Month: September 2017

Best and Worst Security Functions to Outsource

Read full post Which security functions are best handled by third parties, and which should be kept in-house? Experts weigh in.

/ September 29, 2017

Equifax mea-culpas with free credit “locks” forever

Read full post They’ll be easy to lock and unlock… and they don’t exist yet

/ September 29, 2017

Signal app’s address book security could upset governments

Read full post The app’s novel approach turns Digital Rights Management on its head

/ September 29, 2017

Apple Shares More Data with US in First Half of 2017

Read full post Device-based data requests from government agencies dropped in the first half over last year, but Apple fulfilled a higher percentage of those requests, according to its transparency report.

/ September 29, 2017

Whole Foods Reports Credit Card Breach

Read full post The breach affects customers of certain Whole Foods taprooms and table-service restaurants.

/ September 29, 2017

Apple Mac Models Vulnerable to Targeted Attacks

Read full post Several updated Mac models don’t receive EFI security fixes, putting machines at risk for targeted cyberattacks.

/ September 29, 2017

Analyzing Cybersecurity’s Fractured Educational Ecosystem

Read full post We have surprisingly little data on how to evaluate infosec job candidates academic qualifications. That needs to change.

/ September 29, 2017

Android malware ZNIU exploits DirtyCOW vulnerability

Read full post DirtyCOW can be used to compromise phones and tablets

/ September 29, 2017

CISOs Offer Soup-to-Nuts C-Suite Strategy

Read full post Chief information security officers from Dell, RCB Bank and other organizations share what it takes to become a security exec, sit in the C-Suite, and keep the job.

/ September 29, 2017

Cloud security policy: The questions you need to ask

Read full post Cloud services are very much what you make of them, and you need to apply at least an equivalent level of rigorousness, in terms of risk assessment, as you would with assets that are hosted on your...

/ September 29, 2017

iPhone X Face ID baffled by kids, twins, siblings, doppelgängers

Read full post Get the lowdown on Apple’s newly released Face ID Security Overview

/ September 29, 2017

Cyber News Rundown: Edition 9/29/17

Read full post Showtime Site Found Using Cryptocurrency Miner Following the discovery last week that ThePirateBay has been using a Monero miner to experiment with revenue alternatives for the site, researchers have found that both Showtime.com and ShowtimeAnytime.com have embedded...

/ September 28, 2017

Key Security Innovations Focus on Policy and Tech

Read full post The New York Cyber Task Force says strategic innovations, not only technical ones, have made the biggest difference.

/ September 28, 2017

DHS expanding surveillance of immigrants to social media

Read full post Social media handles, aliases, associated identifiable information and search results are included

/ September 28, 2017

Report: Bank Email Fraud Increases since Equifax Breach

Read full post Cyberthieves are impersonating banks to send bogus “secure” bank email messages.

/ September 28, 2017

Central Banks Propose Better Inter-Bank Security

Read full post Institutions from the world’s largest economies want to improve security following abuse of inter-bank messaging and payment systems.

/ September 28, 2017

Your Android lock screen pattern isn’t as safe as a PIN code

Read full post What’s safer? Using a numeric PIN code to unlock your Android smartphone or relying on a finger squiggle? The answer might surprise you. The post Your Android lock screen pattern isn’t as safe as a PIN code...

/ September 28, 2017

Ransomware Numbers Continue to Look Abysmal

Read full post Ransomware is one of the fastest-growing concerns among IT pros, according to several studies out this week.

/ September 28, 2017

Apple reported a spike in secret national security orders this year

Read full post Device and requests went down, but secret and classified orders spiked by more than three-fold.

/ September 28, 2017

Equihax: Identifying & Wrangling Vulnerabilities

Read full post Now that we know what was taken from Equifax, how it was taken, and what is being sold, what more do we need to learn before the next time?

/ September 28, 2017

Android unlock patterns are too easy to guess, stop using them

Read full post Shoulder surfing beats a 6 point unlock pattern most of the time

/ September 28, 2017

TrickBot Rapidly Expands its Targets in August

Read full post TrickBot shifted its focus to U.S banks and credit card companies, soaring past the 1,000 target URL mark in a single configuration.

/ September 28, 2017

Money-making machine: Monero-mining malware

Read full post While far behind Bitcoin in market capitalization, Monero has several features that make it a very attractive cryptocurrency to be mined by malware. The post Money-making machine: Monero-mining malware appeared first on WeLiveSecurity

/ September 28, 2017

The sorry state of stock trading mobile app security revealed

Read full post 68% of the Android and iOS apps tested failed to validate TLS certificates

/ September 28, 2017

New Locky Ransomware Phishing Attacks Beat Machine Learning Tools

Read full post Late September attacks highlight the persistent nature of ransomware threats, Comodo says.

/ September 28, 2017

Phishing: don’t take the bait

Read full post Another day, another phishing attack. From businesses to consumers, phishing attacks are becoming a more widespread and dangerous online threat every year. One wrong click could quickly turn into a nightmare if you aren’t aware of the...

/ September 27, 2017

Malware Investigation Leads To Sophisticated Mideast Threat Network

Read full post The infrastructure behind a web shell used in an attack earlier this year suggests methodical and purposeful threat actors, Palo Alto Networks says.

/ September 27, 2017

Caterpillar Eyes Competitive Edge with Connected Asset Security Program

Read full post Launches program to incorporate security by design and a strategic governance policy across all of its IoT products.

/ September 27, 2017

Companies Push to Decode Cloud Encryption

Read full post Businesses buckle down on encryption as it becomes table stakes for securing data in the cloud.

/ September 27, 2017

Sonic Data Breach Potentially Affects Millions

Read full post Sonic first heard about the breach when its credit-card processor detected unusual activity on customers’ payment cards.

/ September 27, 2017

Waiting for Skynet? Don’t hold your breath

Read full post AI run amuck is good TV, but is it likely?

/ September 27, 2017

Black Hat Europe 2017: New Briefings Announced

Read full post We are pleased to announce More Briefings selected for presentation at Black Hat Europe 2017!

/ September 27, 2017

Instagram now lets you block people from commenting on your posts

Read full post Instagram introduces new tools to promote a safe, kind environment

/ September 27, 2017

How to Live by the Code of Good Bots

Read full post Following these four tenets will show the world that your bot means no harm.

/ September 27, 2017

Campaigner who refused to hand over passwords found guilty

Read full post Muhammad Rabbani was found guilty of obstructing justice after refusing to unlock his laptop and smartphone

/ September 27, 2017

US Army Black Hawk helicopter damaged in drone crash

Read full post The crew were providing security for the annual United Nations General Assembly

/ September 27, 2017

7 SIEM Situations That Can Sack Security Teams

Read full post SIEMS are considered an important tool for incident response, yet a large swath of users find seven major problems when working with SIEMs.

/ September 27, 2017

7 Situations That Can Sack SIEM Security Teams

Read full post SIEMS are considered an important tool for incident response, yet a large swath of users find seven major problems when working with SIEMs.

/ September 27, 2017

London snags top spot for botnets, ‘zombie’ devices in the country

Read full post Millions of UK residents with vulnerable devices are unwittingly contributing to the epidemic.

/ September 27, 2017

Popular Mobile Trading Apps Riddled With Vulnerabilities, Security Firm Warns

Read full post IOActive’s review of 21 of the most used mobile apps for investment trading shows a majority of them exposing users to various security risks.

/ September 26, 2017