Security News > 2020
One of the vulnerabilities that researchers from the University of York discovered in widely-used password managers could have resulted in malicious apps stealing users' credentials. Password managers are encrypted vaults employed to store credentials and other sensitive information, and they allow the use of strong, unique credentials for each of the applications and online services an individual uses.
University of Utah Health revealed last week that it discovered unauthorized access to some employee email accounts, along with a malware infection on one of its workstations. "From January 22 to February 27, 2020, we became aware that there was unauthorized access to some employees' email accounts. This unauthorized access occurred between January 7 and February 21, 2020," the hospital reveals.
The Department of Justice has raised its first federal court action against online fraud relating to the coronavirus pandemic, on Sunday taking steps to shutter a fraudulent website that claimed to give away free coronavirus vaccines. The website was live as of March 21, according to the DoJ; but as of Monday, the website is currently down.
The Department of Justice has raised its first federal court action against online fraud relating to the coronavirus pandemic, on Sunday taking steps to shutter a fraudulent website that claimed to give away free coronavirus vaccines. The website was live as of March 21, according to the DoJ; but as of Monday, the website is currently down.
Some cyber security jobs require specific technical skill sets while other roles require leadership skills, strategic thinking, and the capacity to communicate technical details to executives and corporate boards. Vishal Salvi, chief information security officer at Infosys, said that security leaders will need a higher level of trust and support from corporate leadership than in the past.
Have you secured your streaming services' accounts? Are you sure someone else, unbeknown to you, isn't using them as well? He also posits that, despite cybercriminals having been compromising users' streaming services' accounts for ages, they will now likely increase their efforts.
New Mexico school districts, universities, and government agencies have collectively spent millions of dollars to regain control of their computer systems after employees unknowingly opened emails containing an encrypted code that effectively shut them out of their systems. The ransomware attacks occurred between January 2018 and February 2020, and have put school districts and agencies on edge amid warnings of more technology terror, the Albuquerque Journal reports.
Cybercrime groups have been exploiting vulnerabilities in digital video recorders made by Taiwan-based surveillance solutions provider LILIN to increase the size of their botnets. The vendor released firmware updates that should patch the exploited flaws on February 14, but the vulnerabilities had a zero-day status until this date.
Cisco has patched a clutch of high-priority vulnerabilities in its SD-WAN routers and their management software that admins will want to apply as soon as possible. The latter is a privilege escalation vulnerability in the SD-WAN management software used with a range of Cisco routers, including the vEdge 100 Series, 1000 Series, 2000 Series, 5000 Series, and Cloud Router.
The official - whom Peng eventually figured out was working for the MSS - asked Peng to use his citizenship in the US to assist the official with "Matters of interest" to the PRC. After that, Peng admitted, he got paid at least $30,000 for running data over to China over the course of about 3.5 years. In Beijing, Peng meets with agents of the Ministry of State Security, including the People's Republic of China official with whom Peng had been communicating, and delivers the SD card to MSS. A PRC official uses coded language to tell Peng that another dead drop will occur on April 23, 2016.