Krebs on Security

JUNE 12, 2019

All four are privilege escalation flaws: CVE-2019-1064 and CVE-2019-1069 affect Windows 10 and later; CVE-2019-1053 and CVE-2019-0973 both affect all currently supported versions of Windows. By the summer of 2019 Google will make Chrome users go into their settings to enable it every time they want to run it.

Security 180

Security IT 180

Krebs on Security

JULY 9, 2019

” The DHCP weakness ( CVE-2019-0785 ) exists in most supported versions of Windows server, from Windows Server 2012 through Server 2019. One of the zero-day flaws — CVE-2019-1132 — affects Windows 7 and Server 2008 systems.

Libraries 182

Libraries Security Access IT 182

Krebs on Security

DECEMBER 10, 2019

By nearly all accounts, the chief bugaboo this month is CVE-2019-1458 , a vulnerability in a core Windows component (Win32k) that is present in Windows 7 through 10 and Windows Server 2008-2019. ’ An odd discrepancy on top of a CVE advisory for an outdated OS. It is very likely this is being exploited in the wild.”

Security 145

Security Ransomware Encryption Libraries 145

Data Breach Today

JUNE 9, 2020

Increasing Use of Open Source Software Creates More Opportunities for Flaws The number of reported vulnerabilities found in open source software more than doubled in 2019 to almost 1,000, with projects such as Magento, GitLab, and Jenkins posting the largest increases, according to security firm RiskSense.

Security 207

Security 207

Krebs on Security

MARCH 12, 2019

One interesting patch from Microsoft this week comes in response to a zero-day vulnerability ( CVE-2019-0797 ) reported by researchers at Kaspersky Lab, who discovered the bug could be (and is being) exploited to install malicious software.

Security 180

Security Access IT 180

Krebs on Security

APRIL 9, 2019

According to security firm Rapid 7 , two of the vulnerabilities — CVE-2019-0803 and CVE-2019-0859 — are already being exploited in the wild. These patches apply to Windows , Internet Explorer (IE) and Edge browsers, Office, Sharepoint and Exchange.

Security 202

Security Access IT 202

Weissman's World

JANUARY 3, 2019

It’s 2019, and Steve Weissman anticipates and addresses a number of key themes for the new year: 0:44 – Metadata and database fields: ‘labels’ as the keys to … everything! The post Perspective Check – Anticipation 2019 appeared first on Holly Group. 4:08 […].

Metadata 166

Metadata Marketing Information governance ECM 166

Data Breach Today

APRIL 5, 2019

A Guide to Video Interviews With Thought Leaders at This Year's Event At RSA Conference 2019 in San Francisco, Information Security Media Group's editorial team conducted more than 100 video interviews with industry thought leaders. Here are the highlights.

Information Security 223

Information Security Security 223

Krebs on Security

FEBRUARY 12, 2019

Microsoft patched a bug in Internet Exploder Explorer ( CVE-2019-0676 ) discovered by Google that attackers already are using to target vulnerable systems. That flaw, CVE-2019-0626 , could let an attacker execute malcode of his choice just by sending the target a specially crafted DHCP request. Windows DHCP client”).

Security 176

Security Access IT 176

Krebs on Security

AUGUST 13, 2019

“According to Microsoft, at least two of these vulnerabilities ( CVE-2019-1181 and CVE-2019-1182 ) can be considered ‘wormable’ and [can be equated] to BlueKeep,” referring to a dangerous bug patched earlier this year that Microsoft warned could be used to spread another WannaCry-like ransomware outbreak.

Ransomware 190

Ransomware Security Authentication Access 190

Data Breach Today

APRIL 17, 2019

Facebook's Cryptocurrency Folly, Scaling Security and Why Doomsday Is Temporary From blockchains and surveillance to backdoors and GDPR, a group of leading cryptographers rounded up the top cybersecurity and privacy matters of the day at the cryptographers' panel held at the recent RSA Conference 2019 in San Francisco.

GDPR 249

GDPR Blockchain Cybersecurity Privacy 249

Data Breach Today

MARCH 14, 2019

Carbon Black's Tom Kellermann on Latest Threats to Banks Carbon Black and Optiv have released their 2019 Modern Bank Heists report, which unveils the latest cyber threats to global banking institutions. Report co-author Tom Kellermann discusses the findings and what they mean.

