Troy Hunt
AUGUST 28, 2020
Since I recorded this morning, I've had an absolute breakthrough - I CAN OPEN MY GARAGE DOOR WITH MY WATCH ! I know, I know, it shouldn't be this hard and that's a lot of the point I'm making in this week's video. Having said that, some parts have been hard because I've made simple mistakes , but the nature of the IoT ecosystem as it stands today predisposes you to mistakes because there's so freakin' many moving parts that all need to be aligned.
Schneier on Security
AUGUST 28, 2020
The US Postal Service has filed a patent on a blockchain voting method: Abstract: A voting system can use the security of blockchain and the mail to provide a reliable voting system. A registered voter receives a computer readable code in the mail and confirms identity and confirms correct ballot information in an election. The system separates voter identification and votes to ensure vote anonymity, and stores votes on a distributed ledger in a blockchain.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Tech Republic Security
AUGUST 28, 2020
New security capabilities designed for SMEs allow IT admins to apply baseline security settings across an organization.
Adam Shostack
AUGUST 28, 2020
Mark Rasch, who created the Computer Crime Unit at the United States Department of Justice, has an essay, “ Conceal and Fail to Report – The Uber CSO Indictment.” The case is causing great consternation in the InfoSec community partly because it is the first instance in which a CSO or CISO has been personally held responsible (other than by firing) for a data breach response, and the first time that criminal sanctions of any kind have been sought against the corporate victim of
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Security Affairs
AUGUST 28, 2020
A new variant of the infamous Lemon_Duck cryptomining malware has been updated to targets Linux devices. Security researchers from Sophos have spotted a new variant of the Lemon_Duck cryptomining malware that has been updated to compromise Linux machines via SSH brute force attacks. The new variant also exploits SMBGhost bug in Windows systems, and is also able to target servers running Redis and Hadoop instances.
Dark Reading
AUGUST 28, 2020
Key to this new definition is the principle that security programs are designed to minimize business risk, not to achieve 100% no-risk.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Threatpost
AUGUST 28, 2020
Researchers warn that a phishing scam is targeting Instagram users via direct messages on the app.
Security Affairs
AUGUST 28, 2020
Cisco addressed ten high-risk vulnerabilities in NX-OS software, including some issues that could lead to code execution and privilege escalation. Cisco this week released security patches to address ten high-risk vulnerabilities in NX-OS software, including some flaws that could lead to code execution and privilege escalation. The first issue, tracked as CVE-2020-3517, is a DoS issue that resides in the Fabric Services component.
Threatpost
AUGUST 28, 2020
A Tesla employee was reportedly approached by a Russian national and asked to install malware on the company's systems.
Security Affairs
AUGUST 28, 2020
A former Cisco employee has pleaded guilty to hacking charges and intentionally causing damage to the systems of his company. The former Cisco employee Sudhish Kasaba Ramesh (30) pleaded guilty in federal court in San Jose today to intentionally accessing a protected computer of his company without authorization and causing damage. The news was announced by United States Attorney David L.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Threatpost
AUGUST 28, 2020
Complaint details collaboration with China to funnel $250m in stolen funds as part of state-sponsored attacks.
Dark Reading
AUGUST 28, 2020
Efforts to create a technology framework for alerting people to whether they have been exposed to an infectious disease have been hindered by a number of key issues.
Spinone
AUGUST 28, 2020
Google Workspace is a top-notch collaboration and data management suite, and it worth every penny – there is no doubt here. But there are some instances when your company can and, well, should be spending way less money than it is currently doing. As a cloud data protection company, we develop products for organizations that use […] The post How Businesses Can Save Up to 64% on Google Workspace Licenses first appeared on SpinOne.
Dark Reading
AUGUST 28, 2020
Caught off guard by a ransomware attack? Security experts say the warning signs were there all along.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Spinone
AUGUST 28, 2020
G Suite is a top-notch collaboration and data management suite, and it worth every penny – there is no doubt here. But there are some instances when your company can and, well, should be spending on it way less money than it is currently doing. As a cloud data protection company, we develop products for organizations that use G Suite (and Office 365).
Dark Reading
AUGUST 28, 2020
Researchers report the TA542 threat group has made code changes to its malware and started targeting new locations with Emotet.
The Security Ledger
AUGUST 28, 2020
In this Spotlight Podcast, sponsored by RSA, we take on the question of securing the 2020 Presidential election. Given the magnitude of the problem, could taking a more risk-based approach to security pay off? We're joined by two information security professionals: Rob Carey is the Vice President and General Manager of Global Public Sector. Read the whole entry. » Related Stories Spotlight Podcast: QOMPLX CISO Andy Jaquith on COVID, Ransomware and Resilience Spotlight Podcast: RSA President
Krebs on Security
AUGUST 28, 2020
Email service provider Sendgrid is grappling with an unusually large number of customer accounts whose passwords have been cracked, sold to spammers, and abused for sending phishing and email malware attacks. Sendgrid’s parent company Twilio says it is working on a plan to require multi-factor authentication for all of its customers, but that solution may not come fast enough for organizations having trouble dealing with the fallout in the meantime.
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Security Affairs
AUGUST 28, 2020
The Iran-linked Charming Kitten APT group leveraged on WhatsApp and LinkedIn to carry out phishing attacks, researchers warn. Clearsky security researchers revealed that Iran-linked Charming Kitten APT group is using WhatsApp and LinkedIn to conduct spear-phishing attacks. Iran-linked Charming Kitten group, (aka APT35 , Phosphorus , Newscaster , and Ajax Security Team) made the headlines in 2014 when experts at iSight issued a report describing the most elaborate net-based spying campaign organi
Schneier on Security
AUGUST 28, 2020
Lots of interesting genetic details. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.
Dark Reading
AUGUST 28, 2020
The Democratic National Committee advises against sharing too much work and personal information on popular dating apps.
Expert insights. Personalized for you.
254 
Let's personalize your content