security.didici.cc
Coviello: Modern Security Threats are 'Less About the Techniques'
3 hours agoToday's attack surface is broader, more open, and demands a proactive approach to security, according to former RSA chairman Art Coviello.
Exploit Targets Nvidia Tegra-Based Nintendo Systems
5 hours agoResearchers have found an exploit in Nvidia Tegra X1-based systems that they say cannot be patched.
Yahoo! fined! $35m! for! Hiding! Massive! Security! Breach!
5 hours agoNow, who wants to take a look at the revamped Yahoo Mail? The Disaster Formerly Known as Yahoo! has been fined $35m by the US Securities and Exchange Commission for failing to tell anyone about one of the world's largest ever data breaches.…
Baseball Code
5 hours agoInfo on the coded signals used by the Colorado Rockies.
Orangeworm Mounts Espionage Campaign Against Healthcare
5 hours agoA freshly minted attack group dubbed Orangeworm has been uncovered, deploying a custom backdoor in mostly healthcare-related environments. It’s bent on laser-focused, comprehensive corporate espionage, with a noisy attack vector that shows that it’s u ...
MyEtherWallet.com turns into Someone Else's EtherWallet amid AWS DNS network hijack
5 hours agoBGP takeover redirects traffic from Amazon to crooks Crooks today hijacked internet connections to Amazon Web Services systems to ultimately steal $28m in alt-coins from online cryptocurrency website MyEtherWallet.com.…
Ransomware Attack Hits Ukrainian Energy Ministry, Exploiting Drupalgeddon2
6 hours agoThe Ukrainian Energy Ministry has been hit by a ransomware attack – and for once it looks like this is the work of amateurs, not nation-state attackers bent on making a geopolitical point. However, the bad actors appear to have made use of the recently ...
Deconstructing the Possibilities and Realities of Enterprise IoT Security
6 hours agoOrganizations are rushing to leverage Internet of Things solutions but struggle to design the information technology architectures that will lock down the data these devices create.
Critical infrastructure needs more 21qs6Q#S$, less [email protected], UK.gov security committee told
7 hours agoPlus: No one will say whether Huawei, ZTE are the baddies Banks could plug their security vulnerabilities by simply improving password protections, the deputy CEO of the Prudential Regulation Authority has told the House of Lords.…
MEDantex Healthcare Transcription Firm Accidentally Exposes Medical Records
8 hours agoExposed data likely the result of a flawed system rebuild after a recent ransomware attack on the company.
Cybersecurity Buzz Phrase Bingo
9 hours agoThe RSA Conference expo was chock full of vendors showing off their wares with language as colorful as the blinky lights on a SOC dashboard.
'Stresspaint' Targets Facebook Credentials
10 hours agoNew malware variant goes after login credentials for popular Facebook pages.
It's Time to Take GitHub Threats Seriously
10 hours agoThere's a good chance your company has projects on the source code management system, but the casual way many developers use GitHub creates security issues.
Medic! Orangeworm malware targets hospitals worldwide
10 hours agoHacking campaign goes after care providers and equipment If there's one thing security vendors love it's a catchilly-named piece of malware to whip up fervor over, and boy is it a good day to be Symantec.…
Police Visit Funeral Home To Unlock Dead Man's Phone
11 hours ago
Credit Karma expands its identity theft monitoring tool to include dark web data
11 hours agoCredit Karma is best known for being the only reason anyone is ever willing to peek at their credit score, but the company has other things it wants you to be less stressed out about too. After introducing a free identity monitoring tool for its users lat ...
Golden Galleon Raids Maritime Shipping Firms
12 hours agoA new Nigerian criminal gang is launching attacks on the maritime industry.
Computer Alarm that Triggers When Lid Is Opened
13 hours ago"Do Not Disturb" is a Macintosh app that send an alert when the lid is opened. The idea is to detect computer tampering. Wire article: Do Not Disturb goes a step further than just the push notification. Using the Do Not Disturb iOS app, a notified user ...
