Cloud Security Startup Lightspin Emerges From Stealth
The startup, founded by former white-hat hackers, has secured a $4 million seed round to close security gaps in cloud environments.Lightspin, a new cloud security startup founded by former...
CISA Warns of Holiday Online Shopping Scams
Enterprise VulnerabilitiesFrom DHS/US-CERT's National Vulnerability Database
CVE-2020-25159PUBLISHED: 2020-11-24499ES EtherNet/IP (ENIP) Adaptor Source Code is vulnerable to a stack-based buffer overflow, which may allow an attacker to send a specially crafted...
Chinese APT Group Returns to Target Catholic Church & Diplomatic Groups
APT group TA416 reemerges with new changes to its documented tool sets so it can continue launching espionage campaigns.Chinese advanced persistent threat (APT) group TA416, whose previous activity has...
Ransomware Grows Easier to Spread, Harder to Block
Researchers illustrate the evolution toward more complete and effective ransomware attacks designed to cripple target organizations.Ransomware, already a major enterprise threat, is growing more problematic as operators brainstorm new...
Security Pros Push for More Pervasive Threat Modeling
With the release of the "Threat Modeling Manifesto," a group of 16 security professionals hope to prompt more companies to consider the threats to software.During a threat modeling exercise...
Facebook Messenger Flaw Enabled Spying on Android Callees
A critical flaw in Facebook Messenger on Android would let someone start an audio or video call without the victim's knowledge.Facebook has patched a critical vulnerability in the Facebook...
Go SMS Pro Messaging App Exposed Users’ Private Media Files
The popular Android app uses easily guessable Web addresses when users send private photos, videos, and voice messages.A security vulnerability in Go SMS Pro, a popular Android messaging app,...
Cybercriminals Get Creative With Google Services
Attacks take advantage of popular services, including Google Forms and Google Docs.Security researchers have reported an uptick in cyberattackers weaponizing Google services to sneak past defensive tools and steal...
Trump Fires CISA Director Chris Krebs
Christopher Krebs was fired via tweet shortly after the Cybersecurity and Infrastructure Security Agency called the 2020 election "the most secure in American history."Christopher Krebs, director of the Department...
Cisco Webex Vulns Let ‘Ghost’ Attendees Spy on Meetings
Three vulnerabilities, patched today, could let an attacker snoop on meetings undetected after the host removes them.Cisco Webex today patched three vulnerabilities in its videoconferencing platform that could allow...
