Security News > 2020

High-risk users are aware that they are more likely to be targeted by hackers compared to the general population, but many of them still have bad security habits, a Google survey shows. The results of the survey show that 78% of high-risk users are aware that they are more likely to be targeted by hackers compared to the general population, and 65% of them are more concerned about their accounts being hacked today than they were one year ago - a majority are mainly concerned about their work account being targeted.

Facebook this week introduced a new notification to alert users when their accounts interact with a third-party application using Facebook Login. Dubbed "Login Notifications," the new feature is meant to provide users with increased control over their data, the social platform says.

Social media messages have also effectively tricked users, notably when LinkedIn is the subject-55% were successful, with Facebook following at 28%. "Not surprisingly, LinkedIn email subjects top the social media list for Q4 in a pretty big way. Q4 is a time where people are setting resolutions for the following year, and this often involves a job search. Activity related to LinkedIn tends to spike in this quarter, meaning people are more likely to view and click these emails." Research for the report was gathered through an examination of thousands of email subject lines from simulated phishing tests. KnowBe4 also reviewed "In-the-wild" email subject lines, which added previously received email as an additional incentive to open, as well as company emails reported to IT departments as suspicious.

Social media messages have also effectively tricked users, notably when LinkedIn is the subject-55% were successful, with Facebook following at 28%. "Not surprisingly, LinkedIn email subjects top the social media list for Q4 in a pretty big way. Q4 is a time where people are setting resolutions for the following year, and this often involves a job search. Activity related to LinkedIn tends to spike in this quarter, meaning people are more likely to view and click these emails." Research for the report was gathered through an examination of thousands of email subject lines from simulated phishing tests. KnowBe4 also reviewed "In-the-wild" email subject lines, which added previously received email as an additional incentive to open, as well as company emails reported to IT departments as suspicious.

Saleem Rashid shows that a patch for a security bug in Windows 10 and Windows Server 2016/2019 could be exploited in the real world to spoof security certificates on machines without the patch. This week Microsoft was forced to quickly patch a security bug in Windows 10 and Windows Server 2016/2019 that could have allowed attackers to spoof legitimate security certificates as a way of gaining control of an infected PC. Microsoft was prompted to act after the NSA discovered and privately reported the bug, which was evidence of a serious flaw in the way the latest versions of Windows and Windows Server check the validity of certain security certificates.

Saleem Rashid shows that a patch for a security bug in Windows 10 and Windows Server 2016/2019 could be exploited in the real world to spoof security certificates on machines without the patch. This week Microsoft was forced to quickly patch a security bug in Windows 10 and Windows Server 2016/2019 that could have allowed attackers to spoof legitimate security certificates as a way of gaining control of an infected PC. Microsoft was prompted to act after the NSA discovered and privately reported the bug, which was evidence of a serious flaw in the way the latest versions of Windows and Windows Server check the validity of certain security certificates.

A researcher who discovered many vulnerabilities in Cisco's Data Center Network Manager product has made public some proof-of-concept exploits and technical details. In early January, Cisco informed customers that it had released updates for DCNM to address several critical and high-severity vulnerabilities.

A ransomware with the un-snappy moniker of "5ss5c" has emerged on the scene and appears to be in active development. According to independent researcher Bart Blaze, the malware is the successor to the Satan ransomware, and its authors are still experimenting with focused targeting and features.

Adding a new host to Observium isn't exactly the easiest task you will undertake. Why? Because of SNMP. In order to add a device to Observium, you must have SNMP correctly configured on the host to be added.

Adding a new host to Observium isn't exactly the easiest task you will undertake. Why? Because of SNMP. In order to add a device to Observium, you must have SNMP correctly configured on the host to be added.