Month: July 2017

News in brief: finally, a farewell to Flash; Paint lives on; young cybercriminals sent to rehab

Read full post Your daily round-up of some of the other stories in the news

/ July 25, 2017

Mozilla wants to hear your voice – but should you keep quiet?

Read full post The organization behind Firefox is crowdsourcing voice samples to help people outside the big companies build software and services. But is having your say a good idea?

/ July 25, 2017

For better machine-based malware analysis, add a slice of LIME

Read full post Adding a slice of LIME to machine learning can take it from the ‘what’ to the why’

/ July 25, 2017

Pwning the mainframe: How to hack the “most secure” platform on Earth

Read full post A researcher found a security flaw that granted him access to a mainframe’s vital, sensitive data.

/ July 25, 2017

Swedish PM admits that huge data leak is ‘a disaster’

Read full post Huge outsourcing project led to data on millions of Swedish citizens as well as criminal records, and the home addresses of military personnel being exposed

/ July 25, 2017

How Women Can Raise Their Profile within the Cybersecurity Industry

Read full post Closing the cybersecurity gender gap won’t happen overnight, but women can take can take steps to begin leveling the playing field.

/ July 25, 2017

Using AI to Break Detection Models

Read full post Pitting machine learning bots against one another is the new spy vs. spy battle in cybersecurity today

/ July 25, 2017

US government email still not using a key security tool to protect users

Read full post Most federal departments haven’t implemented DMARC – and a senator wants to know why not

/ July 25, 2017

Social engineering and ransomware

Read full post Social engineering may play a vital part in persuading a victim to open a malicious executable or website, says ESET’s David Harley on social engineering and ransomware. The post Social engineering and ransomware appeared first on WeLiveSecurity

/ July 25, 2017

Lessons from Verizon: Managing Cloud Security for Partners

Read full post The recent Verizon breach – data exposed by an insecure Amazon S3 bucket – highlights the need for enterprises to have visibility into how partners and other stakeholders keep their data secure.

/ July 25, 2017

Malware found lurking behind every app at alternative Android store

Read full post ESET researchers have discovered an Android app store distributing malware on a mass scale. The post Malware found lurking behind every app at alternative Android store appeared first on WeLiveSecurity

/ July 25, 2017

Alation: Finding the needle in the middle of… the data lake

Read full post Alation has stuck to its knitting specializing in cataloging the data lake. Having just won its second round of venture financing and getting a good start with strategic partnerships, Alation’s challenge is proving that catalogs are more...

/ July 25, 2017

CrowdStrike launches Falcon MalQuery cybersecurity engine capabilities

Read full post The search engine has a new malware search and detection component for threat indexing.

/ July 25, 2017

Nasdaq acquires UK security startup Sybenetix

Read full post The startup combines behavioral analytics and cognitive computing to keep financial markets safe from underhanded trading.

/ July 25, 2017

Regulators Question Wells Fargo Regarding Data Breach

Read full post Scrutiny a result of a lawyer’s unauthorized release of sensitive information on tens of thousands of wealthy Well Fargo customers.

/ July 25, 2017

Custom Source Code Accounts for 93% of App Vulnerabilities

Read full post A new study finds that third-party libraries account for 79% of the code found in apps, but only 7% of the vulnerabilities found in the software.

/ July 25, 2017

Ransomware as a service: how the bad guys marketed Philadelphia

Read full post Ransomware as a service has broken out of the dark web and its creators are making money by selling it openly online

/ July 25, 2017

IBM patent uses printed circuit boards to protect cryptographic codes

Read full post Big Blue’s new patent aims to protect cryptographic keys and make them tamper-resistant.

/ July 25, 2017

£20 million cybersecurity programme to train teenagers set to launch in UK

Read full post A new £20 million cybersecurity programme to train teenagers will be launched in the UK this autumn, as part of the government’s plans to address the skills gap. The post £20 million cybersecurity programme to train teenagers...

