0 Comments
US senators have proposed a bill that would drastically reform the surveillance practices of the National Security Agency (NSA) and increase oversight of government surveillance. Titled The Safeguarding Americans’ Private Records Act, the bill was introduced on Thursday by Senators Ron Wyden, Zoe Lofgren, Pramila Jayapal, Warren Davidson, and Steve Daines.  According to a statement on Wyden’s website, the changes
0 Comments
Corporate data needs to be secure, private and protected. That’s obvious advice, but the steps organizations should take to prevent data security threats and keep their data safe from hackers are much less apparent. This article looks at some of the tactics — both old and new — hackers are using in their attempts to
0 Comments
Cybercriminals are putting a new twist on an old trick Scammers are combining spoofed company websites and fake job ads to trick unsuspecting job seekers into surrendering their sensitive information and paying fraudulent fees. According to a recent public service announcement by the FBI’s Internet Crime Complaint Center (IC3), fraudsters increasingly post job openings on
0 Comments
What are the key considerations security decision-makers should take into account when designing their 2020 breach protection? To answer this, we polled 1,536 cybersecurity professionals in The State of Breach Protection 2020 survey (Download the full survey here) to understand the common practices, prioritization, and preferences of the organization today in protecting themselves from breaches.
0 Comments
Warnings have been issued in the United States after cybersecurity flaws were detected in medical monitoring devices manufactured by GE Healthcare Systems (GEHC).  Safety notices were published yesterday by both the US Food and Drug Administration (FDA) and the US Department of Homeland Security’s Industrial Control Systems—Cyber Emergency Response Team (ICS-CERT) regarding vulnerabilities in certain
0 Comments
The Indonesian National Police in a joint press conference with Interpol earlier today announced the arrest of three Magecart-style Indonesian hackers who had compromised hundreds of international e-commerce websites and stolen payment card details of their online shoppers. Dubbed ‘Operation Night Fury,’ the investigation was led by Interpol’s ASEAN Cyber Capability Desk, a joint initiative
0 Comments
A Russian man has pleaded guilty to running an illegal online marketplace that sold stolen payment card credentials to criminals, who used them to make over $20m in fraudulent purchases. Before a United States court, Aleksei Burkov admitted operating the Cardplanet website, which sold card data acquired through illegal computer intrusions. Many of the cards offered for sale
0 Comments
A new round of Citrix patches arrived Thursday for the vendor’s Application Delivery Controller and Gateway products as reports of ransomware attacks targeting vulnerable systems emerged. The directory traversal flaw allows an unauthenticated party to perform arbitrary code execution. Originally, the Citrix patches were scheduled for release later this month, but last week the vendor
0 Comments
America’s Cybersecurity and Infrastructure Security Agency (CISA) issued a warning yesterday after observing an increase in the number of targeted cyber-attacks that utilize Emotet. Emotet functions as a modular botnet that can steal data, send malicious emails, and act as a dropper, downloading and installing a wide range of malware onto a victim’s computer. This sophisticated strain of
0 Comments
Databases containing 14 years’ worth of customer support logs were publicly accessible with no password protection More than 250 million customer service and support records were exposed by Microsoft over a two-day period in December 2019 due to a server misconfiguration. Since the records weren’t secured with any authentication measures, anyone with an internet connection
0 Comments
If you have ever contacted Microsoft for support in the past 14 years, your technical query, along with some personally identifiable information might have been compromised. Microsoft today admitted a security incident that exposed nearly 250 million “Customer Service and Support” (CSS) records on the Internet due to a misconfigured server containing logs of conversations
0 Comments
Brazilian prosecutors have denounced American journalist Glenn Greenwald for his alleged involvement with a cybercrime organization that hacked cell phones to commit bank fraud. Greenwald is best known for a series of reports published from June 2013 by The Guardian newspaper that detailed the global surveillance programs of the United Kingdom and the United States.
0 Comments
By Authentication is the process of proving a user’s or machine’s digital identity. Users are authenticated when they provide some form of credential associated with their user ID. Authentication methods are necessary to protect sensitive data and applications from being accessed by unauthorized users. While authentication is a cybersecurity must, it is also a process
0 Comments
Are you looking to hide in plain sight? Here’s a rundown of three options for becoming invisible online As concern about internet privacy grows and grows, more and more people are actively seeking to browse the web anonymously. There are various ways to avoid being identified or tracked on the internet, although, in fact, “attempt
0 Comments
The USA is considering legislation that would protect local governments by requiring the appointment of a cybersecurity leader for each state. Backers of the Cybersecurity State Coordinator Act of 2020 say the proposed law will improve intelligence sharing between state and federal governments and speed up incident response times in the event of a cyber-attack. Under the