Top

Cloud security, Hacker, Network security, Threats & Malware

AWS: No Significant Issues at Other Alleged Targets of Capital One Hacker

August 19, 2019

Via: Security Week

Thompson, who used the online moniker “erratic,” has been accused of accessing the personal information of roughly 106 million people — 100 million in the United States and 6 million in Canada — including, in some cases, social security numbers […]


Cyber-crime, Email security, Phishing, Security

Energy Sector Phish Swims Past Microsoft Email Security via Google Drive

August 16, 2019

Via: Threat Post

A targeted spearphishing campaign has hit an organization in the energy sector – after using a savvy trick to get around the company’s Microsoft email security stack. According to Aaron Riley, a researcher from Cofense, the campaign impersonated the CEO […]


Network security, Threats & Malware, Vulnerabilities

Digital transformation helps companies work smarter yet makes them vulnerable to breaches

August 16, 2019

Via: Help Net Security

While digital transformation helps companies work smarter, there is a risk that the ongoing digitization may unlock a host of security vulnerabilities that can cost companies money, time, intellectual property, and customer trust, according to a Canon survey. All organizations […]


Network security

3,813 breaches were reported through June 30, exposing over 4.1 billion records

August 16, 2019

Via: Help Net Security

The number of reported breaches has gone up by 54% and the number of exposed records by 52% compared to the first six months of 2018 according to the 2019 MidYear QuickView Data Breach Report, released by Risk Based Security. […]


Threats & Malware, Vulnerabilities

Critical Bluetooth flaw opens millions of devices to eavesdropping attacks

August 16, 2019

Via: Help Net Security

A newly disclosed vulnerability (CVE-2019-9506) in the Bluetooth Core Specification can be exploited by attackers to intercept and manipulate Bluetooth communications/traffic between two vulnerable devices. Researchers Daniele Antonioli, Nils Ole Tippenhauer and Kasper Rasmussen discovered the flaw and demonstrated a […]


Mobile security, Vulnerabilities

Lenovo Warns of ThinkPad Bugs, One Unpatched

August 15, 2019

Via: Threat Post

Dozens of Lenovo’s flagship ThinkPad models are vulnerable to bugs ranging in severity from low to high. Two of the flaws are tied to industry-wide security bulletins, while a medium-severity flaw affects only Lenovo laptops but remains unpatched. The most […]


Hacker, Threats & Malware

Thefts from cryptocurrency exchanges continue despite increased security

August 15, 2019

Via: Help Net Security

Although exchanges, wallets and other cryptocurrency custody services are strengthening their defenses, attackers continue to innovate and outpace even the current state of the cybersecurity art, according to CipherTrace. Even Binance, the world’s number-one cryptocurrency exchange, lost tens of millions […]


Hacker, Network security, Threats & Malware

Hackers steal 700,000 guest records from Choice Hotels

August 15, 2019

Via: Hot for Security

Choice Hotels, a hospitality franchisor based in Maryland that owns chains such as Comfort Inn, MainStay Suites, Econo Lodge and Cambria Hotels, has suffered a cyber incident that exposed 700,000 guest records, including full names, addresses, phone numbers, email addresses […]


Threats & Malware, Vulnerabilities

Patch time! Microsoft warns of new worm-ready RDP bugs

August 14, 2019

Via: Naked Security

Microsoft’s Patch Tuesday bought some very bad news yesterday: more wormable RDP vulnerabilities, this time affecting Windows 10 users. CVE-2019-1181 and -1182 are critical vulnerabilities in Remote Desktop Services (formerly Windows Terminal) that are wormable – similar to the BlueKeep […]


Access control, Cyber-crime, Identity theft, Security

Protecting your organization against privileged identity theft

August 14, 2019

Via: Help Net Security

What do the top data breaches of the 21st century have in common? Privileged identity abuse. In these breach instances, well-resourced, external actors were able to gain the credentials of users with access to privileged accounts – such as administrative, […]