Older Amazon Devices Subject to Old Wi-Fi Vulnerability
The vulnerability in first-generation Echoes and eight-generation Kindles lets an attacker wage man-in-the-middle attacks. …
Dark Reading
Typosquatting Websites Proliferate in Run-up to US Elections
People who mistype the URL for their political candidate or party’s website could end up on an opposing party or candidate’s website, Digital Shadow’s research shows. …
Sodinokibi Ransomware: Where Attackers’ Money Goes
Researchers following the ransomware variant uncover new data on how much its affiliates earn and where they spend it. …
Sophos for Sale: Thoma Bravo Offers $3.9B
Sophos’ board of directors plans to unanimously recommend the offer to the company’s shareholders. …
FBI: Phishing Can Defeat Two-Factor Authentication
A recent Privacy Industry Notification points to two new hacker tools that can turn a victim’s browser into a credential-stealing zombie. …
7 SMB Security Tips That Will Keep Your Company Safe
With National Cybersecurity Awareness Month as a backdrop, industry leaders weigh in on how SMBs can more effectively protect themselves from cyberattacks. …
Click2Mail Suffers Data Breach
Mail provider discovered customer data being used in spam messages. …
iTunes Zero-Day Exploited to Deliver BitPaymer
The ransomware operators targeted an “unquoted path” vulnerability in iTunes for Windows to evade detection and install BitPaymer. …
Virginia a Hot Spot For Cybersecurity Jobs
State has highest number of people in information security roles and the most current job openings, Comparitech study finds. …
Microsoft Issues 9 Critical Security Patches
None of the total 59 patches were for previously known vulnerabilities nor are any under active attack, Microsoft reports. …
Drupalgeddon2 Vulnerability Still Endangering CMSes
A new wave of attacks has been discovered on Drupal-based content management systems that weren’t patched for the older flaw. …
Rethinking Cybersecurity Hiring: Dumping Resumes & Other ‘Garbage’
In a market that favors the job seeker, what are some alternatives to resume-sifting that will identify the talent you need? …
Iran Caught Targeting US Presidential Campaign Accounts
Microsoft detected the so-called Phosphorus nation-state gang attacking 241 user accounts associated with a US presidential campaign, current and former US government officials, journalists, others. …
FBI Investigates Mobile Voting Intrusion
A group tried to access West Virginia’s mobile voting app in 2018; now, the FBI is looking into what actually happened. …
American Express Insider Breaches Cardholder Information
The ex-employee accessed names, Social Security numbers, card numbers, and more in an attempt to commit fraud. …
Quantum-Safe Cryptography: The Time to Prepare Is Now
Quantum computing is real and it’s evolving fast. Is the security industry up to the challenge? …