SecurityWeek
Vollgar Campaign Targets MS-SQL Servers With Backdoors, Crypto-Miners
A recently uncovered attack campaign that stayed under the radar since May 2018 is targeting devices running MS-SQL servers with backdoors and crypto-miners, Guardicore Labs reveals.
Trojanized Zoom Apps Target Work-From-Home Android Users
Malicious, re-packaged versions of the Zoom video conferencing application are targeting work-from-home Android users with adware and Trojans, Bitdefender reports.
Patch Released for Linux Kernel Vulnerability Disclosed at Hacking Contest
A patch has been released for a Linux kernel vulnerability that a researcher used at the recent Pwn2Own 2020 hacking competition to escalate privileges to root on Ubuntu Desktop.
AWS Security Service 'Amazon Detective' Now Generally Available
AWS on Tuesday announced the general availability of Amazon Detective, a service that makes it easier for customers to investigate security issues.
SecurityWeek Launches Virtual Cybersecurity Event Series
New Online Conference Series Offers Security Professionals an Immersive Online Experience to Learn and Connect
Critical Flaw in SEO Plugin Exposed Many WordPress Sites to Attacks
A critical vulnerability in the Rank Math SEO plugin for WordPress could allow attackers to lock administrators out of their own websites, WordPress security company Defiant reports.
Panther Labs Launches Open-Source Cloud-Native SIEM
San Francisco-based cloud security startup Panther Labs has launched the first stable version of its open-source security information and event management (SIEM) solution, Panther.
SMBGhost Vulnerability Allows Privilege Escalation on Windows Systems
Researchers have published proof-of-concept (PoC) exploits to demonstrate that the Windows vulnerability tracked as SMBGhost and CVE-2020-0796 can be exploited for local privilege escalation.
Internet Society Expands Program for Secure Internet Routing Framework
CDNs and Cloud Providers Join Initiative to Improve Security of Internet's Routing System
Failure in internet routing security leads to major outages, stolen data, hijacking, lost revenue and more, with more than 12,000 routing outages in 2018 alone. The Mutually Agreed Norms for Routing Security (MANRS) seeks to solve this.
Palo Alto Networks to Acquire CloudGenix for $420 Million
Palo Alto Networks on Tuesday announced that it has entered into a definitive agreement to acquire enterprise SD-WAN solutions provider CloudGenix for roughly $420 million.
Palo Alto Networks’ Prisma Access solution enables organizations to protect remote networks and mobile users, and it provides secure access to enterprise applications.
FBI Warns of Ongoing Kwampirs Attacks Targeting Global Industries
A malicious campaign is targeting organizations from a broad range of industries with a piece of malware known as Kwampirs, the Federal Bureau of Investigation warns.
CISOs Suffering From Increasingly Complex Workload: Cisco
Growing Complexity of Managing Enterprise Cybersecurity is Increasing CISO Fatigue and Burnout
A CISO's life is complex, with business transformation, cloud adoption, working from home and use of mobile devices, and sometimes just too many solutions. Many see automation and AI as a partial solution.
New Marriott Data Breach Impacts Up to 5.2 Million Guests
Marriott on Tuesday disclosed a new data breach that could impact up to 5.2 million of its guests. The incident is related to an internal application used by Marriott hotels.
CISO Conversations: Verizon, AT&T CISOs Talk Communications Sector Security
Industrial Controllers Still Vulnerable to Stuxnet-Style Attacks
Researchers demonstrated recently that hackers could launch a Stuxnet-style attack against Schneider Electric’s Modicon programmable logic controllers (PLCs), but it’s believed that products from other vendors could also be vulnerable to the same type of attack.
Retooling Cyber Ranges
Cloud-based Cyber Ranges Will Change the Future of Training and Certifying Security and DevOps Professionals
Zoom Updates Privacy Policy After Experts Raise Concerns
Remote conferencing services provider Zoom this week updated its privacy policy following the publishing of a series of reports raising concerns regarding the privacy of Zoom users.
Headquartered in San Jose, California, Zoom provides users with a platform that combines video and audio conferencing, online meetings, chat, screen sharing, and more.
Vulnerabilities Expose Lexus, Toyota Cars to Hacker Attacks
Vulnerabilities in Lexus and Toyota cars could be exploited by hackers to launch remote attacks against affected vehicles, researchers at China-based Tencent Keen Security Lab discovered.
State-Backed Players Join Pandemic Cyber Crime Attacks
Sophisticated state-supported actors are following cybercriminals in exploiting the coronavirous pandemic and posing an “advanced persistent threat" (APT), French defence technology giant Thales warned Monday.