Adam Levin
AUGUST 5, 2020
Simple spelling errors in URLs can expose you to phishing, malware, and other kinds of cyber trickery. In the latest episode of Third Certainty, Adam Levin discusses typosquatting and how it can put your data security in jeopardy. The post Typosquatting – Third Certainty #24 appeared first on Adam Levin.
Tech Republic Security
AUGUST 5, 2020
New Tenable study says 94% of organizations experienced a business-impacting cyberattack or compromise within the past 12 months; 46% weathered five or more attacks.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Adam Levin
AUGUST 5, 2020
The NSA has issued a cybersecurity advisory about the use of location data on personal devices, social media accounts, mobile applications, as well as Internet of Things-enabled devices. The advisory, titled “Limiting Location Data Exposure,” was released August 4. While it is directed at government officials, the advice could also help the general public mitigate risks to data and privacy posed by location-tracking technologies.
Security Affairs
AUGUST 5, 2020
ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum. ZDNet has reported in exclusive that a list of plaintext usernames and passwords for 900 Pulse Secure VPN enterprise servers, along with IP addresses, has been shared on a Russian-speaking hacker forum. ZDNet has obtained a copy of the list with the help of threat intelligence firm KELA and verified confirmed the authenticity of the data.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Tech Republic Security
AUGUST 5, 2020
Online shopping is the most prevalent type of scam with people losing nearly $14 million to date, according to FTC data.
Security Affairs
AUGUST 5, 2020
Researchers from TIM’s Red Team Research (RTR) have discovered another 4 new zero-day vulnerabilities in the WOWZA Streaming Engine product. Last month, the TIM’s Red Team Research (RTR) disclosed 2 new vulnerabilities affecting the Oracle Business Intelligence product with High severity. Today, the TIM’s Red Team Research led by Massimiliano Brolli, discovered 4 new vulnerabilities that have been addressed by the manufacturer WOWZA Streaming Engine, between the end of 2019 and
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Threatpost
AUGUST 5, 2020
During Black Hat USA 2020, Threatpost talks to Sherrod DeGrippo, with Proofpoint, about Emotet's recent return -and how a cyber vigilante is attempting to thwart the malware's comeback.
WIRED Threat Level
AUGUST 5, 2020
By reverse-engineering apps intended for cyclists, security researchers found they could cause delays in at least 10 cities from anywhere in the world.
Security Affairs
AUGUST 5, 2020
Expert found a flaw in a popular NodeJS module that can allow attackers to perform a denial-of-service (DoS) attack on a server or get arbitrary code execution. The NodeJS module “ express-fileupload ,” which has more that 7.3 million times downloads from the npm repository. The NodeJS module is affected by a ‘Prototype Pollution’ CVE-2020-7699 vulnerability that can allow attackers to perform a denial-of-service (DoS) attack on a server or inject arbitrary code. “T
Elie
AUGUST 5, 2020
This talk provides a step-by-step introduction on how to use deep learning to perform AES side-channel attacks.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Dark Reading
AUGUST 5, 2020
Confidential Computing is a transformational technology that should be part of every enterprise cloud deployment. It's time to start unlocking the possibilities together.
Threatpost
AUGUST 5, 2020
The explosion of open-source AI models are lowering the barrier of entry for bad actors to create fake video, audio and images - and Facebook, Twitter and other platforms aren't ready.
Dark Reading
AUGUST 5, 2020
NeoEYED CTO Tamaghna Basu tells us how he created an AI bot to mimic him, how it could be used in social engineering attacks, and what the experience taught him about the value of true human connections.
Threatpost
AUGUST 5, 2020
A vulnerability in Twitter for Android could have allowed attackers to access private direct messages (DMs) and other data.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
WIRED Threat Level
AUGUST 5, 2020
Apple's new operating system hasn't been released to the public yet, but its new permission notifications are already shaming developers into cleaning up their acts.
Threatpost
AUGUST 5, 2020
The agency known for its own questionable surveillance activity advised how mobile users can limit others’ ability to track where they are.
Security Affairs
AUGUST 5, 2020
Cyber Defense Magazine august 2020 Edition has arrived. We hope you enjoy this month’s edition…packed with over 147 pages of excellent content. OVER 145 PAGESALWAYS FREE – LOADED WITH EXCELLENT CONTENT Learn from the experts, cybersecurity best practices Find out about upcoming information security related conferences, expos and trade shows.
Threatpost
AUGUST 5, 2020
Voting machine technology seller Election Systems & Software (ES&S) offered an olive branch to security researchers with new safe harbor terms and vulnerability disclosure policies at Black Hat USA 2020.
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Dark Reading
AUGUST 5, 2020
Maintaining myriad open source components can be tough. Here's how teams can begin to address open source security and continue to innovate.
Threatpost
AUGUST 5, 2020
Voting Village security celeb Matt Blaze delves into the logistics of scaling up mail-in voting ahead of November's election.
InfoWorld on Security
AUGUST 5, 2020
As your organization embraces the cloud, you may find that the dynamism and scale of the cloud-native stack requires a far more complicated security and compliance landscape. For instance, with container orchestration platforms like Kubernetes gaining traction, developers and devops teams have new responsibility over policy areas like admission control as well as more traditional areas like compute, storage and networking.
Threatpost
AUGUST 5, 2020
The groups, all tied to the Winnti supply-chain specialist gang, were seen using the same Linux rootkit and backdoor combo.
Advertisement
The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.
Dark Reading
AUGUST 5, 2020
Alan Michaels, director of the Electronic Systems Lab at the Virginia Tech Hume Center, explains why implanted medical devices could pose a threat to secure communication facilities.
Security Affairs
AUGUST 5, 2020
The United States National Security Agency (NSA) is warning of risks posed by location services for staff who work in defence or national security. The United States National Security Agency (NSA) published a new guide to warn of the risks posed by location services for staff who work in defence or national security. The guide , titled “Limiting Location Data Exposure” warn of geolocation features implemented by smartphones, tablets, and fitness trackers. “Mobile devices store and share de
Dark Reading
AUGUST 5, 2020
The CISO for Indiana University Health says simple policies, good communication, and strong authentication go much further than vendor tools in solving security problems.
Threatpost
AUGUST 5, 2020
An attacker can hide amidst legitimate traffic in the application's update function.
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
Dark Reading
AUGUST 5, 2020
Coalfire's Gary De Mercurio and Justin Wynn share the details of their physical penetration-testing engagement gone wrong, as well as recommendations for protecting all red teamers.
WIRED Threat Level
AUGUST 5, 2020
After years of secrecy, one major election tech company is giving more hackers a look under the hood.
Threatpost
AUGUST 5, 2020
Google addressed high-severity and critical flaws tied to 54 CVEs in this month's Android security bulletin.
Dark Reading
AUGUST 5, 2020
Vandana Verma tells us how women in India are finding support, education and love of cybersecurity through the growing InfosecGirls community.
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Expert insights. Personalized for you.
164 
Let's personalize your content