Update your Chrome browser now! 0-day actively exploited in the wild
Google has released a new stable version of its Internet surfing software equipped with a patch for a zero-day vulnerability that is reportedly being exploited in the wild. The flaw, if exploited, can allow an attacker to gain full access to the victim’s machine. Last month, Clement Lecigne of Google’s ... Read More
Say goodbye to passwords: WebAuthn specification now an official standard
Weak or default passwords are behind 81% of data breaches, and most people employ such a password, despite knowing better. Worse still, Internet users recycle the same password across websites and services, making attackers’ job even easier. But if the World Wide Web Consortium (W3C) has anything to say about ... Read More
Emotet, Lokibot, TrickBot still impacting enterprise environments globally
New research based on observed attack data over the second half of 2018 (2H 2018) reveals the command-and-control and lateral activities of three high-profile pieces of malware targeting large organizations in recent months: Emotet, LokiBot, and TrickBot. Gigamon’s report is intended to increase the understanding of how the most prolific ... Read More
Marriott data breach cost the hotel chain only $3 million in net expenses (so far)
The massive data breach incurred by Marriott in November 2018 has cost the world’s biggest hotel chain only a scant $3 million so far, after the company’s insurer covered most of the costs associated with the hack. Marriott’s earnings papers for 2018 reveal that the hotel chain has “recognized $25 ... Read More
ENISA issues recommendations to protect EU Parliament elections against cyber-threats
With the European Union Parliament elections just around the corner, the EU Agency for Network and Information Security (ENISA) has released a detailed paper discussing the evolving threat of cyber-attacks on election systems and processes. European Parliamentary elections are to be held in late-May. Notably, this year the European Council ... Read More
Most Cybersecurity Incidents in Healthcare Sector Start with Email
The healthcare industry has been a major target for bad actors in recent years, who have inflicted heavy financial losses, reputational damage and risking patient health. Administrators have responded by bolstering cybersecurity budgets, security solution deployments, and awareness training. But much more needs to be done to stay on top ... Read More
CoinHive crypto-mining service announces shutdown
CoinHive, hackers’ favorite crypto-mining service, has announced it is shutting down operations next month, saying it can no longer make a profit. Extensively used by bad actors to conduct cryptojacking campaigns, but also by legitimate users to make a buck in the cryptocurrency market, CoinHive has garnered mixed reviews, to ... Read More
92% of Businesses Cite Insider Threats as Biggest Concern, Survey Shows
There’s no shortage of research in the cybersecurity sector. Players in this vertical relentlessly keep tabs on the trends, both positive and negative, to better understand cybercriminals’ mindset and deploy adequate defenses. One recent study reveals that businesses in all industries most fear their staff – both the negligent worker ... Read More
Businesses Increasingly Expose Sensitive Data via Cloud Applications and Services
Despite ever-stricter regulations, businesses across the world are increasingly exposing company data by irresponsibly using unsecured public cloud services and applications, new research shows ... Read More
Researchers extract master password in cleartext from 1Password
Regular internet users today juggle numerous accounts on various platforms and websites, often using the same weak password for all of them. Tech-literate users employ different passwords for different accounts, and strong ones at that. Those who are truly conscientious use a password manager. But is it really all that ... Read More
