News
News
- November 08, 2019
08 Nov'19
ConnectWise ransomware attacks affecting Automate customers
ConnectWise warned that ransomware attacks are targeting open ports for its Automate on-premises application, but the company has offered few details about the nature of the attacks.
- November 07, 2019
07 Nov'19
Trend Micro insider threat steals, sells customer data
A Trend Micro employee stole and sold customer support data, which was used by a malicious third-party actor to scam consumer customers of the cybersecurity company.
- November 07, 2019
07 Nov'19
SSL certificate abuse drives growing number of phishing attacks
Phishing attacks against the United Nations and humanitarian organizations show how threat actors are weaponizing valid SSL certificates and how hard it is to stop the abuse.
-
- November 06, 2019
06 Nov'19
Firefox bug is enabling attackers to freeze out users
A recently reported bug in Firefox allows spammed authentication dialogs to lock users out of their browsers and it is under attack in the wild, despite previous efforts to patch.
- November 05, 2019
05 Nov'19
First BlueKeep attacks in the wild may be dark portents
Following months of warnings from law enforcement and the infosec community, the first BlueKeep exploit campaign was discovered in the wild and experts say it won't be the last.
- November 04, 2019
04 Nov'19
Assessing the value of personal data for class action lawsuits
Determining the value of consumers' personal data exposed in a breach can be a challenge. Security and legal experts discuss what factors are involved in the equation.
- November 01, 2019
01 Nov'19
Threat Stack Application Security Monitoring adds Python support
Now supporting both Python and Node.js, Application Security Monitoring can identify risk throughout the software development lifecycle for both third-party and native code.
- October 31, 2019
31 Oct'19
Adsterra still connected to malvertising campaign, despite denials
Despite a pledge of "zero tolerance" for malicious activity, ad network Adsterra was found to be once again connecting with the Master134 malvertising campaign.
- October 30, 2019
30 Oct'19
Imperva CEO steps down following breach investigation
Chris Hylen unexpectedly stepped down as CEO of Imperva in the wake of a data breach involving cloud WAF customer data, though it's unclear if the two events are connected.
- October 30, 2019
30 Oct'19
Splunk Mission Control launch enables a unified SOC
Mission Control is intended to unify Splunk Enterprise Security, Splunk Phantom and Splunk User Behavior Analytics into the Splunk Security Operations Suite.
-
- October 29, 2019
29 Oct'19
Adobe exposure includes data on 7.5 million users
Adobe exposed data on 7.5 million users and employees and one expert says the incident highlights why production data shouldn't be used in test environments.
- October 25, 2019
25 Oct'19
Cyber insurance has changed incident response -- for better or worse
Cyber insurance carriers are assuming greater control over how enterprises conduct incident response, which has caused angst and frustration among some security vendors.
- October 23, 2019
23 Oct'19
Another CCleaner attack hits Avast supply chain
Avast was able to stop an attempted supply chain attack targeting its CCleaner software, but experts say all enterprises should be wary of similar supply chain attacks.
- October 22, 2019
22 Oct'19
Forcepoint Web Security offering reaches for the edge
Forcepoint has delivered a web-based security tool leveraging elastic cloud gateway technology that allows admins to access content from any remote location.
- October 22, 2019
22 Oct'19
Bugcrowd launches Attack Surface Management platform
The new platform provides an extra layer of testing by sending its findings to Bugcrowd's crowdsourced security testing tools.