Category: Uncategorized

Cyber News Rundown: Edition 9/15/17

Read full post German Voting Software Raises Concerns With German elections only a couple weeks away, researchers have been working to determine how secure the voting systems really are. Per a recent study, the software being used contains multiple vulnerabilities...

/ September 15, 2017

Google, Spotify Build Open-Source Community for GCP Security

Read full post Google and Spotify create Forseti, an open-source community with tools to secure projects on the Google Cloud Platform.

/ September 15, 2017

India’s Aadhaar digital ID scheme: what could possibly go wrong?

Read full post India’s digital ID scheme has enrolled more than 1bn people in under a decade – but there are concerns about its security and potential for abuse

/ September 15, 2017

Poisoned WordPress ‘Display Widgets’ plugin finally purged

Read full post If you’ve got the ‘Display Widgets’ plugin installed, check that you haven’t got one of the many malicious versions

/ September 15, 2017

Security Orchestration & Automation: Parsing the Options

Read full post Once you head down the path of orchestration, security teams will need to decide how much automation they are ready for. Here’s how.

/ September 15, 2017

Attacks on Android Soared 40% in Q2

Read full post Despite a rise in attacks, the average number of malicious variants remains surprisingly limited, according to a report from Avast.

/ September 15, 2017

7 Indicted Iranian Nationals Now Hit with Sanctions by US Treasury

Read full post US Dept. of Treasury has announced sanctions against Iranian nationals and security firms for ‘malicious cyber-activity’ against US interests.

/ September 15, 2017

Facebook’s Crisis Response hub centralizes help for disaster victims

Read full post Pulling all the crisis tools together should help those caught up in a disaster get help, help others and let their loved ones know how they are

/ September 15, 2017

Attacking Developers Using ‘Shadow Containers’

Read full post Sagie Dulce describes why developers are such attractive targets and how the Docker API can be exploited to use one of developers’ favorite tools against them in sneaky, obfuscated attacks.

/ September 15, 2017

How many people outside the U.S. are affected by the Equifax breach?

Read full post In the recent Equifax breach you may have noticed that people in the UK and Canada are also affected but there has been little clarification as to how many. The post How many people outside the U.S....

/ September 15, 2017

FTC Opens Probe into Equifax Data Breach

Read full post Apache Struts flaw was known to be critical and should have been addressed, security researchers say.

/ September 14, 2017

Microsoft’s Azure ‘Confidential Computing’ Encrypts Data in Use

Read full post Early Access program under way for new Azure cloud security feature.

/ September 14, 2017

A New Model for ‘Mathematically Provable Security’

Read full post Winn Schwartau, CEO of The Security Awareness Company says we all know the old model of security is broken and it’s time for a new one.

/ September 14, 2017

News in brief: FTC to probe Equifax; Bitcoin price falls on China move; HBO teases GoT finale news

Read full post Your daily round-up of some of the other stories in the news 

/ September 14, 2017

Cloud Security’s Shared Responsibility Is Foggy

Read full post Security is a two-way street. The cloud provider isn’t the only one that must take precautions.

/ September 14, 2017

Yet another trove of sensitive US voter records has leaked

Read full post Each record contained details on voters, including names, addresses, dates of birth, their ethnic identity, whether an individual is married, and the individual’s voting preferences.

/ September 14, 2017

Equifax: researchers find leaky customer help portal in Argentina

Read full post Researchers pulled thousands of records from site secured by a username and password of ‘admin’

/ September 14, 2017

Microsoft Office Zero-Day Spread Surveillance Software

Read full post FireEye discovered CVE-2017-8759 flaw patched by Microsoft this week.

/ September 14, 2017

‘ExpensiveWall’ Attacks More Than 1 Million Android Users

Read full post New Android malware variant registers users for paid services without their permission and sends bogus premium SMS messages.

