attack

Malware & Threats

Issued by: Security Week

Many ransomware families are designed to kill certain types of running processes. They might target security products to prevent them from blocking the attack and they can also terminate critical system processes so that they can encrypt files associated with these applications in an effort to cause disruption, which can increase the cybercriminals’ chances of…

Cloud Security

Issued by: CSO

Cloud configuration drift leaves organizations open to attack, research finds

Many organizations are automating their cloud infrastructure deployments through code. This allows them to establish a secure configuration baseline early in their DevOps lifecycle, but the security posture of most cloud resources later drifts due to undocumented changes that often remain undetected. A new study from cloud security company Accurics found that in as many…

Vulnerabilities

Issued by: Help Net Security

Attackers are exploiting two new zero-days in the Windows Adobe Type Manager Library to achieve remote code execution on targeted Windows systems, Microsoft warns. The attacks are limited and targeted, the company noted, and provided workarounds to help reduce customer risk until a fix is developed and released. More about the new Windows zero-days According…

Vulnerabilities

Issued by: Dark Reading

Today is the second Tuesday of the month, and Microsoft is right on schedule with 59 security fixes, nine of which are considered Critical in severity. None of the vulnerablities were previously known or exploited, and 49 are ranked Important and one as Moderate. The latest release affects Windows, Internet Explorer, Edge, ChakraCore, Microsoft Office…

Network Security

Issued by: Dark Reading

Cybersecurity Experts Worry About Satellite & Space Systems

Information from satellites fuel a great deal of today’s technology, from the intelligence gathering conducted by nation-states, to the global positioning system used for vehicle navigation, to the targeting used by “smart” weapons. Little surprise, then, that cybersecurity and policy experts worry that the relative insecurity of satellite systems open them to attack. In a…

Network Security

Issued by: Dark Reading

Health Insurer Reports Data Breach That Began 9 Years Ago

Dental and vision insurance provider and administrator Dominion National has begun notifying patients of a data breach of its systems that apparently dates back to August 2010. The insurer said an incident investigation that began on April 24, 2019, led to the discovery that its servers had been compromised in an attack that began nearly…

Network Security

Issued by: Help Net Security

Legacy infrastructures and unmanaged devices top security risks in the healthcare industry

The proliferation of healthcare IoT devices, along with unpartitioned networks, insufficient access controls and the reliance on legacy systems, has exposed a vulnerable attack surface that can be exploited by cybercriminals determined to steal personally identifiable information (PII) and protected health information (PHI), in addition to disrupting healthcare delivery processes. Published in the Vectra 2019…

Vulnerabilities

Issued by: Dark Reading

7 Serious IoT Vulnerabilities

The security of Internet of Things (IoT) devices, especially those intended for consumer use, tends to fall on a spectrum between “serious concern” and “industry joke.” Yet the fact is that a growing number of employees have various IoT devices in their homes — where they also could be connecting to an enterprise network to…