SecureList

SEPTEMBER 13, 2021

The Incident response analyst report provides insights into incident investigation services conducted by Kaspersky in 2020. In 2020, the pandemic forced companies to restructure their information security practices, accommodating a work-from-home (WFH) approach. Geography of incident responses by region, 2020.

Social Engineering 112

Social Engineering Healthcare Ransomware Government 112

Javvad Malik

DECEMBER 14, 2020

From a creative perspective, 2020 hasn’t been a bad year for me. Despite the fact that I am far more productive than the average person, and have been called the Hercules of information security (not my words), I think it’s good for everyone to take some downtime.

Information Security 100

Information Security 100

Security Affairs

MAY 27, 2021

Cyber attacks against the agency’s systems are not rare events, threat actors could attempt to steal critical information with sophisticated operations, and for this reason, it is essential for the agency to detect and mitigate them. The post NASA identified 1,785 cyber incidents in 2020 appeared first on Security Affairs.

Information Security 121

Information Security Cyber Attacks Mobile Architecture 121

McAfee

DECEMBER 10, 2020

Everyone deserves a break after surviving this past year and I cannot think of better way to celebrate than to share some of our greatest accomplishments from 2020. January 2020 Gartner Peer Insights VOC Customers’ Choice for CASB. Coolest Cloud and Coolest Endpoint Security Companies.

Policy Compliance 98

Policy Compliance Technology Information Security Media 98

Security Affairs

NOVEMBER 4, 2020

Cyber Defense Magazine November 2020 Edition has arrived. 150 PAGESLOADED WITH EXCELLENT CONTENT Learn from the experts, cybersecurity best practices Find out about upcoming information security related conferences, expos and trade shows. SecurityAffairs – hacking, Cyber Defense Magazine November 2020 ).

InfoSec 124

InfoSec DNS Advertising Marketing 124

Security Affairs

DECEMBER 9, 2020

Microsoft December 2020 Patch Tuesday security update address 58 vulnerabilities, 22 of them are remote code execution vulnerabilities. Microsoft December 2020 Patch Tuesday security update address 58 vulnerabilities, 22 of them are remote code issues. In 2020, the IT giant has released a total of 1,250 CVEs.

Hacking 136

Hacking Information Security Malware 136

Security Affairs

SEPTEMBER 23, 2020

Samba team has released a security patch to address the Zerologon issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). Samba team has released a security patch to address the Zerologon (CVE-2020-1472) issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). Pierluigi Paganini.

Authentication 145

Authentication Advertising Architecture Passwords 145

Google Security

MARCH 17, 2021

Posted by Harshvardhan Sharma, Information Security Engineer, Google We first announced the GCP VRP Prize in 2019 to encourage security researchers to focus on the security of Google Cloud Platform (GCP), in turn helping us make GCP more secure for our users, customers, and the internet at large.

Engineering 145

Engineering Authentication Accountability Internet 145

Security Affairs

MARCH 20, 2021

A hacking group has employed at least 11 zero-day flaws as part of an operation that took place in 2020 and targeted Android, iOS, and Windows users. Google researchers observed two separate waves of attacks that took place in February and October 2020, respectively. ” wrote the popular Project Zero researcher Maddie Stone.

Hacking 138

Hacking Software Information Security Malware 138

Security Affairs

NOVEMBER 23, 2020

VMware discloses a critical zero-day vulnerability (CVE-2020-4006) in multiple VMware Workspace One components and released a workaround to address it. VMware has released a workaround to address a critical zero-day vulnerability, tracked as CVE-2020-4006, that affects multiple VMware Workspace One components. Pierluigi Paganini.

Hacking 132

Hacking Cybersecurity Information Security Malware 132

Security Affairs

NOVEMBER 5, 2020

VMware has released new patches for ESXi after learning that a fix released in October for the critical CVE-2020-3992 flaw was incomplete. The virtualization giant VMware has released new fixes for ESXi after learning that a patch released in October for the critical CVE-2020-3992 flaw was incomplete. Pierluigi Paganini.

Advertising 135

Advertising Hacking Information Security Malware 135

Security Affairs

MAY 28, 2021

Researchers at industrial cybersecurity firm Claroty have discovered a high-severity vulnerability in Siemens PLCs, tracked as CVE-2020-15782 , that could be exploited by remote and unauthenticated attackers to bypass memory protection. Claroty’s blog post describes the PLC sandbox and the role CVE-2020-15782 could play in an attack.

Hacking 135

Hacking Firmware Cybersecurity Engineering 135

Security Affairs

OCTOBER 21, 2020

Google has released Chrome version 86.0.4240.111 that also addresses the CVE-2020-15999 flaw which is an actively exploited zero-day. Google has released Chrome version 86.0.4240.111 that includes security fixes for several issues, including a patch for an actively exploited zero-day vulnerability tracked as CVE-2020-15999.

