Rss Bot

The APT threat landscape is a mixed bag of tried-and-true tactics and cutting-edge techniques, largely supercharged by geo-politics, a report finds. View the full article

Patches for both the Chrome desktop and Android browser address high-severity flaws with known exploits available in the wild. View the full article

The critical-severity Adobe Acrobat and Reader vulnerabilities could enable arbitrary code execution and are part of a 14-CVE patch update. View the full article

The remote code-execution flaw (CVE-2020-14750) is low-complexity and requires no user interaction to exploit. View the full article

Aleksandr Brovko faces jail time after stealing $100 million worth of personal identifiable information (PII) and financial data over the course of more than 10 years. View the full article

Automation, strategic process design and an investment in training are the keys to managing the cybersecurity skills gap, according to a recent survey from Trustwave. View the full article

WordPress bungles critical security 5.5.2 fix and saves face next day with 5.5.3 update. View the full article

JM Bullion fell victim to a payment-card skimmer, which was in place for five months. View the full article

This post is originally published on Designmodo: Email Design: How to Create a Newsletter We are talking a lot about how to create successful email campaigns, featuring guides for every occasion: transactional emails, re-engagement emails, seasonal emails, holiday emails, etc. Here, we are looking at one of the most critical email marketing details: email … For more information please contact Designmodo View the full article

Google Project Zero disclosed the bug before a patch becomes available from Microsoft. View the full article

Cyber-researchers weigh in on what concerns them the most as the U.S. heads into the final weekend before the presidential election -- and they also highlight the positives. View the full article

In all, WordPress patched 10 security bugs as part of the release of version 5.5.2 of its web publishing software. View the full article

The DoNot APT threat group is leveraging the legitimate Google Firebase Cloud Messaging server as a command-and-control (C2) communication mechanism. View the full article

Threatpost breaks down the scariest stories of the week ended Oct. 30 haunting the security industry -- including bugs that just won't die. View the full article

Tech giant and feds this week renewed their urge to organizations to update Active Directory domain controllers. View the full article

NVIDIA said a high-severity information-disclosure bug impacting its DGX A100 server line wouldn't be patched until early 2021. View the full article

In a wide-ranging interview, a REvil leader said the gang is earning $100 million per year, and provided insights into the life of a cybercriminal. View the full article

The flaw in the console component of the WebLogic Server, CVE-2020-14882, is under active attack, researchers warn. View the full article

The most-rewarded flaw is XSS, which is among those that are relatively cheap for organizations to identify. View the full article

While Microsoft patched the bug known as CVE-2020-0796 back in March, more than one 100,000 Windows systems are still vulnerable. View the full article

The Phosphorous APT has launched successful attacks against world leaders who are attending the Munich Security Conference and the Think 20 (T20) Summit in Saudi Arabia, Microsoft warns. View the full article

With the election just a week away, cybercriminals are ramping up mobile attacks on citizens under the guise of campaign communications. View the full article

How a retail sector reeling from COVID-19 can lock down their online systems to prevent fraud during the upcoming holiday shopping spike. View the full article

Popular chat apps, including LINE, Slack, Twitter DMs and others, can also leak location data and share private info with third-party servers. View the full article

Veracode's Chris Eng discusses the cyber threats facing shoppers who are going online due to the pandemic and the imminent holiday season. View the full article