Archive - March 2020

Critical flaws in DrayTek Vigor routers patched following attacks 31 March 2020 at 16:58 UTC Second Marriott mega-breach airs the privates of 5.2m 31 March 2020 at 15:14 UTC Security software discovery tops latest Mitre ATT&CK threat list 31 March 2020 at 14:01 UTC Bug Bounty Radar // The latest bug bounty programs for March 2020 31 March 2020 at 13:21 UTC WordPress 5.4 lands with enhanced privacy controls 31 March 2020 at 11:58 UTC Pi-hole ad-blocking technology hack exposed 30 March 2020 at 16:08 UTC Carnegie Mellon University launches cybersecurity course to fill the US skills gap 30 March 2020 at 13:29 UTC USB phishing attack baits victims with $50 gift card 30 March 2020 at 10:23 UTC Russian-speaking cybercrime crews branch out with attacks against western European manufacturers 27 March 2020 at 16:28 UTC Opt-out button gets scrapped in latest round of CCPA amendments 27 March 2020 at 14:46 UTC We want options: Google answers call for full URL presentation in Chrome 27 March 2020 at 13:48 UTC Coronavirus cyber-attacks expose ‘cyber poverty gap’ – World Economic Forum 26 March 2020 at 17:08 UTC UK organizations becoming more resilient to data breaches and cyber-attacks 26 March 2020 at 16:08 UTC Will the coronavirus pandemic impact browser security? 26 March 2020 at 15:14 UTC Out on Safari: Apple touts third-party cookie blocking in WebKit browser engine 26 March 2020 at 11:55 UTC Coronavirus: NHS delays healthcare security audit amid heightened cyber risk 25 March 2020 at 16:09 UTC Back on the Rails: XSS flaw patched in Action View Ruby Gem 25 March 2020 at 15:09 UTC Kr00k exploit tool allows pen testers to probe for WiFi security vulnerability 25 March 2020 at 13:03 UTC Coronavirus response: ITU unveils platform for reinforcing global telecoms infrastructure 24 March 2020 at 16:36 UTC Bug bounty platforms step up as coronavirus forces businesses to implement work from home policies 24 March 2020 at 15:04 UTC Microsoft offers mitigations against unpatched Windows font handler security flaw 24 March 2020 at 13:08 UTC Healthcare data breach: Medical device manufacturer discloses phishing attack 23 March 2020 at 17:23 UTC Email security: Mail.ru patches critical memory disclosure flaw 23 March 2020 at 15:56 UTC Web-based attack crashes Tesla driver interface 23 March 2020 at 14:20 UTC Coronavirus fraud: DoJ takes action against website claiming to offer Covid-19 vaccine 23 March 2020 at 13:09 UTC Pwn2Own 2020: Live hacking contest goes virtual amid coronavirus pandemic 20 March 2020 at 17:03 UTC Coronavirus: US emergency funding for federal agencies targets home working security 20 March 2020 at 16:07 UTC XSS vulnerability in CKEditor prompts need for Drupal update 20 March 2020 at 14:20 UTC EU signals future ‘right to repair’ legislation for smartphone users in member states 20 March 2020 at 12:06 UTC Google develops Linux tool that tackles USB keystroke injection attacks 19 March 2020 at 16:24 UTC Coronavirus response: How security certification and training orgs are tackling the global disruption 19 March 2020 at 15:16 UTC TLS 1.0/1.1 end of life: Support deadline looms for website encryption laggards 19 March 2020 at 13:53 UTC Coronavirus: Malwarebytes identifies new e-book phishing scam impersonating the WHO 19 March 2020 at 11:57 UTC SHIELD Act: New York businesses have less than a week to get their data security policies in order 18 March 2020 at 16:12 UTC Coronavirus: How to work from home securely during a period of isolation 18 March 2020 at 15:00 UTC Alternative routing: ProtonMail to add new anti-censorship feature 18 March 2020 at 11:45 UTC Coronavirus pandemic fuels phishing and malware surge 17 March 2020 at 17:10 UTC ‘Expertise is clearly lacking’ – CEPOL boss on why the EU needed a cybercrime academy 