This cryptocurrency mining malware also disables your security services
14 hours agoA year on from the vulnerabilities being leaked, attackers are still using leaked NSA tools to power new attacks - this time with the newly uncovered PyRoMine.
Facebook reveals 25 pages of takedown rules for hate speech and more
15 hours agoFacebook has never before made public the guidelines its moderators use to decide whether to remove violence, spam, harassment, self-harm, terrorism, intellectual property theft, and hate speech from social network until now. The company hoped to avoid m ...
Massive cyber attack targets mid-Atlantic nation 'Berylia'
18 hours agoNATO exercise offers the chance to test full chain of cyber-defence command NATO and assorted partners have unleashed a massive cyber-attack on the fictional country of Berylia to test their ability to defend critical infrastructure against outside attack ...
Satan Ransomware Adds EternalBlue Exploit
20 hours ago
GoGet 'hacker' case stalled awaiting information from Amazon
23 hours agoSydney Local Court has heard that Nik Cubrilovic intends to plead not guilty to all charges relating to the alleged access of GoGet's systems.
Orangeworm menaces healthcare computers
1 day agoPlants Kwampirs backdoors.
Unstoppable exploit in Nintendo Switch opens door to homebrew and piracy
1 day agoThe Nintendo Switch may soon be a haven for hackers, but not the kind that want your data — the kind that want to run SNES emulators and Linux on their handheld gaming consoles. A flaw in an Nvidia chip used by the Switch, detailed today, lets power u ...
Muhstik Botnet Exploits Highly Critical Drupal Bug
1 day agoA botnet has exploited a highly critical Drupal CMS vulnerability, which was previously disclosed by Drupal in March.
Nintendo Switch users about to get pwned after unpatchable flaw found in NVIDIA Tegra chips
1 day agoResearcher reveals demo attack code, full release in June Security researcher Kate Temkin has released proof-of-concept code to launch an exploit chain called Fusée Gelée, which relies on an as-yet-undisclosed vulnerability in past versions of Nvidia's ...
Unpatchable flaw found in Nvidia Tegra chipsets. Perfect for hacking Nintendo Switches, BTW
1 day agoResearcher reveals demo USB attack code, full release in June Security researcher Kate Temkin has released proof-of-concept code to launch an exploit chain called Fusée Gelée, which relies on an as-yet-undisclosed firmware vulnerability baked into past ...
Threat Intel: Finding Balance in an Overcrowded Market
1 day agoIndustry insiders discuss how threat intelligence has changed and what may happen as the market becomes increasingly saturated.
Australia joins NATO Cyber Defence Centre
1 day agoWill observe cyber defence exercise.
Threat Actors Turn to Blockchain Infrastructure to Host & Hide Malicious Activity
1 day ago.bit domains are increasingly being used to hide payloads, stolen data, and command and control servers, FireEye says.
Russia is Banning Telegram
1 day agoRussia has banned the secure messaging app Telegram. It's making an absolute mess of the ban -- blocking 16 million IP addresses, many belonging to the Amazon and Google clouds -- and it's not even clear that it's working. But, more importantly, I'm not ...
Atlanta spent at least $2.6 million on ransomware recovery
1 day agoThe ransom was never paid, because the payment portal was pulled offline by the attacker.
Mysterious cyber worm targets medical systems, is found on X-ray machines and MRI scanners
1 day agoOrangeworm hacking group carefully selects victims in highly targeted attacks.
Digital Identity Makes Headway Around the World
1 day agoThe US is lagging behind the digital ID leaders.
IDS & IPS: Two Essential Security Measures
1 day agoTo protect business networks, one line of security isn't enough.
Internet Explorer zero-day alert: Attackers hitting unpatched bug in Microsoft browser
1 day agoMicrosoft is being urged to rush out a patch for a bug in Internet Explorer that's being used in attacks.