Advertising 119

Advertising Engineering Hacking Software 119

CyberSecurity Insiders

AUGUST 16, 2021

Well, this is indeed an interesting news piece to all those who are interested in Information Security. The post Insider Threat to Google as it fires 36 employees in 2020 appeared first on Cybersecurity Insiders.

Data privacy 116

Data privacy Internet Internet Information Security 116

Security Affairs

OCTOBER 9, 2023

pic.twitter.com/YJavUu53v3 — vx-underground (@vxunderground) October 7, 2023 BleepingComputer was able to verify with the help of the popular malware researcher Michael Gillespie that that source code is legitimate and is related to the first version of the ransomware that was employed in 2020.

Cybercrime 128

Cybercrime Ransomware DDOS Encryption 128

Security Affairs

APRIL 10, 2020

VMware has addressed a critical information disclosure vulnerability related to the Directory Service that can be exploited to compromise vCenter Server. The CVE-2020-3952 vulnerability has received a CVSSv3 score of 10, it resides in the vCenter Server version 6.7 on Windows and virtual appliances. Pierluigi Paganini.

Hacking 145

Hacking Advertising Authentication Information Security 145

Security Affairs

NOVEMBER 11, 2020

Microsoft Patch Tuesday updates for November 2020 address 112 flaws, including a Windows bug that was chained with Chrome issues in attacks. The IT giant also addressed the CVE-2020-17087 Windows flaw that was chained with the CVE-2020-15999 Chrome bug in attacks in the wild. Pierluigi Paganini.

Internet 116

Internet Internet Hacking Information Security 116

Security Affairs

DECEMBER 4, 2020

VMware addressed CVE-2020-4006 zero-day flaw in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. VMware has finally released security updates to fix the CVE-2020-4006 zero-day flaw in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector.

Passwords 127

Passwords Accountability Malware Hacking 127

Security Affairs

MARCH 18, 2021

The FBI’s Internet Crime Complaint Center has released its annual report, the 2020 Internet Crime Report , which includes data from 791,790 complaints of suspected cybercrimes. Data that emerged from the report are worrisome, in 2020 the reported losses exceeded $4.2 ” reads 2020 Internet Crime Report. billion in losses.

Internet 111

Internet Internet Scams Identity Theft 111

Security Affairs

OCTOBER 16, 2020

The Tripwire VERT security team spotted almost 800,000 SonicWall VPN appliances exposed online that are vulnerable to the CVE-2020-5135 RCE flaw. Security experts from the Tripwire VERT security team have discovered 795,357 SonicWall VPN appliances that were exposed online that are vulnerable to the CVE-2020-5135 RCE flaw.

VPN 131

VPN Firewall Advertising Internet 131

Security Affairs

SEPTEMBER 3, 2020

Cyber Defense Magazine September 2020 Edition has arrived. SecurityAffairs – hacking, Cyber Defense Magazine September 2020). The post Cyber Defense Magazine – September 2020 has arrived. appeared first on Security Affairs. Always free, no strings attached. Pierluigi Paganini.

InfoSec 86

InfoSec Mobile Advertising Marketing 86

Security Boulevard

JANUARY 31, 2021

Many thanks to BSidesSF and Conference Speakers for publishing their outstanding presentations; of which, originally appeared at the organization's BSidesSF 2020 , and on the DEF CON YouTube channel. Additionally, the BSidesSF 2021 will take place on March 6 - 9, 2021 - with no cost to participate.

Education 115

Education Information Security 115

Security Affairs

APRIL 21, 2020

The OpenSSL Project has released a security update for OpenSSL that addresses a DoS vulnerability tracked as CVE-2020-1967. The OpenSSL Project released a security update for OpenSSL that patches a high-severity vulnerability, tracked as CVE-2020-1967, that can be exploited by attackers to launch denial-of-service (DoS) attacks.

Advertising 131

Advertising Hacking Information Security 131

Security Affairs

NOVEMBER 9, 2020

TFC 2020 has come to the end, all these excellent offensive researchers and their burning 0days makes #TFC 2020 a success! pic.twitter.com/MwJLc5M0B4 — TianfuCup (@TianfuCup) November 8, 2020. — TianfuCup (@TianfuCup) November 8, 2020. Thank you all for participating and following! Pierluigi Paganini.

Hacking 135

Hacking Firmware Software Government 135

Security Boulevard

JANUARY 30, 2021

Many thanks to BSidesSF and Conference Speakers for publishing their outstanding presentations; of which, originally appeared at the organization's BSidesSF 2020 , and on the DEF CON YouTube channel. Additionally, the BSidesSF 2021 will take place on March 6 - 9, 2021 - with no cost to participate.