/ July 25, 2017

Spiderman pleads guilty to knocking 900,000 German broadband routers offline

Read full post It seems that Spiderman is in a spot of trouble, tangled in a web of his own making. The post Spiderman pleads guilty to knocking 900,000 German broadband routers offline appeared first on WeLiveSecurity

/ July 24, 2017

Voter Registration Data from 9 States Available for Sale on Dark Web

Read full post Nearly 10 million voter records sold for just $4 over last few days, according to LookingGlass Cyber Solutions.

/ July 24, 2017

Weather.com, Fusion Expose Data Via Google Groups Config Error

Read full post Companies that leaked data accidentally chose the sharing setting “public on the Internet,” which enabled anyone on the Web to access all information contained in the messages

/ July 24, 2017

News in brief: China forces spyware on minority group; farewell to Paint; drones to be regulated

Read full post Your daily round-up of some of the other stories in the news

/ July 24, 2017

7 Hardware & Firmware Hacks Highlighted at Black Hat 2017

Read full post Researchers will hammer home potentially devastating attacks, and demo a range of vulnerabilities, techniques and tools.

/ July 24, 2017

Microsoft opens up a new front in the battle against Fancy Bear

Read full post Microsoft’s lawyers have gone after the the hacking group’s web domains – with some success

/ July 24, 2017

Hundreds of companies expose PII, private emails through Google Groups error

Read full post Oversight, not flaws, has led to some serious data exposure for firms including IBM’s Weather Company and SpotX.

/ July 24, 2017

Majority of Security Pros Let Productivity Trump Security

Read full post A survey found that 64% of IT security professionals will tweak security to give workers more flexibility to be productive when asked to make that move by top executives.

/ July 24, 2017

Bots Make Lousy Dates, But Not Cheap Ones

Read full post The danger of dating sites: If a beautiful woman asks men to click on malware, they’ll probably click.

/ July 24, 2017

Yakkety Yak won’t come back: Linux users, it’s time to upgrade Ubuntu

Read full post Canonical’s announcement of the end of support for Yakkety Yak is a good reminder that it’s worth keeping an eye on your other devices to make sure they’re up to date, too

/ July 24, 2017

Qualys launches CertView security certificate handler for the enterprise

Read full post The new solution is aimed at enterprise players which need a way to manage SSL/TLS certificates.

/ July 24, 2017

Checkmarx snaps up Codebashing to boost secure coding development

Read full post The deal will give Checkmarx interactive teaching tools for the changing IT landscape.

/ July 24, 2017

Qualys unveils CloudView app framework for public cloud security

Read full post The solution aims to prevent misconfigurations, malware, and noncompliance threatening enterprise networks.

/ July 24, 2017

New details emerge on Fruitfly, a near-undetectable Mac backdoor

Read full post The malware went largely undetected for several years and is only detectable on a handful of security products, but the “fully featured” Mac backdoor can take control of an entire computer.

/ July 24, 2017

Glassdoor pushes back against moves to identify anonymous reviewers

Read full post Would you contribute to sites like Glassdoor if law enforcement could demand that the company turned over your ID details?

/ July 24, 2017

Your pacemaker could be put in the witness box against you

Read full post What happens when a wearable or embedded medical device tells a different story to someone suspected of a crime?

/ July 24, 2017

88% feel vulnerable to data threats

Read full post Thales Group has announced the results of its 2017 data threat report, showing that the number of global data breaches has increased from 2016. The post 88% feel vulnerable to data threats appeared first on WeLiveSecurity

/ July 24, 2017

Going to Black Hat? Bring your (marketing) wallet

Read full post This year at Black Hat, it will be incumbent upon newer vendors to make sensational claims to gain market share from established vendor, says Cameron Camp. The post Going to Black Hat? Bring your (marketing) wallet appeared...

/ July 24, 2017

John McAfee reportedly lands in hospital after attack

Read full post The colorful security head says he was in an incident where someone attempted to allegedly “off” him.

/ July 24, 2017

Monday review – the hot 27 stories of the week

Read full post From ATM crooks upping the ante with infrared and Orpheus’ Lyre, the Windows security hole to Google wants you to give up SMS, and more!

/ July 24, 2017

Every Swedish car owners’ details may have leaked in explosive IT failure

Read full post Driving license data has potentially been leaked due to carelessness in an outsourcing deal.

/ July 24, 2017