Yet Another Biometric: Ear Shape
1 day agoThis acoustic technology identifies individuals by their ear shapes. No information about either false positives or false negatives.
17 internet-connected things that really shouldn't be online
1 day agoA roundup of some of the more bizarre things that are online -- but really shouldn't be.
Gmail spam mystery: Why have secure accounts started spamming themselves?
1 day agoSpam appears in users' sent folders even from accounts that haven't been compromised.
Windows warning: Tech-support scammers are ramping up attacks, says Microsoft
1 day agoWindows 10 security won't protect you from tech-support scammers' lies and trickery.
Single single-sign-on SNAFU threatens three Cisco products
1 day agoFirepower, AnyConnect and ASA appliances and clients need patches Cisco has announced a suite of patches against a bug in its Security Assertion Markup Language (SAML) implementation.…
SunTrust Banks ex-employee may have stolen 1.5 million customer records
1 day agoThe former staff member is suspected of stealing customer data belonging to the financial company.
Reported breaches not painting complete picture of Australian security landscape
1 day agoAlthough 63 data breaches were reported to the Office of the Australian Information Commissioner in less than six weeks, FireEye's Mandiant has warned the figure is higher, but organisations are unsure if their breach fits the brief.
Brains behind iOS' secure microkernel start moving it to RISC-V
1 day agoUnveil first code, joins giants in industry standard-club Last week, the Data61 division of Australia's Commonwealth Scientific and Industrial Research Organisation (CSIRO) released the first RISC-V version of its seL4 microkernel.…
Brains behind seL4 secure microkernel begin RISC-V chip port
1 day agoUnveil first code, joins giants in industry standard-club Last week, the first RISC-V port of its seL4 microkernel was released by the Data61 division of the Australian government's Commonwealth Scientific and Industrial Research Organisation (CSIRO).…
New Survey Shows Hybrid Cloud Confidence
1 day agoExecutives are mostly confident in their hybrid cloud security, according to the results of a new survey.
Chinese web giant finds Windows zero-day, stays shtum on specifics
1 day agoQuihoo 360 plays the responsible disclosure game Chinese company Quihoo 360 says it's found a Windows zero-day in the wild, but because it's notified Microsoft, it's not telling anyone else how it works.…
A regulation straitjacket is no less than Facebook and everyone else deserves
2 days agoFacebook should be made an example of for failing to protect its users' information, but it won't happen.
In the NYC enterprise startup scene, security is job one
3 days agoWhile most people probably would not think of New York as a hotbed for enterprise startups of any kind, it is actually quite active. When you stop to consider that the world’s biggest banks and financial services companies are located there, it would ce ...
Cloud-surfing orgs under attack, Microsoft antivirus for Chrome, Windows 10 S bypass, non-RSA gigs, and more
3 days agoYour guide to this week in infosec Roundup Here's a roundup of this week's security news, beyond what we've already covered.…
Cybercrime Economy Generates $1.5 Trillion a Year
4 days agoThreat actors generate, launder, spend, and reinvest more than $1.5 trillion in illicit funds, according to a new study on cybercrime's 'web of profit.'
Oh, baby! Newborn-care site leaves user database wide open
4 days agoHealth Stream, are you out there? The guy that found your data leak wants a word A US health company apparently exposed contact information for hundreds of medical professionals.…
Trust: The Secret Ingredient to DevSecOps Success
4 days agoSecurity practitioners must build trusted relationships with developers and within cross-functional DevOps teams to get themselves embedded into continuous software delivery processes.
SunTrust Ex-Employee May Have Stolen Data on 1.5 Million Bank Clients
4 days agoNames, addresses, phone numbers, account balances, may have been exposed.
Friday Squid Blogging: Squid Prices Rise as Catch Decreases
4 days agoIn Japan: Last year's haul sank 15% to 53,000 tons, according to the JF Zengyoren national federation of fishing cooperatives. The squid catch has fallen by half in just two years. The previous low was plumbed in 2016. Lighter catches have been blamed o ...
