Network Security News Weekly

Current cybersecurity news to keep you informed.
IT Services | Government | Financial | Healthcare | Non-Profit

Articles of interest from the week of March 4, 2019


New Google Chrome Vulnerability Found Actively Exploited in the Wild
Without revealing technical details of the vulnerability, the Chrome security team only says the issue is a use-after-free vulnerability in the FileReader component of the Chrome browser, which leads to remote code execution attacks. (By Mohit Kumar, The Hacker News)

If An Organization Has Been Breached, It's More Likely to be Targeted Again
FireEye data provides evidence that organizations which have been victims of a targeted compromise are likely to be targeted again. Global data from 2018 found that 64 percent of all FireEye managed detection and response customers who were previously Mandiant incident response clients were targeted again in the past 19 months by the same or similarly motivated attack group, up from 56 percent in 2017. (Help Net Security)

WordPress Accounted for 90 Percent of all Hacked CMS Sites in 2018
Roughly 90 percent of all the hacked content management systems (CMSs) Sucuri investigated and helped fix in 2018 were WordPress sites. In a distant second, third, and fourth came Magento (4.6 percent), Joomla (4.3 percent), and Drupal (3.7 percent), according to a report the company published yesterday. (By Catalin Cimpanu, ZDNet)

Users Are Too Confident in Their Protection from Threats
Most users care about online privacy and take some steps to make sure their data is protected, a new Malwarebytes survey has revealed. But some protection measures are too burdensome to implement, which still leaves them open to many common attack avenues. (By Zeljka Zorz, Help Net Security)

New Microsoft Report Finds 250% Increase In Phishing Attacks
Microsoft's new Security Intelligence Report (SIR Volume 24) finds that phishing attacks increased 250% between January and December 2018, with attackers moving to multiple points of attacks during the same campaign, switching between URLs, domains, and servers when sending e-mails and hosting phishing forms. Hosted servers and public cloud tools were also adopted to make it easier to camouflage as legitimate services or products. (By Colin Bastable, ISBuzz News)



Sign Up For Netsec News Weekly

Ingalls Information Security
TOP