Infosec
Black Hat 2021: Lessons from a lawyer

Why companies and their security teams need to engage with a lawyer before an incident occurs The post Black Hat 2021: Lessons from a lawyer appeared first on WeLiveSecurity

Read more
Infosec
Black Hat 2021: Wanted posters for ransomware slingers

Is the net closing in on cyber-extortionists and can bounties on their collective heads ultimately help stem the ransomware scourge? The post Black Hat 2021: Wanted posters for ransomware slingers appeared first on WeLiveSecurity

Read more
Dark
Researchers Call for 'CVE' Approach for Cloud Vulnerabilities

New research suggests isolation among cloud customer accounts may not be a given -- and the researchers behind the findings issue a call to action for cloud security. ...

Read more
Infosec
IIStealer: A server‑side threat to e‑commerce transactions

The first in our series on IIS threats looks at a malicious IIS extension that intercepts server transactions to steal credit card information The post IIStealer: A server‑side threat to e‑commerce transactions appeared first on WeLiveSecurity

Read more
Infosec
Anatomy of native IIS malware

ESET researchers publish a white paper putting IIS web server threats under the microscope The post Anatomy of native IIS malware appeared first on WeLiveSecurity

Read more
Dark
HTTP/2 Implementation Errors Exposing Websites to Serious Risks

Organizations that don't implement end-to-end HTTP/2 are vulnerable to attacks that redirect users to malicious sites and other threats, security researcher reveals at Black Hat USA. ...

Read more
Dark
CISA Launches JCDC, the Joint Cyber Defense Collaborative

"We can't do this alone," the new CISA director told attendees in a keynote at Black Hat USA today. ...

Read more
Dark
Incident Responders Explore Microsoft 365 Attacks in the Wild

Mandiant experts discuss the novel techniques used to evade detection, automate data theft, and achieve persistent access. ...

Read more
Dark
Researchers Find Significant Vulnerabilities in macOS Privacy Protections

Attacks require executing code on a system but foil Apple's approach to protecting private data and systems files. ...

Read more
Dark
A New Approach to Securing Authentication Systems' Core Secrets

Researchers at Black Hat USA explain issues around defending "Golden Secrets" and present an approach to solving the problem. ...

Read more