No way, RSA! Security conference's mobile app embarrassingly insecure
4 days agoSorry about the hard-coded passwords, can we sell you some crypto now? RSA has copped to a security vulnerability in the mobile app it served to attendees of its annual security conference, held this week in San Francsico.…
No way, RSA! Security conference's mobile app embarrassingly insecure
4 days agoSorry about the hard-coded passwords, can we sell you some crypto now? RSA has copped to a security vulnerability in the mobile app it served to attendees of its annual security conference, held this week in San Francsico.…
DNC Sues Guccifer 2.0, Russian Federation, Trump Campaign, for Election Conspiracy
4 days agoDNC first hacked by Russians in 2015, according to the filing.
DNC Sues Guccifer 2.0, Russian Federation, Trump Campaign, for Election Conspiracy
4 days agoDNC first hacked by Russians in 2015, according to the filing.
How your company can measure its 'cyber resilience' and evaluate its posture
4 days agoNon-profits ISACA and CMMI help companies score their cybersecurity readiness and create a gap analysis to get up to speed.
Why the US federal government has been leaning into the cloud since 2011
4 days agoThe cloud benefits of elasticity, scalability, and nimbleness were tailor-made for some of the massive and intermittent IT projects of the US government.
IBM: Fewer records are being breached, but cyber attacks are getting more costly
4 days agoIncident response research from Big Blue offers surprising results, as hacks get more serious but defenders improve their tools and training. IBM's Wendi Whitmore explains.
British head of Crackas With Attitude gets two years for CIA hack
4 days agoKane Gamble gambles and loses on hacking skills The British teenager who was sufficiently talented and stupid to target the head of the CIA has been given a two-year jail sentence.…
Twitter bans Russian security firm Kaspersky Lab from buying ads
4 days agoThe U.S. government isn’t the only one feeling skittish about Kaspersky Lab. On Friday, the Russian security firm’s founder Eugene Kaspersky confronted Twitter’s apparent ban on advertising from the company, a decision it quietly issued in January. ...
Smart home suites match up devices for security and convenience
4 days agoAre you looking for ways to make your home smarter and safer? Then check out these hand-picked smart home product suites. They're expansive, easy to use, and overall good options if you don't know where to start.
Akamai CSO Talks Cryptominers, IoT and the Reemergence of Old Threats
4 days agoAndy Ellis, CSO Akamai, discusses how the company works with others within the cybersecurity landscape to help keep the internet safe.
Roman Unuchek on Apps Leaking Private Data
4 days agoThreatpost's Tom Spring talked to Roman Unuchek, senior malware analyst at Kaspersky Lab, about his discoveries this week at the RSA Conference.
Planned European death ray may not need Brit boffinry brain-picking
4 days agoPlenty of laser research already going on – but there's more than one way to melt a drone The EU is planning to build a laser cannon with double the power of Britain's under-construction Dragonfire zapper, according to reports – but the general state ...
Biometrics Are Coming & So Are Security Concerns
4 days agoCould these advanced technologies be putting user data at risk?
Windows 10: Microsoft to boost Linux app security with Windows Defender firewall
4 days agoMicrosoft preps new Windows 10 security features to ensure system integrity during start-up and after it's running.
At RSA, SOC 'Sees' User Behaviors
4 days agoInstruments at the RSA SOC give analysts insight into attendee behavior on an open network.
At RSAC, SOC 'Sees' User Behaviors
4 days agoInstruments at the RSA Security Operations Center give analysts insight into attendee behavior on an open network.
HackerOne CEO Talks Bug Bounty Programs at RSA Conference
4 days agoCan bug bounty programs be designed to protect consumer privacy and how do programs balance white hat disclosure versus companies sitting on vulnerabilities until they are fixed?
