Cyber Security

This is where news and updates on Cyber Security are published on a daily basis.

0 Comments
by Paul Ducklin Facebook has just admitted to years of problems with password hygiene by leaking plaintext passwords into logfiles by mistake. Watch this special edition of Naked Security Live… …we answer the questions lots of people have been asking us since we first wrote about this issue: What happened? Was this a blunder or
0 Comments
The U.S. Department of Homeland Security Thursday issued an advisory warning people of severe vulnerabilities in over a dozen heart defibrillators that could allow attackers to fully hijack them remotely, potentially putting lives of millions of patients at risk. Cardioverter Defibrillator is a small surgically implanted device (in patients’ chests) that gives a patient’s heart
0 Comments
Hello and welcome back to Equity, TechCrunch’s venture capital-focused podcast, where we unpack the numbers behind the headlines. What a Friday. This afternoon (mere hours after we released our regularly scheduled episode no less!), both Pinterest and Zoom dropped their public S-1 filings. So we rolled up our proverbial sleeves and ran through the numbers. If
0 Comments
According to the 2019 State of the Call Center Authentication report from TRUSTID, a Neustar company, one of the most exploited areas in a company’s security chain is the call center. Companies may be investing more in their cybersecurity defenses, but fraudsters are evolving in their tactics. As such, they’ve discovered that by targeting call
0 Comments
European governments have been bringing the hammer down on tech in recent months, slapping record fines and stiff regulations on the largest imports out of Silicon Valley. Despite pleas from the world’s leading companies and Europe’s eroding trust in government, European citizens’ staunch support for regulation of new technologies points to an operating environment that
0 Comments
The UK’s Police Federation of England and Whales (PFEW) was the victim of a malware attack, according to two different tweets posted by the National Cyber Security Center (NCSC) UK and the PFEW. According to the Police Federation, the attack on the PFEW, which represents 119,000 police officers across the 43 forces in England and
0 Comments
More tips for detecting and avoiding sextortion scams Vox Emptoris: “Voice of the Customer” In my previous post, we examined a particular example of a sextortion scam, showing several indications that it was not a threat to be taken seriously.  But that kind of analysis – point-by-point deconstruction – is relatively hard work, and perhaps not
0 Comments
Google announced some major changes for its Android mobile operating system in October after the European Commission hit the company with a record $5 billion antitrust fine for pre-installing its own apps and services on third-party Android phones. The European Commission accused Google of forcing Android phone manufacturers to “illegally” tie its proprietary apps and
0 Comments
The growth of Airbnb — and likewise other platforms like Booking.com, VRBO and Homeaway for listing and renting short-term accommodation in private homes — has spawned an ecosystem of other businesses and services, from those who make money renting their homes, to cleaning companies that make properties “Airbnb-ready”, to those who help design listings that
0 Comments
It’s an acronym that cries out for wordplay (SOAR above the hackers… SOAR into greater security…). But security orchestration, automation and response is a serious answer to a perilous threat environment. SOAR products collect threat information and respond to evidence of low-level threats without human intervention. They identify, prioritize and automate a security team’s incident
0 Comments
Security professionals who attended RSA 2019 believe that the world is in the midst of cyber-war, according to a survey conducted by Venafi. While 87% of the 517 IT security professionals surveyed believe that cyber-war is a current reality rather than a future threat, 72% of respondents said that nation-states should be able to “hack back”
0 Comments
Sports fans everywhere look forward to mid-March for the NCAA men’s college basketball tournament. However, it’s not just college basketball fans that look forward to this time of year. Cybercriminals use March to launch malicious campaigns in the hopes of gaining access to personal information from unsuspecting fans. Let’s take a look at the most
0 Comments
ESET researchers detail the latest tricks and techniques OceanLotus uses to deliver its backdoor while staying under the radar This article will first describe how the OceanLotus group (also known as APT32 and APT-C-00) recently used one of the publicly available exploits for CVE-2017-11882, a memory corruption vulnerability present in Microsoft Office software, and how
0 Comments
Tandem Bank, the U.K. challenger bank, is launching a new savings account powered by its “Autosavings” feature designed to make it easier to save. Paying 0.5 percent interest, the Tandem Autosavings account is effectively a flexible savings bank account built on top of Tandem’s existing bank account aggregation app and the various credit cards it
0 Comments
Editor’s note: In 2013, Michael Cobb wrote how sad it was that the same handful of web application vulnerabilities… still vexed information security professionals. It’s even sadder that, six years later, these same flaws continue to stymie efforts to educate developers and mitigate vulnerabilities in web applications. OWASP revised its list of vulnerabilities in 2017.
0 Comments
Protecting consumer privacy has become a top priority for legislators as candidates launch their 2020 campaigns and try to win over voters. According to research findings revealed in the new CCPA and GDPR Compliance Report, however, US companies haven’t made privacy regulations a top priority. The online survey, conducted by TrustArc, reflects responses from 250