DDoS Attacks Skyrocket as Pandemic Bites
More people being online during lockdowns and work-from-home shifts has proven to be lucrative for DDoS-ers.
Source: Threadpost
DoJ Indicts Two Hackers for Defacing Websites with Pro-Iran Messages
The two hackers allegedly hacked more than 50 websites hosted in the U.S. and vandalized them with pro-Iran messages.
Source: Threadpost
Report Looks at COVID-19’s Massive Impact on Cybersecurity
Cynet's report shares several interesting data points and findings, such as the cyberattack volume change observed in various industry sectors, the increased use of spearphishing as an initial attack vector, and...
Bluetooth Spoofing Bug Affects Billions of IoT Devices
The 'BLESA' flaw affects the reconnection process that occurs when a device moves back into range after losing or dropping its pairing, Purdue researchers said.
Source: Threadpost
Data Breaches Exposes Vets, COVID-19 Patients
Social engineering and employee mistakes lead to breach Veteran's Administration and the National Health Service.
Source: Threadpost
QR Codes Serve Up a Menu of Security Concerns
QR code usage is soaring in the pandemic -- but malicious versions aren't something that most people think about.
Source: Threadpost
IBM Spectrum Protect Plus Security Open to RCE
Two bugs (CVE-2020-4703 and CVE-2020-4711) in IBM's Spectrum Protect Plus data-storage protection solution could enable remote code execution.
Source: Threadpost
Windows Exploit Released For Microsoft ‘Zerologon’ Flaw
Security researchers and U.S. government authorities alike are urging admins to address Microsoft's critical privilege escalation flaw.
Source: Threadpost
MFA Bypass Bugs Opened Microsoft 365 to Attack
Vulnerabilities ‘that have existed for years’ in WS-Trust could be exploited to attack other services such as Azure and Visual Studio.
Source: Threadpost
Feds Warn Nation-State Hackers are Actively Exploiting Unpatched Microsoft Exchange, F5, VPN Bugs
Monday's CISA advisory is a staunch reminder for federal government and private sector entities to apply patches for flaws in F5 BIG-IP devices, Citrix VPNs, Pulse Secure VPNs and Microsoft Exchange...