Ransomware, stolen data or malware: How do online crooks really make their money?
4 days agoThe cybercrime economy has "now become a kind of mirror image of contemporary capitalism", says paper.
Securing Elections
4 days agoElections serve two purposes. The first, and obvious, purpose is to accurately choose the winner. But the second is equally important: to convince the loser. To the extent that an election system is not transparently and auditably accurate, it fails in th ...
Google's Project Zero exposes unpatched Windows 10 lockdown bypass
4 days agoGoogle denies multiple requests by Microsoft for an extension to Project Zero's 90-day disclose-or-fix deadline.
Oracle critical update fixes 254 flaws - so get patching now
4 days agoFixes for vulnerabilities spread across 20 products and a Solaris patch that addresses the Spectre processor flaw.
ZTE lashes out at US ban, vows to protect company
4 days agoChinese vendor describes US export ban as unacceptable, adding that it has invested significant efforts since April 2016 in ensuring compliance with export laws and, if necessary, will seek judicial recourse to protect its interests.
Vic govt concerned with "breadth" of facial recognition laws
4 days agoCracks emerge in intergovernmental agreement.
Victoria wants data misuse provisions included in face-matching system
4 days agoThe Victorian government has asked for privacy safeguards and further clarification on who can access Australia's Face Identification Service before the Bill is set in stone.
Turnbull confirms Solomon Islands subsea cable
4 days agoMalcolm Turnbull has cited Pacific Islands cybersecurity in affirming funding for a subsea cable to be built between Australia, Solomon Islands, and Papua New Guinea.
Oracle Releases 254 Security Fixes
4 days ago
Yahoo! Webmail Hackers Faces 8 Years Inside
4 days ago
JP Morgan Ousted Security Chief Backed By Palantir After Executives Found Out He Was Spying On Them
4 days ago
Microsoft CISO Talks Threat Intel, 'Data Inclusion'
4 days agoDark Reading caught up with Microsoft's Bret Arsenault to discuss intelligence, identity, and the need to leverage more diverse datasets.
Firms Likelier to Tempt Security Pros with Big Salaries than Invest in Training
5 days agoBooz Allen survey shows most organizations' answer to the security skills shortage may be unsustainable.
Firms More Likely to Tempt Security Pros With Big Salaries than Invest in Training
5 days agoBooz Allen survey shows most organizations' answer to the security skills shortage may be unsustainable.
Oracle whips out the swatter, squishes 254 security bugs
5 days agoJava fixes, Spectre Solaris patches issued Oracle has released its April security update, addressing a total of 254 security vulnerabilities across dozens of products.…
LinkedIn bug allowed data to be stolen from user profiles
5 days agoPrivate profile data — like phone numbers and email addresses — could have been easily collected.
LinkedIn’s AutoFill plugin could leak user data, secret fix failed
5 days agoFacebook isn’t the only one in the hot seat over data privacy. A flaw in LinkedIn’s AutoFill plugin that websites use to let you quickly complete forms could have allowed hackers to steal your full name, phone number, email address, location (ZIP cod ...
Centrify gives states a deal on identity management software to secure midterm elections
5 days agoTo secure U.S. election systems from the very real threat of targeted cyberattacks, states might need to reframe their security practices to look more like they would in a tightly-controlled corporate environment. To that end, Centrify, an enterprise clo ...
Free endpoint scanning service powered by Open Threat Exchange
5 days agoRuss Spitler, AlienVault's SVP of product strategy, explains how security pros can leverage the community-powered threat intelligence of OTX - which sees more than 19 million IoCs contributed daily by a global community of 80,000 peers - to quickly protec ...
Can AI improve your endpoint detection and response?
5 days agoTo intervene with optimum efficiency, response team needs to zero in on the most potentially dangerous endpoint anomalies first. And according to Harish Agastya, VP of Enterprise Solutions at Bitdefender, machine learning-assisted EDR can help you do exa ...