/ September 14, 2017

Microsoft patches second FinSpy zero-day exploit this year

Read full post This week saw a veritable patchwork quilt of updates to Microsoft products – including one zero-day

/ September 14, 2017

Equifax felled by a months-old Apache Struts vulnerability

Read full post Patching vulnerabilities often means juggling risk and practicality – which can mean gambling with customer data

/ September 14, 2017

Encryption: A New Boundary for Distributed Infrastructure

Read full post As the sheet metal surrounding traditional infrastructure continues to fall away, where should security functions in a cloud environment reside?

/ September 14, 2017

AppGuard secures $30 million in Series B funding

Read full post The cybersecurity firm will use the cash to complete the acquisition of KeepTree.

/ September 14, 2017

The Hunt for IoT: The Rise of Thingbots

Read full post Across all of our research, every indication is that today’s “thingbots” – botnets built exclusively from Internet of Things devices – will become the infrastructure for a future Darknet.

/ September 14, 2017

Cryptocurrency web mining: In union there is profit

Read full post Cryptocurrency mining has been used by cybercriminals to make a quick and easy profit while corrupting the victim’s machine in the process. The post Cryptocurrency web mining: In union there is profit appeared first on WeLiveSecurity

/ September 14, 2017

Equifax: four simple steps to secure yourself

Read full post Take these four steps to get through the Equifax breach with your identity and finances intact

/ September 14, 2017

DHS faces lawsuit over legality of forced warrantless device searches

Read full post Plaintiffs including a veteran, a NASA staffer and a journalist claim that their First and Fourth Amendment rights were breached by searches at the border

/ September 14, 2017

JPMorgan calls Bitcoin “fraud” only for use by criminals and North Koreans

Read full post JPMorgan boss Jamie Dimon has not minced his words when it comes to the cryptocurrency.

/ September 14, 2017

Samsung launches bug bounty program for mobile devices

Read full post Researchers can earn up to $200,000 for disclosing bugs impacting the security of your handsets.

/ September 14, 2017

Zerodium lures researchers with $1 million payout for Tor Browser flaws

Read full post The new bug bounty program only wants functional zero-day exploits.

/ September 14, 2017

The Dark Reading Security Spending Survey

Read full post Enterprises are spending an unprecedented amount of money on IT security – where does it all go? In this survey, Dark Reading polled senior IT management on security budgets and spending plans, and their priorities for the...

/ September 13, 2017

Equifax confirms Apache Struts security flaw it failed to patch is to blame for hack

Read full post The company said the March vulnerability was exploited by hackers.

/ September 13, 2017

‘Bashware’ Undermines Windows 10 Security Via Linux Subsystem

Read full post New WSL feature in Windows 10 gives attackers a way to run malware without being detected by any current endpoint security tools, Check Point says.

/ September 13, 2017

Trump Orders Removal of Kaspersky Products from Federal Systems

Read full post The president cites concern that the Russia-based company could be influenced by the Kremlin.

/ September 13, 2017

Experts Weigh Pros, Cons of FaceID Authentication in iPhone X

Read full post Security pros discuss Apple’s decision to swap fingerprint scanning for facial recognition technology in the latest iPhone.

/ September 13, 2017

Businesses Fail to Properly Secure, Assess SSH: ISACA

Read full post Frequently used but underappreciated, Secure Shell is rarely secured, assessed, documented, or managed in a systematic way, researchers report.

/ September 13, 2017

5 Problems That Keep CISOs Awake at Night

Read full post The last few years have shown a big difference in the way cyber-risks are acknowledged, but progress still needs to be made.

/ September 13, 2017

News in brief: Cruz’s Twitter blunder; Adobe patches Flash

Read full post Your daily round-up of some of the other stories in the news

/ September 13, 2017

10 Ways to Prevent Your Mobile Devices From Becoming Bots

Read full post Enterprises may not notice a huge impact on their network’s bandwidth, but other repercussions may loom in the background.

/ September 13, 2017

10 Ways to Prevent Your Mobile Devices From Becoming Bots

Read full post Enterprises may not notice a huge impact on their network’s bandwidth, but other repercussions may loom in the background.

/ September 13, 2017