Security News

All the security features added in the Windows 10 May 2020 update

ZDNet Zero Day - Wed, 05/27/2020 - 23:20
Windows 10 v2004 comes with Windows Sandbox improvements, WiFi 6, WPA3, and Windows Hello in Safe Mode.
Categories: Security News

Valak targets Microsoft Exchange servers to steal enterprise data

ZDNet Zero Day - Wed, 05/27/2020 - 23:00
The malware has been “dramatically changed” in the past six months.
Categories: Security News

Michigan State University hit by ransomware gang

ZDNet Zero Day - Wed, 05/27/2020 - 20:53
The operators of the NetWalker ransomware gang have given MSU officials seven days to pay the ransom or they will leak stolen university files.
Categories: Security News

Google highlights Indian 'hack-for-hire' companies in new TAG report

ZDNet Zero Day - Wed, 05/27/2020 - 16:43
Google also discloses seven coordinated political influence campaigns that took place on its platforms during Q1 2020.
Categories: Security News

Microsoft warns about attacks with the PonyFinal ransomware

ZDNet Zero Day - Wed, 05/27/2020 - 11:58
PonyFinal infections have been reported in India, Iran, and the US.
Categories: Security News

OpenSSH to deprecate SHA-1 logins due to security risk

ZDNet Zero Day - Wed, 05/27/2020 - 09:45
Breaking a SHA-1-generated SSH authentication key now costs roughly $50,000, putting high-profile remote servers at risk of attacks.
Categories: Security News

Websites Conducting Port Scans

Schneier on Security - Wed, 05/27/2020 - 06:45
Security researcher Charlie Belmer is reporting that commercial websites such as eBay are conducting port scans of their visitors. Looking at the list of ports they are scanning, they are looking for VNC services being run on the host, which is the same thing that was reported for bank sites. I marked out the ports and what they are known... Bruce Schneier
Categories: Security News

New fuzzing tool finds 26 USB bugs in Linux, Windows, macOS, and FreeBSD

ZDNet Zero Day - Wed, 05/27/2020 - 06:23
Eighteen of the 26 bugs impact Linux. Eleven have been patched already.
Categories: Security News

26 million LiveJournal credentials leaked online, sold on the dark web

ZDNet Zero Day - Tue, 05/26/2020 - 19:55
LiveJournal credentials were obtained in a 2014 hack, but leaked online earlier this month.
Categories: Security News

Qihoo & Baidu disrupt malware botnet with hundreds of thousands of victims

ZDNet Zero Day - Tue, 05/26/2020 - 10:18
There's malware in China, too. Meet DoubleGuns, one of China's largest malware botnets.
Categories: Security News

Europol, Capgemini team up in cybercrime prevention, awareness campaigns

ZDNet Zero Day - Tue, 05/26/2020 - 07:01
Capgemini is now also supporting the No More Ransom Project.
Categories: Security News

Bluetooth Vulnerability: BIAS

Schneier on Security - Tue, 05/26/2020 - 06:54
This is new research on a Bluetooth vulnerability (called BIAS) that allows someone to impersonate a trusted device: Abstract: Bluetooth (BR/EDR) is a pervasive technology for wireless communication used by billions of devices. The Bluetooth standard includes a legacy authentication procedure and a secure authentication procedure, allowing devices to authenticate to each other using a long term key. Those procedures... Bruce Schneier
Categories: Security News

Forescout files lawsuit against Advent for withdrawal of merger plans due to COVID-19

ZDNet Zero Day - Tue, 05/26/2020 - 06:26
Advent says the pandemic has resulted in “material” changes at Forescout. The company disagrees.
Categories: Security News

EasyJet faces £18 billion class-action lawsuit over data breach

ZDNet Zero Day - Tue, 05/26/2020 - 05:38
The lawsuit aims to secure up to £2,000 per impacted customer.
Categories: Security News

Turla hacker group steals antivirus logs to see if its malware was detected

ZDNet Zero Day - Tue, 05/26/2020 - 04:30
Turla, one of Russia's most advanced hacker groups, has created malware that gets its orders from email attachments sent to an arbitrary Gmail inbox.
Categories: Security News

RangeAmp attacks can take down websites and CDN servers

ZDNet Zero Day - Mon, 05/25/2020 - 16:28
Twelve of thirteen CDN providers said they fixed or planned to fix the problem.
Categories: Security News

Thousands of enterprise systems infected by new Blue Mockingbird malware gang

ZDNet Zero Day - Mon, 05/25/2020 - 09:33
Hackers are exploiting a dangerous and hard to patch vulnerability to go after enterprise servers.
Categories: Security News

New Unc0ver jailbreak released, works on all recent iOS versions

ZDNet Zero Day - Sun, 05/24/2020 - 05:52
New "Unc0ver" jailbreak unlocks devices, even those running the current iOS 13.5 release.
Categories: Security News