Can machine learning improve your endpoint detection and response?
5 days agoTo intervene with optimum efficiency, response team needs to zero in on the most potentially dangerous endpoint anomalies first. And according to Harish Agastya, VP of Enterprise Solutions at Bitdefender, machine learning-assisted EDR can help you do exa ...
Successfully Using Deception Against APTs
5 days agoAccording to Illusive CEO Ofer Israeli, deception technology can provide a vital layer of protection from advanced persistent threats (APTs) by presenting attackers with seemingly genuine servers that both divert them from high-value digital assets and ma ...
Yahoo! Hacker! Faces! Nearly! Eight! Years! In! Prison!
5 days agoProsecutors ask judge to give Baratov 94 months for stealing accounts on behalf of FSB The Canadian hacker who helped Russian agents by breaking into more than 11,000 Yahoo email accounts could spend the next eight years behind bars, if prosecutors in the ...
Yahoo! webmail! hacker! faces! nearly! eight! years! in! the! cooler!
5 days agoProsecutors ask judge to give Baratov 94 months for stealing accounts on behalf of FSB The Canadian hacker who helped Russian agents by breaking into more than 11,000 Yahoo email accounts could spend the next eight years behind bars, if American prosecuto ...
Securing Social Media: National Safety, Privacy Concerns
5 days agoIt's a critical time for social media platforms and the government agencies and private businesses and individuals using them.
Protecting Data Anywhere and Everywhere
5 days agoSecurityFirst CEO Jim Varner explains how resellers and MSPs can work with their clients to ensure that all of their business-critical data everywhere can be kept safe from attackers and readily available for disaster recovery - even as threats intensify ...
Addressing the Skills Shortfall on Your Infosec Team
5 days agoGiven intensifying threats and limited infosec budgets, Endgame CTO Jamie Butler suggests that security leaders deploy tools that leverage machine learning, chatbots, and other technologies to make Tier 1/Tier 2 staff much more effective at stopping even ...
IoT Security Concerns Peaking – With No End In Sight
5 days agoDespite numerous talks about IoT vulnerabilities at RSAC this week, a clear resolution on a fixes is nowhere in sight.
Using Carrier Intelligence to Validate Mobile User Identity
5 days agoTo confidently validate the identity of mobile users without adding business-killing friction to login and on-boarding processes, Lea Tarnowski and Wendell Brown of Averon suggest leveraging the intelligence mobile carriers already have about their custom ...
Eight months after Equifax megahack, some Brits are only just being notified
5 days agoI'm fsck-ed off it took this long, rages affected Reg reader Some of the 15 million Britons affected by the Equifax mega-hack are only now receiving letters notifying them that they were affected by the breach, eight months after the event.…
Cloud Credentials: New Attack Surface for Old Problem
5 days agoResearchers show why keeping a handle on user credentials is just as hard in the cloud as it is on local networks.
This malware targets Facebook log-in details, infects over 45,000 in just days
5 days agoStressPaint malware is "developed professionally" and could be be harvesting accounts for anything from credential selling and identity theft, to malvertising and propaganda campaigns, warn researchers.
First Public Demo of Data Breach via IoT Hack Comes to RSAC
5 days agoAt RSA Conference, Senrio researchers will show how relatively unskilled attackers can steal personally identifiable information without coming into contact with endpoint security tools.
48 million personal profiles left exposed by data firm LocalBlox
5 days agoPoorly configured S3 buckets strike again US social network data aggregator LocalBlox has been caught leaving its AWS bucket of 48 million records – harvested in part from Facebook, LinkedIn and Twitter – available to be viewed by anyone who stopped b ...
This ransomware was rewritten to mine cryptocurrency - and destroy your files
5 days agoSome criminals are shifting from ransomware to cryptocurrency miners - those behind XiaoBa have rejigged the code to shift the same malware towards a different focus.