191

191

Krebs on Security

JANUARY 9, 2019

All things considered, this first Patch Tuesday of 2019 is fairly mild, bereft as it is of any new Adobe Flash updates or zero-day exploits. Among the more eyebrow-raising flaws fixed this week is CVE-2019-0547 , a weakness in the Windows component responsible for assigning Internet addresses to host computers (a.k.a.

Security 172

Security IT 172

Data Breach Today

DECEMBER 22, 2018

A Summary of the Best Predictions for Next Year What's ahead for the cybersecurity landscape in 2019? We've received many lists of predictions from vendors and analysts for next year, and we've picked out five of the most interesting ones.

Cybersecurity 232

Cybersecurity 232

Data Breach Today

JANUARY 3, 2019

Joram Borenstein, general manager of Microsoft's Cybersecurity Solutions Group, discusses his top three concerns for 2019. With an operating system that's used by 90 percent of Fortune 500 companies, Microsoft closely monitors cyberattack trends.

Cybersecurity 204

Cybersecurity 204

Data Breach Today

APRIL 1, 2019

Cybersecurity 'Things Can Only Get Better' as Conference Marks Its 28th Year Keynotes and briefings at the recent 28th annual RSA Conference 2019 covered a wide range of topics, including privacy, hackers, cyber extortion, machine learning, artificial intelligence, human psychology, legal matters, career advice and internet-connected device concerns. (..)

Artificial Intelligence 164

Artificial Intelligence Cybersecurity Privacy IT 164

Krebs on Security

SEPTEMBER 10, 2019

Two of the bugs quashed in this month’s patch batch ( CVE-2019-1214 and CVE-2019-1215 ) involve vulnerabilities in all supported versions of Windows that have already been exploited in the wild.

Security 154

Security Access IT 154

Data Breach Today

DECEMBER 28, 2018

Leading the latest edition of the ISMG Security Report: Microsoft's Joram Borenstein highlights his top three areas of focus for 2019. Plus, Randy Vanderhoof of the US Payments Forum on securing card transactions in the coming year.

Cybersecurity 189

Cybersecurity Security 189

Security Affairs

JANUARY 18, 2020

According to the IC3 Annual Report released in April 2019 financial losses reached $2.7 The total cost of cybercrime for each company in 2019 reached US$13M. According to the 2019 Data Breach Investigations Report , 43% of all nefarious online activities impacted small businesses. Financial losses reached $2.7 billion in 2018.

Data breaches 134

Data breaches Cybersecurity Ransomware IoT 134

Hunton Privacy

MAY 20, 2020

On May 18, 2020, the European Data Protection Board (“EDPB”) released its Annual Report (the “Report”) providing details of the EDPB’s work in 2019. The EDPB adopted five new guidelines in 2019, providing clarification on the law.

GDPR 132

GDPR Artificial Intelligence Personal data Blockchain 132

Data Breach Today

JANUARY 8, 2019

Attorney David Holtzman Highlights Three Issues to Track What are the top regulatory trends to look for in the healthcare sector in 2019? Privacy attorney David Holtzman pinpoints three key issues to watch.

Data Privacy 159

Data Privacy Privacy 159

Security Affairs

FEBRUARY 18, 2020

Having said that I found Income Tax Department India and MIT Sloan was also vulnerable to CVE-2019-0604 a remote code execution vulnerability which exists in Microsoft SharePoint. Aside, MIT Sloan School of Management was also found to be vulnerable with CVE-2019-0604. SecurityAffairs – hacking, CVE-2019-0604).

Security 116

Security Government IT Information Security 116

Hunton Privacy

JULY 8, 2020

On July 1, 2020, the Dutch Data Protection Authority ( Autoriteit Persoonsgegevens , the “Dutch DPA”) published its 2019 annual report (the “Report”). The Report shows that in 2019, the Dutch DPA focused on enforcement actions, after having raised awareness about the EU General Data Protection Regulation (the “GDPR”) in 2018.

Data breaches 101

Data breaches Personal data GDPR Privacy 101

Dark Reading

DECEMBER 9, 2020

After lagging 2019 numbers in the first quarter, vulnerabilities have surged in the rest of 2020, leading researchers to predict that final numbers for this year will meet or exceed those of last year, report says.

110

110

Security Affairs

NOVEMBER 30, 2021

Cybersecurity researchers from Kaspersky have detailed the activity of a threat actor named WIRTE that is targeting government, diplomatic entities, military organizations, law firms, and financial institutions in Middle East since early 2019. “In our initial sample analysis, the C2 domain we observed was stgeorgebankers[.]com.

