Krebs on Security

OCTOBER 12, 2020

Microsoft Corp. has executed a coordinated legal sneak attack in a bid to disrupt the malware-as-a-service botnet Trickbot , a global menace that has infected millions of computers and is used to spread ransomware. A court in Virginia granted Microsoft control over many Internet servers Trickbot uses to plunder infected systems, based on novel claims that the crime machine abused the software giant’s trademarks.

Healthcare 343

Healthcare Internet Internet Ransomware 343

Schneier on Security

OCTOBER 12, 2020

Five researchers hacked Apple Computer’s networks — not their products — and found fifty-five vulnerabilities. So far, they have received $289K. One of the worst of all the bugs they found would have allowed criminals to create a worm that would automatically steal all the photos, videos, and documents from someone’s iCloud account and then do the same to the victim’s contacts.

Hacking 341

Hacking Accountability 341

Tech Republic Security

OCTOBER 12, 2020

Cyberattacks have surged during the coronavirus pandemic. This infographic details ransomware attack trends by industry, continent, and more.

Ransomware 209

Ransomware 209

Security Affairs

OCTOBER 12, 2020

Security experts from Cyble found alleged sensitive documents of NATO and Turkey, is it a case of cyber hacktivism or cyber espionage? Researchers from the US-based firm Cyble recently came across a post shared by an unknown threat actor that goes online with the moniker Spectre123, where he has allegedly leaked the sensitive documents of NATO and Havelsan (Turkish Military/defence manufacturer).

Advertising 128

Advertising Manufacturing Cyber Attacks Hacking 128

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Dark Reading

OCTOBER 12, 2020

With National Cybersecurity Awareness Month shining a spotlight on the healthcare industry, security pros share best practices for those charged with protecting these essential organizations.

Healthcare 111

Healthcare Cybersecurity 111

Security Affairs

OCTOBER 12, 2020

Researchers received hundreds of thousands of dollars in bug bounties for reporting 55 vulnerabilities as part of the Apple bug bounty program. A team of researchers composed of Sam Curry, Brett Buerhaus, Ben Sadeghipour, Samuel Erb and Tanner Barnes reported a total of 55 flaws to Apple as part of the company bug bounty program. The flaws were all covered by Apple’s bug bounty program, 11 vulnerabilities have been rated critical and 29 rated high severity.

Advertising 108

Advertising Authentication Education Hacking 108

Security Affairs

OCTOBER 12, 2020

A joint operation conducted by FS-ISAC, ESET, Lumen’s Black Lotus Labs, NTT, Symantec, and Microsoft aimed at takedown the TrickBot botnet. Microsoft’s Defender team, FS-ISAC , ESET , Lumen’s Black Lotus Labs , NTT , and Broadcom’s cyber-security division Symantec joint the forces and announced today a coordinated effort to take down the command and control infrastructure of the infamous TrickBot botnet.

Banking 96

Banking Malware Advertising Financial Services 96

Dark Reading

OCTOBER 12, 2020

Microsoft and security firms ESET, Black Lotus Labs, and Symantec collaborated with the financial services industry to cut off the ransomware operation's C2 infrastructure.

Financial Services 124

Financial Services Ransomware 124

Trend Micro

OCTOBER 12, 2020

Trend Micro ELF Hash (aka telfhash) is now officially supported on VirusTotal! Here's a guide on how malware researchers can use this clustering algorithm to pivot from one malware sample to another.

Malware 56

Malware IoT 56

Dark Reading

OCTOBER 12, 2020

Researchers explain how security practitioners can recognize when a seemingly benign device could be malicious.

IoT 111

IoT 111

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

SecureWorld News

OCTOBER 12, 2020

Do you have anyone at your organization with a security clearance? Do you personally have a clearance or did you in the past? If so, you should be aware of a cyber-enabled scheme that China is running to recruit U.S. citizens. The U.S. Department of Justice revealed detailed tactics in a recent court case. The case was specifically targeting employees at U.S.

Government 56

Government Advertising Education Security Awareness 56

Dark Reading

OCTOBER 12, 2020

Even if you can't see your employees in the office, they still need to be reminded that criminals are always trying to spot a weak link in the chain.

90

90

Security Affairs

OCTOBER 12, 2020

US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) published a joint security alert to warn of attackers combining VPN and Windows Zerologon flaws to target government networks.

VPN 137

VPN Government Authentication Advertising 137

Dark Reading

OCTOBER 12, 2020

The attack, which now includes extortion components, has moved into its second week.

Software 97

Software Ransomware 97

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

SecureWorld News

OCTOBER 12, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a new joint alert about nation-state linked cyberattacks targeting both organizations and government agencies. And with very little daylight left between now and election day, CISA says the threat actors have managed to access 'election support systems.'. Malicious cyber actors are exploiting legacy vulnerabilities against SLTT, Critical Infrastructure, and Elections Organizations.

VPN 66

VPN InfoSec Government Accountability 66

Dark Reading

OCTOBER 12, 2020

Many services advertise E2EE, but not all of them actually offer it.

Encryption 72

Encryption Advertising 72

Dark Reading

OCTOBER 12, 2020

Even if you can't see your employees in the office, they still need to be reminded that criminals are always trying to spot a weak link in the chain.

51

51