

Trojanized Zoom Apps Target Work-From-Home Android Users

Security Week - Wed, 04/01/2020 - 1:10pm

Malicious, re-packaged versions of the Zoom video conferencing application are targeting work-from-home Android users with adware and Trojans, Bitdefender reports.

read more

Categories: SecurityWeek

Patch Released for Linux Kernel Vulnerability Disclosed at Hacking Contest

Security Week - Wed, 04/01/2020 - 11:37am

A patch has been released for a Linux kernel vulnerability that a researcher used at the recent Pwn2Own 2020 hacking competition to escalate privileges to root on Ubuntu Desktop.

read more

Categories: SecurityWeek

AWS Security Service 'Amazon Detective' Now Generally Available

Security Week - Wed, 04/01/2020 - 9:02am

AWS on Tuesday announced the general availability of Amazon Detective, a service that makes it easier for customers to investigate security issues.

read more

Categories: SecurityWeek

SecurityWeek Launches Virtual Cybersecurity Event Series

Security Week - Wed, 04/01/2020 - 8:06am

New Online Conference Series Offers Security Professionals an Immersive Online Experience to Learn and Connect

read more

Categories: SecurityWeek

Critical Flaw in SEO Plugin Exposed Many WordPress Sites to Attacks

Security Week - Wed, 04/01/2020 - 8:05am

A critical vulnerability in the Rank Math SEO plugin for WordPress could allow attackers to lock administrators out of their own websites, WordPress security company Defiant reports.

read more

Categories: SecurityWeek

Panther Labs Launches Open-Source Cloud-Native SIEM

Security Week - Wed, 04/01/2020 - 7:34am

San Francisco-based cloud security startup Panther Labs has launched the first stable version of its open-source security information and event management (SIEM) solution, Panther.

read more

Categories: SecurityWeek

SMBGhost Vulnerability Allows Privilege Escalation on Windows Systems

Security Week - Wed, 04/01/2020 - 5:09am

Researchers have published proof-of-concept (PoC) exploits to demonstrate that the Windows vulnerability tracked as SMBGhost and CVE-2020-0796 can be exploited for local privilege escalation.

read more

Categories: SecurityWeek

Internet Society Expands Program for Secure Internet Routing Framework

Security Week - Tue, 03/31/2020 - 3:20pm

CDNs and Cloud Providers Join Initiative to Improve Security of Internet's Routing System

Failure in internet routing security leads to major outages, stolen data, hijacking, lost revenue and more, with more than 12,000 routing outages in 2018 alone. The Mutually Agreed Norms for Routing Security (MANRS) seeks to solve this.

read more

Categories: SecurityWeek

Palo Alto Networks to Acquire CloudGenix for $420 Million

Security Week - Tue, 03/31/2020 - 2:39pm

Palo Alto Networks on Tuesday announced that it has entered into a definitive agreement to acquire enterprise SD-WAN solutions provider CloudGenix for roughly $420 million.

Palo Alto Networks’ Prisma Access solution enables organizations to protect remote networks and mobile users, and it provides secure access to enterprise applications.

read more

Categories: SecurityWeek

FBI Warns of Ongoing Kwampirs Attacks Targeting Global Industries

Security Week - Tue, 03/31/2020 - 11:21am

A malicious campaign is targeting organizations from a broad range of industries with a piece of malware known as Kwampirs, the Federal Bureau of Investigation warns.

read more

Categories: SecurityWeek

CISOs Suffering From Increasingly Complex Workload: Cisco

Security Week - Tue, 03/31/2020 - 11:12am

Growing Complexity of Managing Enterprise Cybersecurity is Increasing CISO Fatigue and Burnout

A CISO's life is complex, with business transformation, cloud adoption, working from home and use of mobile devices, and sometimes just too many solutions. Many see automation and AI as a partial solution.

read more

Categories: SecurityWeek

New Marriott Data Breach Impacts Up to 5.2 Million Guests

Security Week - Tue, 03/31/2020 - 10:26am

Marriott on Tuesday disclosed a new data breach that could impact up to 5.2 million of its guests. The incident is related to an internal application used by Marriott hotels.

read more

Categories: SecurityWeek

Industrial Controllers Still Vulnerable to Stuxnet-Style Attacks

Security Week - Tue, 03/31/2020 - 8:42am

Researchers demonstrated recently that hackers could launch a Stuxnet-style attack against Schneider Electric’s Modicon programmable logic controllers (PLCs), but it’s believed that products from other vendors could also be vulnerable to the same type of attack.

read more

Categories: SecurityWeek

Retooling Cyber Ranges

Security Week - Tue, 03/31/2020 - 6:58am

Cloud-based Cyber Ranges Will Change the Future of Training and Certifying Security and DevOps Professionals

read more

Categories: SecurityWeek

Zoom Updates Privacy Policy After Experts Raise Concerns

Security Week - Tue, 03/31/2020 - 6:55am

Remote conferencing services provider Zoom this week updated its privacy policy following the publishing of a series of reports raising concerns regarding the privacy of Zoom users.

Headquartered in San Jose, California, Zoom provides users with a platform that combines video and audio conferencing, online meetings, chat, screen sharing, and more.

read more

Categories: SecurityWeek

Vulnerabilities Expose Lexus, Toyota Cars to Hacker Attacks

Security Week - Mon, 03/30/2020 - 3:12pm

Vulnerabilities in Lexus and Toyota cars could be exploited by hackers to launch remote attacks against affected vehicles, researchers at China-based Tencent Keen Security Lab discovered.

read more

Categories: SecurityWeek

State-Backed Players Join Pandemic Cyber Crime Attacks

Security Week - Mon, 03/30/2020 - 2:33pm

Sophisticated state-supported actors are following cybercriminals in exploiting the coronavirous pandemic and posing an “advanced persistent threat" (APT), French defence technology giant Thales warned Monday.

read more

Categories: SecurityWeek

Pages