The Hacker News
Most trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals.
New Framework Released to Protect Machine Learning Systems From Adversarial Attacks
by firstname.lastname@example.org (Ravie Lakshmanan) on October 23, 2020 at 10:50 am
Microsoft, in collaboration with MITRE, IBM, NVIDIA, and Bosch, has released a new open framework that aims to help security analysts detect, respond to, and remediate adversarial attacks against machine learning (ML) systems. Called the Adversarial ML Threat Matrix, the initiative is an attempt to organize the different techniques employed by malicious adversaries in subverting ML systems. Just
New Chrome 0-day Under Active Attacks – Update Your Browser Now
by email@example.com (Swati Khandelwal) on October 21, 2020 at 4:27 pm
Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today. Google released Chrome version 86.0.4240.111 today to patch several security high-severity issues, including a zero-day vulnerability that has been exploited in the wild by attackers to
Popular Mobile Browsers Found Vulnerable To Address Bar Spoofing Attacks
by firstname.lastname@example.org (Ravie Lakshmanan) on October 21, 2020 at 7:12 am
Graphic for illustration Cybersecurity researchers on Tuesday disclosed details about an address bar spoofing vulnerability affecting multiple mobile browsers, such as Apple Safari and Opera Touch, leaving the door open for spear-phishing attacks and delivering malware. Other impacted browsers include UCWeb, Yandex Browser, Bolt Browser, and RITS Browser. The flaws were discovered by Pakistani
Windows GravityRAT Malware Now Also Targets macOS and Android Devices
by email@example.com (Ravie Lakshmanan) on October 20, 2020 at 2:02 pm
A Windows-based remote access Trojan believed to be designed by Pakistani hacker groups to infiltrate computers and steal users’ data has resurfaced after a two-year span with retooled capabilities to target Android and macOS devices. According to cybersecurity firm Kaspersky, the malware — dubbed “GravityRAT” — now masquerades as legitimate Android and macOS apps to capture device data, contact
Download Ultimate ‘Security for Management’ Presentation Template
by firstname.lastname@example.org (The Hacker News) on October 20, 2020 at 1:41 pm
There is a person in every organization that is the direct owner of breach protection. His or her task is to oversee and govern the process of design, build, maintain, and continuously enhance the security level of the organization. Title-wise, this person is most often either the CIO, CISO, or Directory of IT. For convenience, we’ll refer to this individual as the CISO. This person is the
Security magazine provides security industry news and trends on video surveillance, cyber security, physical security, security guards, access management and more for security executives and the security industry.
Georgia County’s election infrastructure hit by ransomware attack
on October 23, 2020 at 3:00 pm
Hall County, Ga. confirmed it experienced a network outage as a result of a ransomware attack. The cyberattack impacted critical systems within the Hall County Government networks, including phone services. While some applications are disabled as the County works to resolve this incident, business continuity measures have been implemented.
CISA and FBI release joint advisories regarding Russian and Iranian APT actors
on October 23, 2020 at 2:22 pm
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released two joint cybersecurity advisories on widespread advanced persistent threat (APT) activity. Joint Cybersecurity Advisory: AA20-296A Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets Joint Cybersecurity Advisory: AA20-296B Iranian State-Sponsored Advanced Persistent Threat Actors Threaten Election-Related Systems
Ransomware trends in Q3: a new attack every day
on October 23, 2020 at 2:12 pm
Digital Shadows released its quarterly research report focusing on the latest trends in ransomware. Unfortunately, for vulnerable organizations everywhere, Digital Shadows Photon Research team found that ransomware as a market and community on the dark web has expanded since Q2.
Iran targeting the US election
on October 23, 2020 at 1:45 pm
During a press conference on election security at FBI Headquarters with FBI Director Christopher Wray, Director of National Intelligence John Ratcliffe confirmed that some voter registration information has been obtained by Iran, and separately, by Russia.
NARUC Center for Partnerships and Innovations announces Smart Grid Interoperability Learning Modules
on October 23, 2020 at 1:29 pm
The National Association of Regulatory Utility Commissioners Center for Partnerships and Innovation today announced the release of a series of Smart Grid Interoperability Learning Modules.
The first stop for security news.
U.S. Levies Sanctions Against Russian Research Institution Linked to Triton Malware
by Tom Spring on October 23, 2020 at 9:26 pm
The latest in a flurry of actions this week, tied to foreign threats against U.S. computer systems, includes sanctions by the Department of the Treasury.
IoT Device Takeovers Surge 100 Percent in 2020
by Lindsey O’Donnell on October 23, 2020 at 8:49 pm
The COVID-19 pandemic, coupled with an explosion in the number of connected devices, have led to a swelling in IoT infections observed on wireless networks.
Louisiana Calls Out National Guard to Fight Ransomware Surge
by Tara Seals on October 23, 2020 at 8:28 pm
An investigation showed a custom backdoor RAT and the Emotet trojan in the networks of municipal victims of the attacks.
Election Security: Beyond Mail-In Voting
by Joseph Carson on October 23, 2020 at 7:10 pm
There are many areas of the election process that criminal hackers can target to influence election results.
Georgia Election Data Hit in Ransomware Attack
by Becky Bracken on October 23, 2020 at 6:21 pm
With Election Day approaching, local governments need to be prepared for malware attacks on election infrastructure.
Connecting the Security Industry with the Security Community
Phishing and Vishing Protection for Remote Workers
by Matt Alderman on October 14, 2020 at 7:41 pm
The post Phishing and Vishing Protection for Remote Workers appeared first on Security Weekly.
Zero Trust Data Security
by Matt Alderman on October 8, 2020 at 4:45 pm
The post Zero Trust Data Security appeared first on Security Weekly.
CyberRisk Alliance Acquires Security Weekly
by Matt Alderman on September 8, 2020 at 2:00 pm
The post CyberRisk Alliance Acquires Security Weekly appeared first on Security Weekly.
Securing, Monitoring, and Remediating Immutable Infrastructure
by Matt Alderman on August 19, 2020 at 1:42 pm
The post Securing, Monitoring, and Remediating Immutable Infrastructure appeared first on Security Weekly.
Prioritizing and Closing the Loop in Your Vulnerability Management Program
by Matt Alderman on June 18, 2020 at 9:23 pm
In one of my previous roles, I had the great opportunity to travel around the world meeting customers to understand their challenges in vulnerability management. The two biggest challenges they wanted solved were: Help me prioritize which of these vulnerabilities are most critical, and Help me close the loop with my patching solutions to remediate The post Prioritizing and Closing the Loop in Your Vulnerability Management Program appeared first on Security Weekly.