Cybersecurity | SC Media

Cybersecurity

SC exclusive: New secured phishing site goes up every two minutes

By

Threat actors are playing by the rules, or at least tricking your browser into thinking they are, in order to deliver more effective attacks. Wandera researchers noticed an increase in threat actors leveraging HTTPS and SSL certificates to “secure” their phishing sites leading to 60 percent of their monitored malicious traffic being encrypted using HTTPS.…

Top FBI official calls Chinese cyberespionage ‘most severe’ threat to American security

By

FBI counterintelligence division head E.W. “Bill” Priestap Wednesday said Chinese cyberespionage poses the “most severe” threat to American security at a Senate Judiciary Committee hearing on “Non-Traditional Espionage Against the United States.” Priestap said China’s Communist Party “dominates every facet of Chinese life,” from religion to freedom of expression and business and that “it is…

Ethical hacking growing in popularity as data breaches increase, report

By

As the idea of ethical hacking begins to resonate more with the general public, it has inspired more people ranging from aspiring hackers to seasoned security professionals to join the hacking community and seek out crowdsourced security testing programs to hunt bug bounties. And judging by how 71 percent of cybercriminals can breach a perimeter…

Microsoft Patch Tuesday includes fix for actively exploited zero-day

By

Microsoft addressed nearly 40 vulnerabilities including and actively exploited zero-day, in its December 2018 Patch Tuesday release. Several of the issues were rated critical or important and or dealt with remote code execution flaws in Windows including one vulnerability that was actively being exploited in the wild. “One of the most important flaws is a…

Patch Tuesday

Patch Tuesday: 87 CVEs, 39 critical

By

This Patch Tuesday, Adobe has published a security bulletin for Adobe Acrobat and Reader to address critical and important vulnerabilities, which could lead to arbitrary code execution in the context of the current user.   The vulnerabilities include five Critical arbitrary code execution flaws, a Critical privilege escalation flaw, and three Important Information Disclosure flaws, according to the…

City of North Bend hit with ransomware

By

The city of North Bend, Ore., was hit with a ransomware attack which temporarily locked out city workers from their computers and databases. “One weekend morning a few weeks back all of our servers and things locked up, and we received a ransomware note that said for $50,000 in Bitcoin these people would provide us…

Sextortion scandals add GandCrab ransomware to the attack

By

In the latest rendition of a sextortion plot that has been using public breach data to trick victims into thinking they were hacked, cybercriminals have added the inevitable ransomware update to the scam. The malware attacks usually consist of a statement that the recipients devices has been compromised with a spyware or a key logger,…

Marriott will pay to replace passports after breach

By

After its breach, which compromised the personal data of 500 million customers, Marriott has agreed to pay for new passports if it has found that “fraud has taken place.” Sen. Charles E. Schumer, D-N.Y., on Sunday suggested the hotel chain cover the $110 charged to customers requesting new passports after the breach. While the hotel…

Shellshock vulnerabilities exploited in the wild

Researchers uncover 21 Linux malware families

By

ESET researchers examined the inner workings of 21 different Linux malware families all operating as trojanized versions of the OpenSHH client. Researchers noted 12 of the malwares were previously undocumented, 18 had credential-stealing features and 17 featured a backdoor mode, according to the company’s “The Dark Side Of The FORSSHE: A landscape of OpenSSH backdoors”…

Apple releases security updates for iOS, iTunes, more

By

Apple has released security updates for several of its products to address vulnerabilities that could allow an attacker to take control of an infected system. The vulnerabilities affect  iCloud for Windows, Safari, iTunes, various macOS versions, tvOS and iOS, among other products, according to a Dec. 5 US-CERT advisory. “NCCIC encourages users and administrators to…

Next post in News