Month: November 2017

Apple’s rocky week with passwords in High Sierra [VIDEO]

Read full post We took to Facebook Live to discuss what happened in Apple’s “password nightware” week…

/ November 30, 2017

Lawsuits Pile Up on Uber

Read full post Washington AG files multimillion-dollar consumer protection lawsuit; multiple states also confirm they are investigating the Uber breach, which means more lawsuits may follow.

/ November 30, 2017

The Critical Difference Between Vulnerabilities Equities & Threat Equities

Read full post Why the government has an obligation to share its knowledge of flaws in software and hardware to strengthen digital infrastructure in the face of growing cyberthreats.

/ November 30, 2017

Google sued over iPhone ‘Safari Workaround’ data snooping

Read full post Did you use an iPhone in the UK between 1 June 2011 and 15 February 2012? If so, you’re one of an estimated 5.4 million who may be in line for compensation.

/ November 30, 2017

Snapchat takes a swipe at fake news

Read full post Snapchat is curating items based on what YOU like, not your echo chamber, fake-news spreading friends.

/ November 30, 2017

Apple’s “blank root password” fix needs a fix of its own – here it is

Read full post Bug, fix, bug, fix – but we’re still saying “Well done” to Apple for a superquick response to the “blank root password” vulnerability.

/ November 30, 2017

5 Free or Low-Cost Security Tools for Defenders

Read full post Not all security tools are pricey.

/ November 30, 2017

Qualys Buys NetWatcher Assets for Cloud-based Threat Intel

Read full post The cloud security company plans to add threat detection, incident response, and compliance management to its platform.

/ November 30, 2017

Mr. Robot eps3.7_dont-delete-me.ko – the security review

Read full post We examine the latest security happenings in this week’s episode of Mr. Robot…

/ November 30, 2017

Enterprise phishing attacks surge but resiliency is on the rise

Read full post We are getting better at detecting phishing campaigns, but fraudsters are improving, too.

/ November 30, 2017

The Good News about Breaches: It Wasn’t You this Time

Read full post Somewhere in every application there is a vulnerability waiting to be exploited. You can attack the problem by having the right mindset and answering two simple questions

/ November 30, 2017

Firefox to warn users when visiting breached websites

Read full post The extension currently includes an input field that users can use to subscribe an email address in order to receive an alert when they may be affected by a future breach. The post Firefox to warn users...

/ November 30, 2017

Epic Games sues 14-year-old cheater, mother launches rhetorical firestorm

Read full post I would run away if I were you, Epic Games: she’s scary, and she’s got good points.

/ November 30, 2017

First US Federal CISO Shares Security Lessons Learned

Read full post Greg Touhill’s advice for security leaders includes knowing the value of information, hardening their workforce, and prioritizing security by design.

/ November 29, 2017

Shipping giant refuses to pay hackers ransom after data stolen

Read full post Clarksons, the global shipping firm, has turned the tables on criminal hackers who attempted to extort a ransom payment after stealing confidential information from the company’s network. The post Shipping giant refuses to pay hackers ransom after...

/ November 29, 2017

Online security 101: Tips for protecting your privacy from hackers and spies

Read full post This simple advice will help to protect you against hackers and government surveillance.

/ November 29, 2017

Apple closes that big root hole – “Install this update as soon as possible”

Read full post That Apple root hole we wrote about just yesterday? Apple has pushed out a patch already – get it while it’s hot!

/ November 29, 2017

Radio Shack robbery to have huge consequences for location privacy

Read full post This could go beyond Radio Shack and location data; it may apply to email/text messages, internet searches, and bank and credit card records.

/ November 29, 2017

US indicts three Chinese nationals for alleged cyberattacks

Read full post The three men are accused of hacking into at least three multinational corporations over the past seven years.

/ November 29, 2017

Samsung’s Mobile Device Bug Bounty Program Gets a Boost

Read full post Samsung Electronics partners with Bugcrowd to deliver timely payments for its Mobile Security Rewards Program.

/ November 29, 2017

ESET malware researchers awarded prize in open-source memory forensics competition

Read full post The Volatility Foundation, the non-profit organization behind the Volatility Framework, sponsors the yearly Volatility Plugin Contest to acknowledge the best forensic tools built on the Volatility platform. The post ESET malware researchers awarded prize in open-source memory...

/ November 29, 2017

Google AI lets phone owners know about shoulder surfers

Read full post Researchers’ system halts a text conversation, shows a face peering over your shoulder, and involves alarmingly pretty sparkles and rainbows!

/ November 29, 2017

Keyless convenience or security risk? Car theft in action

Read full post Exactly how does the attack work and is it expensive to create? The attack, while seeming to be technology voodoo, is actually rather simple. It requires a transmitting relay near the key and a second relay near...

/ November 29, 2017

Suspect in Yahoo Breach Case Pleads Guilty

Read full post Karim Baratov admits he worked on behalf of Russia’s FSB.

/ November 28, 2017

Git Some Security: Locking Down GitHub Hygiene

Read full post In the age of DevOps and agile development practices that lean heavily on GitHub and other cloud resources, strong controls are more important than ever.

/ November 28, 2017

Apple Macs have gaping root hole – here’s a superquick way to check and fix it

Read full post You can’t login as “root” on a Mac because it never asks you to set the password, so you don’t know what it is. Except that it’s [blank].

/ November 28, 2017

New details of NSA’s Ragtime program appear in leaked files

Read full post One variant of Ragtime appears to involve the collection of Americans’ data.

/ November 28, 2017

Stupid, stupid MacOS security flaw grants admin access to anyone

Read full post The latest version of macOS includes a mindlessly simple, one-step way to take over any Mac.

/ November 28, 2017

Retail and Hospitality Breaches Declined Over Past 2 Years

Read full post A drop in publicly disclosed breaches for the two industries is due in part to fewer point-of-sale breaches.

/ November 28, 2017

The Looming War of Good AI vs. Bad AI

Read full post The rise of artificial intelligence, machine learning, hivenets, and next-generation morphic malware is leading to an arms race that enterprises must prepare for now.

/ November 28, 2017

Most Fancy Bear hacking targets weren’t warned by FBI

Read full post In some cases, that includes not being contacted by the FBI even after their emails had been stolen and published online.

/ November 28, 2017

Mr. Robot: Now we know where Tyrell was hiding

Read full post Since nothing is what is seems, it’s hard to be sure who was really behind the attacks shown in the series. The world still believes fsociety was responsible (and they themselves do too, to an extent), but...

/ November 28, 2017

New NSA leak exposes Red Disk, the Army’s failed intelligence system

Read full post The leak marks at least the fifth exposure of NSA-related data in as many years.

/ November 28, 2017

Age verification legislation will lead to porn habit database

Read full post “Data collection creates an inherent risk of data loss through hack, breach, or other forms of intrusion.”

/ November 28, 2017

Trend Micro Buys Immunio

Read full post The acquisition is aimed at balancing the speed of DevOps with application security.

/ November 28, 2017

Involved in a data breach? Firefox to test alerts in the browser

Read full post The company plans to trial an add-on that will warn users if they appear in Troy Hunt’s Have I Been Pwned? database.

/ November 28, 2017

US indicts Chinese hackers for corporate espionage

Read full post The three Chinese nationals are accused of infiltrating US firms to steal trade secrets.

/ November 28, 2017

Developers Can Do More to Up Their Security Game: Report

Read full post Developers can play a vital role in accelerating the adoption of AppSec practices, security vendor says.

/ November 27, 2017