LATEST
RCR 094: CISSP Exam Questions around Data Hiding – CISSP Training and Study!
Subscribe: iTunes | Goggle Play | Stitcher Radio | RSS Description: Shon Gerber from ShonGerber.com provides you the information and knowledge you need to prepare and pass the CISSP Exam while providing the tools you need...
Windows 10 Security Game-Changer As Microsoft Reveals New Hacker Protection
Microsoft is set to bring a powerful new security feature to Windows 10 that just might be a game-changer.
Exclusive: Any Chingari App (Indian TikTok Clone) Account Can Be Hacked Easily
Following vulnerability disclosure in the Mitron app, another viral TikTok clone in India has now been found vulnerable to a critical but easy-to-exploit authentication bypass vulnerability, allowing anyone to hijack any user account and tamper with their information, content,...
Is TikTok Seriously Dangerous—Do You Need To Delete It?
Here's the reality behind all the headlines...
iPhone User Sues LinkedIn For Reading Clipboard Data After iOS 14 Alert Revelations
The fallout from Apple's new iOS 14 privacy notification feature continues as one iPhone user files a class-action lawsuit against LinkedIn for silently reading clipboard data.
Russian hacker found guilty for Dropbox, LinkedIn, and Formspring breaches
Sentencing scheduled for September 2020.
Apple’s Advice About MacBook Camera Covers Is Wrong, Here’s Why
Apple often gets things right, but its advice on MacBook cameras is dangerously wrong. Here’s why.
Are you running what you think you’re running?
Built into virtually every hardware device, firmware is lower-level software that is programmed to ensure that hardware functions properly. As software security has been significantly hardened over the past two decades, hackers have responded by moving down the stack...
How A Tech Entrepreneur Broke Records With A $189M Valuation Pre-Launch On The Road To $1B
Traditional banks aren’t innovating fast enough to improve credit card fraud, endpoint cybersecurity, AI-powered end-to-end identity verification and more intuitive user experiences creating new opportunities for startups
Trump commutes Roger Stone’s sentence stemming from Mueller probe
President Trump has commuted the sentence of long-time confidante Roger Stone who was to report to prison on July 14 to serve 40 months after being found guilty of seven counts, including obstruction, witness tampering and lying to Congress.
During...
Biden’s new CISO must keep campaign managers engaged while navigating strange Covid-19 world
As the newly appointed CISO of Joe Biden’s presidential campaign, Chris DeRusha, former chief security officer with the State of Michigan, has fewer than four months to implement his cybersecurity vision before Election Day arrives — all in the...
An email banning our staff from using TikTok? Haha, funny story about that, we didn’t mean it – Amazon
Shock TikTok block clocked, unblocked as poppycock amid media aftershock Amazon today said an internal email banning its staff from using TikTok on smartphones connected to their corporate inboxes was sent in "error." The admission – or climb down,...
Researchers create magstripe versions from EMV and contactless cards
Banking industry loophole reported more than a decade ago still remains open and ripe for exploitation today.
Flaws in SETracker watch app posed danger to dementia patients
Security researchers found flaws in a smart tracker that was aimed at the elderly, especially those with dementia or other cognitive issues.
In research released late this week, Pen Test Partners found flaws in source code that the manufacturer posted...
Citrix, Juniper and VMware patch array of vulnerabilities
Citrix, Juniper and VMware issued a bevy of patches this week.
For starters, the Citrix Security Bulletin CTX276688 addressed vulnerabilities in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP appliance....
7MS #422: Eating the Security Dog Food – Part 2
SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount!
Today's episode continues the work...
Don’t Touch My XP Dongle – PSW #657
This week, we welcome our very own Joff Thyer, Security Analyst at Black Hills Information Security, to deliver a Technical Segment on IPv6 Tunneling! In our second segment, we welcome Terry Dunlap, Co-Founder at ReFirm Labs, to talk about...
Mobile App Fraud Jumped in Q1 as Attackers Pivot from Browsers
RSA data reveals a continued shift away from browser-based fraud as attackers target mobile apps.
China Closing Its Squid Spawning Grounds
China is prohibiting squid fishing in two areas -- both in international waters -- for two seasons, to give squid time to recover and reproduce.
This is the first time China has voluntarily imposed a closed season on the high...
Zoom 0-Day, F5-BIGIP RCE, & Apache Guacamole RCE – Wrap Up – SWN #48
Look, this week, it's all about the RCE. Seriously, there were so many RCE stories, wow. Oh and a creepy guy story. All this and more on the Security Weekly News Wrap Up! Show Notes: https://wiki.securityweekly.com/SWNEpisode48 Visit https://www.securityweekly.com/swn...
Amazon bans Tiktok on employee phones as US gov’t scrutinizes Chinese app
Enlarge / A person using the video-sharing application TikTok on a smartphone in Faridabad in India on June 30, 2020. (credit: AFP)
Amazon ordered employees to delete TikTok from their phones today, citing "security risks."
Amazon's email to employees...
Biden Campaign Hires 2 Top Cybersecurity Executives
The campaign has filled the positions of CISO and CTO in the runup to the 2020 presidential election.
The importance of staying up-to-date. Conti ransomware gains as Ryuk fades. Germany warns of Chinese companies’ data collection. Huawei’s fortunes in Canada and UK. Hushpuppi update.
Unpatched and beyond-end-of-life systems are (again) at risk. Conti ransomware appears to be steadily displacing its ancestor Ryuk in criminal markets. Are privacy laws as consumer friendly as they’re often taken to be? There may be some grounds for...
Facebook Offering Big Rewards for Vulnerabilities in Hermes, Spark AR
Facebook announced on Friday that it’s offering significant rewards through its bug bounty program for vulnerabilities found in Hermes and Spark AR.
read more
Google says trademarks should be open source, too—IBM disagrees
Enlarge / Nobody from IBM is proposing any lawsuits over Google's addition of Istio to its new Open Usage Commons foundation. But they're not happy about it. (credit: Nick Youngson)
This Wednesday, Google announced a new open source...
LEADERS
China Closing Its Squid Spawning Grounds
China is prohibiting squid fishing in two areas -- both in international waters -- for two seasons, to give squid time to recover and reproduce.
This is the first time China has voluntarily imposed a closed season on the high...
EFF’s 30th Anniversary Livestream
It's the EFF's 30th birthday, and the organization is having a celebratory livestream today from 3:00 to 10:00 pm PDT.
There are a lot of interesting discussions and things. I am having a fireside chat at 4:10 pm PDT to...
Google’s ad ban won’t stop stalkerware apps from promoting themselves
Google has announced that from August 2020 it will be prohibiting ads for stalkerware products and services.
But a loophole means that the companies behind creepy stalkerware apps will still be able to advertise themselves.
Business Email Compromise (BEC) Criminal Ring
A criminal group called Cosmic Lynx seems to be based in Russia:
Dubbed Cosmic Lynx, the group has carried out more than 200 BEC campaigns since July 2019, according to researchers from the email security firm Agari, particularly targeting senior...
Weekly Update 199
I’m Now in 4K; Amazing Suport on Stress; IoT Progress; I Got a Legal Notice; A Decade of Microsoft MVP; Duo Security Sponsoring
https://www.troyhunt.com/weekly-update-199/