17 March 2020 at 14:13 UTC DDoS suspicions: US health department investigating ‘significant increase’ in traffic 17 March 2020 at 13:17 UTC BookStack struck by RCE security bug 16 March 2020 at 15:20 UTC Vulnerabilities in web and app frameworks fall, but weaponization rate jumps – study 16 March 2020 at 13:28 UTC Princess Cruises: Shipping company caught in coronavirus epidemic discloses data breach impacting guests and crew 16 March 2020 at 11:32 UTC Interview – Corelight’s Richard Bejtlich on cyber warfare and the origin of the term ‘APT’ 13 March 2020 at 15:43 UTC Europol issues warning over rise in SIM-swap attacks 13 March 2020 at 14:40 UTC Windows SMB: Accidental bug disclosure prompts emergency security patch 13 March 2020 at 12:45 UTC DarkScandals: Dutch and US authorities take down child abuse website 13 March 2020 at 11:53 UTC US healthcare technology: Move to standardize APIs for patient data access receives mixed response 12 March 2020 at 15:38 UTC Australia data breach: 90,000 staff, students, suppliers impacted at Melbourne Polytechnic 12 March 2020 at 14:25 UTC Google awards $100k to Dutch bug hunter for cutting-edge cloud security research 12 March 2020 at 11:50 UTC PwndLocker ransomware decryptor offers victims a life raft 11 March 2020 at 15:58 UTC Medical Device Regulation: EU to give €100bn MedTech industry a security health check 11 March 2020 at 14:45 UTC WordPress Terror: Researchers discover a massive 5,000 security flaws in buggy plugins 11 March 2020 at 12:44 UTC Hacking the hackers: RAT malware campaign targeting script kiddies 10 March 2020 at 16:18 UTC Vulnerable TV streaming app could give attackers full control over users’ devices 10 March 2020 at 15:25 UTC SwigCast, Episode 6: EDUCATION 10 March 2020 at 14:30 UTC Jenkins security: Latest advisory highlights more than 20 vulnerable plugins 10 March 2020 at 11:34 UTC AI-powered honeypots: Machine learning may help improve intrusion detection 09 March 2020 at 15:50 UTC Zoho issues fix for critical ManageEngine bug 09 March 2020 at 14:48 UTC Threat Dragon: OWASP launches desktop version of popular threat modeling tool 09 March 2020 at 11:35 UTC US pledges $8m to Ukraine’s cybersecurity defense 06 March 2020 at 16:41 UTC RSA retrospective: We need to democratize and demystify security for the masses 06 March 2020 at 15:52 UTC BSides Cairo: The security conference that’s building information sharing from the ground up 06 March 2020 at 15:03 UTC Solar panels expose home WiFi networks to password theft, remote attacks 06 March 2020 at 11:48 UTC IoT security: Singapore launches labeling scheme for WiFi routers and home hubs 05 March 2020 at 20:07 UTC High severity regex bugs discovered in Parse Server 05 March 2020 at 16:06 UTC Cisco fixes Webex video conferencing RCE vulnerability 05 March 2020 at 15:15 UTC Level up: How an increase in bug bounty programs is protecting online gamers 05 March 2020 at 12:42 UTC Let’s Encrypt scrambles to manage fallout from digital certificate system bug 04 March 2020 at 15:48 UTC DMARC email authentication: Increased adoption obscures poor enforcement problem 04 March 2020 at 14:12 UTC Data rights in Canada: Quebec to modernize its privacy law with a GDPR-style flair 03 March 2020 at 16:32 UTC ‘We’re our own focus group’ – Ning Wang on security certification, training, and keeping Kali Linux on top 03 March 2020 at 15:19 UTC Europol joins forces with European financial giants to tackle rise in organized cybercrime 03 March 2020 at 12:36 UTC NIST puts forward regional roadmap to fill the cyber skills gap 02 March 2020 at 15:00 UTC GadgetProbe: New tool simplifies the exploitation of Java deserialization vulnerabilities 02 March 2020 at 12:48 UTC RiskIQ report: Google improves mobile app security on Play Store 02 March 2020 at 11:00 UTC