Military 112

Military Cybersecurity Phishing Government 112

Security Affairs

MARCH 7, 2020

A new vulnerability, tracked as CVE-2019-0090 , affects all Intel chips that could allow attackers to bypass every hardware-enabled security technology. Security experts from Positive Technologies warn of a new vulnerability, tracked as CVE-2019-0090, that affects all Intel processors that were released in the past 5 years.

Security 129

Security Authentication Encryption Access 129

Adam Levin

FEBRUARY 25, 2020

The number of stalkerware apps detected on smartphones increased in 2019, a full 60% over the previous year according to a new report released by Kaspersky Labs. . This is thought to be the way Amazon founder and CEO Jeff Bezos was hacked in 2019. The post Stalkerware Installations Up 60% in 2019 appeared first on Adam Levin.

Phishing 94

Phishing Privacy Security Authentication 94

Security Affairs

FEBRUARY 12, 2020

The FBI’s Internal Crime Complaint Center (IC3) released the FBI 2019 Internet Crime Report , a document that outlines cybercrime trends over the past year. Here we are to analyze the annual FBI 2019 Internet Crime Complaint Center (IC3) , one of the most interesting documents on the crime trends observed in the last 12 months.

Phishing 111

Phishing Ransomware Security IT 111

Hunton Privacy

JUNE 10, 2020

On June 9, 2020, the French Data Protection Authority (the “CNIL”) published its Annual Activity Report for 2019 (the “Report”). The Report provides an overview of the CNIL’s enforcement activities in 2019. The CNIL received 2,287 data breach notifications in 2019. The CNIL served 42 formal notices to companies in 2019.

Personal data 90

Personal data Data breaches Passwords Access 90

Security Affairs

APRIL 3, 2021

More clients of Capital One have been impacted in the 2019 data breach, the US bank is notifying them of their SSNs exposure. US bank Capital One notified a number of additional customers that their Social Security numbers were exposed in the data breach that took place in July 2019. District Court in Seattle. Pierluigi Paganini.

Data breaches 92

Data breaches Security Access Information Security 92

Security Affairs

JANUARY 8, 2019

Wondering about the state of global cybersecurity in 2019? It’s not a surprise that 2019 is estimated to see more than $124 billion spent on cybersecurity — 8.7 2019 will probably see a kind of democratization of cybersecurity. This bodes ill for 2019. percent growth over the previous year.

Cybersecurity 91

Cybersecurity IoT Security Passwords 91

Security Affairs

MAY 28, 2020

National Security Agency (NSA) is warning that Russia-linked APT group tracked Sandworm Team has been exploiting a critical vulnerability (CVE-2019-10149) in the Exim mail transfer agent (MTA) software since at least August 2019. The CVE-2019-10149 flaw, aka “The Return of the WIZard,” affects versions 4.87

Security 111

Security Systems administration Military Access 111

Security Affairs

MARCH 27, 2020

Google announced to have warned users of almost 40,000 alerts of state-sponsored phishing or malware attacks during 2019. Google shared data on alerts related to state-sponsored attacks, the tech giant revealed that it issued almost 40,000 alerts of state-sponsored phishing or malware attacks to its users during 2019.

Phishing 119

Phishing Passwords Security Risk 119

Security Affairs

FEBRUARY 7, 2021

According to a report published by the industrial cybersecurity firm Claroty that focuses on the second half of 2020, the number of flaws discovered in industrial control system (ICS) products in 2020 (893 flaws) was 24,72% higher compared to 2019. ” reads the report published by Claroty. Pierluigi Paganini.

Security 131

Security Cybersecurity Risk Manufacturing 131

Security Affairs

MARCH 23, 2019

Pwn2Own 2019 Day 3 – Experts earned $35,000 and a Tesla Model 3 after hacking the vehicle’s web browser. Pwn2Own 2019 Day 3 – Hackers focused their efforts on car hacking, two teams participated in the competitions but only one of them reached the goal. SecurityAffairs – Pwn2Own 2019, hacking). Pierluigi Paganini.

Security 108

Security 108

Security Affairs

AUGUST 29, 2022

The post Nitrokod crypto miner infected systems across 11 countries since 2019 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, Nitrokod ).

Mining 94

Mining Security Information Security IT 94