Chris Vickery Discusses Data Leak of 48 Million Users by Private Intelligence Firm
5 days agoPrivate intelligence gathering firm LocalBlox leaked data on 48 million users that was scraped from Facebook, LinkedIn, Zillow and other sites.
Use of ‘StegWare’ Increases in Stealth Malware Attacks
5 days agoResearchers are warning malware payloads can bypass traditional AV protection when delivered buried inside images, documents or even just a pixel.
Google cuts fake ad blockers from Chrome Store: Were you among 20 million fooled?
5 days agoBogus ad-blocker extensions in the Chrome Web Store trick millions of people into installing them.
Researchers Discover Second rTorrent Vulnerability Campaign
5 days agoThis time attackers appears to have spoofed the Recording Industry Association of America (RIAA) and New York University (NYU) user-agents.
Gold Galleon hackers target maritime shipping industry
5 days agoResearchers say a Nigerian hacking group is gleefully plundering maritime shipping businesses and their customers.
Uber denies its CTO met with Cambridge Analytica
5 days agoUber has denied that its sitting CTO, Thuan Pham, met with Cambridge Analytica — the controversial political consultancy at the center of a Facebook user data misuse scandal. But it has not been able to confirm that no meetings between anyone else on i ...
Lifting a Fingerprint from a Photo
5 days agoPolice in the UK were able to read a fingerprint from a photo of a hand: Staff from the unit's specialist imaging team were able to enhance a picture of a hand holding a number of tablets, which was taken from a mobile phone, before fingerprint experts w ...
This malware will take screenshots, steal your passwords and files - and drain your cryptocurrency wallet
5 days ago'SquirtDanger' is distributed to users to deploy as they see fit - and attacks have been carried out around the world.
Cutting custody snaps too costly for cash-strapped cops – UK.gov
5 days agoHome Office admits national and local databases don't talk to each other, so everything is manual The UK government has admitted it can only delete custody images from its massive database through a complex manual process, and that it would cost too much ...
Facebook moving 1.5 billion users away from GDPR protection
5 days agoFacebook is making changes that will prevent non-European users previously under European laws from being protected by the General Data Protection Regulation.
Should CISOs Be Hackers?
5 days agoJustin Calmus, Chief Security Officer at OneLogin, believes that cybersecurity professionals - including CISOs and other security team leaders - can be much more effective at their jobs if they stay actively engaged with hacking communities that keep them ...
PCI Council releases vastly expanded cards-in-clouds guidance
5 days agoFirst word on how card security for containers, VDI, SDN and web apps The Payment Card Industry Security Standards Council (PCI SSC) has issued a big update to its guidance on using payment cards with cloud computing services.…
Cyber fraudsters now stealing millions in single transactions
5 days agoMore businesses are being tricked into sending millions of dollars to cybercriminals, but the criminals often betray themselves through lax operational security.
NHS Website Defaced By Hackers
5 days ago
Flash! Ah-Ahhh! WebEx Pwned For All of Us!
5 days ago
DHS Helps Shop Android IPS Prototype
5 days agoA MITRE-developed intrusion prevention system technology got showcased here this week at the RSA Conference.
Facebook's login-to-other-sites service lets scum slurp your stuff
5 days agoYour security's only as good as your partners'. And some Facebook partners are rotten A security researcher has claimed it's possible to extract user information from Facebook's Login service, the tool that lets you sign into third-party sites with a Face ...
70% of Energy Firms Worry About Physical Damage from Cyberattacks
5 days agoHigh-profile ICS attacks Triton/Trisis, Industroyer/CrashOverride
, and Stuxnet have driven energy firms to invest more in cybersecurity, survey shows.
Flash! Ah-ahhh! WebEx pwned for all of us!
6 days agoCisco issues critical patch to stop in-meeting attacks Cisco has patched a serious vulnerability in its WebEx software that lets an attacker remotely execute code on target machines via poisoned Flash files.…