Security

Cyber Security Reviews – Security will bring to our readers whats happening on the Security scene around the world.

0 Comments
Slack users have been urged to upgrade their applications and clients to the most recent version, 3.4.0, after Tenable researcher David Wells discovered a new vulnerability that would allow an attacker to share malicious hyperlinks that could alter where a victim’s files were stored. Wells discovered a download hijack vulnerability in Slack Desktop version 3.3.7 for Windows.
0 Comments
A high-risk vulnerability in Cisco‘s secure boot process was disclosed earlier this week by Cisco and Red Balloon Security and is believed to have affected an estimate 100 or more devices. The vulnerability (CVE-2019-1649) is “in the logic that handles access control to one of the hardware components in Cisco’s proprietary Secure Boot implementation could allow
0 Comments
After analyzing the top three breaches from the past three years, Bitglass found that in the aftermath of a data breach, a decrease in stock price was a notable repercussion identifiable for publicly traded companies. The report, Kings of the Monster Breaches, identified the extensive damage done by improper security by looking specifically at the Marriott
0 Comments
Lawmakers in San Francisco will vote today on legislation that would ban the use of facial recognition technology among city departments, according to NPR. If approved, the law would make San Francisco the first city to ban the technologies use, a ban that would extend to police body cameras. “Governments have used the technology for
0 Comments
Malicious or criminal attacks accounted for nearly twice as many data breaches as those resulting from human error during the first quarter of 2019, according to the Notifiable Data Breaches Quarterly Statistics Report by the Office of the Australian Information Commissioner (OAIC). The report, published today, marks the start of Australia’s Privacy Awareness Week. “By understanding the
0 Comments
A report published today by Advanced Intelligence revealed that three US-based antivirus software vendors have been breached, and a high-profile collective of Russian hackers is claiming responsibility. Using a credential-stuffing botnet, the known international cybercrime group has reportedly stolen more than 30 terabytes of data from the networks of three U.S.-based antivirus firms. Advanced Intelligence research
0 Comments
by Lisa Vaas The US Federal Trade Commission (FTC) is yet again beating the drum for the long-discussed, much-debated, when-in-the-world-will-this-happen national data privacy law, the lack of which keeps the country from parity with the EU and its General Data Protection Regulation (GDPR)… …or, for that matter, with the state of California, with its California’s
0 Comments
Photo storage app Ever failed to get consent from users who uploaded millions of images to the service before it adopted the images as tools to train a commercial facial recognition system, according to NBC News. Without disclosing their use of the images to users of the app, Ever also reportedly offered to sell that facial
0 Comments
In an attempt to reduce exposure and enable network security, the Department of Homeland Security (DHS) in collaboration with the Federal Bureau of Investigation (FBI) has released a report analyzing a North Korean traffic tunneling tool named ELECTRICFISH. The DHS and FBI have identified a malware variant used by the North Korean government, yet another
0 Comments
Americans in every state are overconfident in their cybersecurity coverage, with the majority of consumers expressing confidence they are taking appropriate steps to protect themselves, according to the 2019 report published by Wakefield Research and commissioned by Webroot. The Cyber Hygiene Risk Index, published on May 8, found that 88% of consumers expressed confidence in
0 Comments
After its acquisition of SecureData earlier this year, Orange has announced another agreement it has signed to acquire SecureLink, a transaction that will advance Orange’s position in the EU’s cybersecurity industry, according to a May 7 press release. The deal will afford Orange a position of leadership in Europe’s cybersecurity scene as SecureLink already has
0 Comments
Researchers have identified a significant uptick in breaches and attacks related to the internet of things (IoT), according to a new Ponemon Institute report, The Third Annual Study on Third Party IoT Risk: Companies Don’t Know What They Don’t Know. Released today by the Santa Fe Group, the study yielded 35 key findings on IoT risks
0 Comments
The Israel Defense Forces (IDF) claim to have thwarted a cyber-attack from Hamas by targeting the building where Hamas cyber operatives work, according to IDF. After the alleged cyber-attack, IDF responded with a physical attack in what Forbes contributor Kate O’Flaherty called “a world first.” According to the commander of the IDF’s cyber division, identified only by his
0 Comments
In an effort to address the cybersecurity skills gap and create a more resourceful and effective cybersecurity workforce, the US Senate has passed the Federal Rotational Cyber Workforce Program Act of 2019.   In 2017 the Government Accountability Office (GAO) determined that the country’s cyber workforce challenges posed high risk and reported that “the federal government needs
0 Comments
by Paul Ducklin Update. Shortly ater publishing this article we were able to fetch Firefox 66.0.4, which claims to fix this issue by repairing a broken certificate chain. We haven’t yet received notification of an update to the Tor Browser, but we expect to see one soon. [2019-05-05T22:15Z] It’s a long weekend here in the
0 Comments
In advance of the California Consumer Privacy Act (CCPA) going into effect January 1, 2020, researchers analyzed how prepared US organizations are for the new regulations and found that nearly half of all companies will not be ready to comply with CCPA. According to research conducted by the International Association of Privacy Professionals (IAPP) and OneTrust, reputation
0 Comments
Since 2017, digital ad spending has increased while fraud losses have declined, according to the fourth annual Bot Baseline Report, published by White Ops and the Association of National Advertisers (ANA). The report found that for the first time more fraud will be stopped than will succeed, suggesting that defenders are gaining ground in the