Education 106

Education Information Security 106

Security Affairs

NOVEMBER 7, 2020

At least one ransomware operator appears to have exploited the recently patched CVE-2020-14882 vulnerability affecting Oracle WebLogic. At least one ransomware operator appears is exploiting the recently patched CVE-2020-14882 vulnerability in Oracle WebLogic. SecurityAffairs – hacking, CVE-2020-14882). Pierluigi Paganini.

Ransomware 92

Ransomware Malware Internet Internet 92

Security Affairs

AUGUST 5, 2020

Cyber Defense Magazine august 2020 Edition has arrived. OVER 145 PAGESALWAYS FREE – LOADED WITH EXCELLENT CONTENT Learn from the experts, cybersecurity best practices Find out about upcoming information security related conferences, expos and trade shows. The post Cyber Defense Magazine – August 2020 has arrived.

B2C 83

B2C Mobile Advertising Marketing 83

Security Affairs

MARCH 12, 2020

Microsoft released security updates to fix a recently disclosed CVE-2020-0796 vulnerability in SMBv3 protocol that could be abused by wormable malware. Microsoft has released security updates to address the CVE-2020-0796 vulnerability in SMBv3 protocol that could be exploited by vxers to implement “ wormable ” malware.

Advertising 119

Advertising Internet Internet Malware 119

Security Affairs

JULY 2, 2020

Cyber Defense Magazine July 2020 Edition has arrived. OVER 165 PAGESALWAYS FREE – LOADED WITH EXCELLENT CONTENT Learn from the experts, cybersecurity best practices Find out about upcoming information security related conferences, expos and trade shows. The post Cyber Defense Magazine – July 2020 has arrived.

B2C 85

B2C Mobile Marketing Media 85

Security Affairs

JULY 8, 2020

Early June, researchers at F5 Networks have addressed a critical remote code execution (RCE) vulnerability, tracked as CVE-2020-5902, that resides in undisclosed pages of Traffic Management User Interface (TMUI) of the BIG-IP product. The CVE-2020-5902 vulnerability received a CVSS score of 10, this means that is quite easy to exploit.

Advertising 132

Advertising InfoSec Government Healthcare 132

Security Affairs

MARCH 22, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 15 to March 21, 2020. March 21, 2020 – New Coronavirus-themed attack uses fake WHO chief emails. March 19, 2020 – Coronavirus news used by Emotet and Trickbot to evade detection. Pierluigi Paganini.

Advertising 112

Advertising Cybercrime Scams Phishing 112

Security Affairs

SEPTEMBER 8, 2020

Microsoft September 2020 Patch Tuesday security updates address 129 vulnerabilities, including twenty critical remote code execution issues. The full list of vulnerabilities addressed by the September 2020 Patch Tuesday Security Updates is available here. Pierluigi Paganini.

Advertising 87

Advertising Internet Internet Hacking 87

Security Affairs

DECEMBER 1, 2020

The critical remote code execution (RCE) vulnerability CVE-2020-14882 in Oracle WebLogic is actively exploited by operators behind the DarkIRC botnet. Experts reported that the DarkIRC botnet is actively targeting thousands of exposed Oracle WebLogic servers in the attempt of exploiting the CVE-2020-14882. c25e6559668942[.]xyz.

Malware 109

Malware DDOS Hacking Cybercrime 109

Security Affairs

MARCH 22, 2021

The Kaspersky ICS CERT published a report that provided details about the threat landscape for computers in the ICS engineering and integration sector in 2020. Kaspersky ICS CERT published a report that provided details about the threat landscape for ICS engineering and integration sector in 2020. In H2 2020, 39.3%

Engineering 132

Engineering VPN Accountability Software 132

Security Affairs

NOVEMBER 11, 2020

Mozilla and Google have already fixed the critical flaws in Firefox and Chrome exploited by bug bounty hunters at 2020 Tianfu Cup hacking contest. Mozilla and Google have already addressed the critical Firefox and Chrome vulnerabilities that were recently exploited by white hat hackers at the 2020 Tianfu Cup hacking contest.

Hacking 103

Hacking Government Accountability Cybersecurity 103

Security Affairs

AUGUST 19, 2021

Threat actors breached the servers of US Census Bureau on January 11, 2020, exploiting an unpatched Citrix ADC zero-day vulnerability, OIG revealed. The report states that the servers did not provide access to 2020 decennial census networks, this means that the attacker did not interfere with the results of the census.

Hacking 117

Hacking Firewall Accountability Technology 117

Security Boulevard

FEBRUARY 9, 2021

Our thanks to BSidesSF and Conference Speakers for publishing their outstanding presentations; which originally appeared at the group's BSidesSF 2020 Conference , and on the Organization's YouTube Channel. The post BSidesSF 2020 – Larkin Ryder’s ‘Keynote: What’s New Or Not In 2020: Are We Making Progress?’

Education 69

Education Information Security 69