Trending Now
LATEST
IDG Contributor Network: Facebook stashing plain text passwords is a wake-up call to improve GRC
As details emerged of how Facebook captured hundreds of millions of plain text passwords and stored them on internal company servers, my entire IT career flashed before my eyes. While it is criminal that there is apparently no adult...
Sacked IT guy annihilates 23 of his ex-employer’s AWS servers
He was fired after four weeks, ripped off the credentials of former colleague "Speedy", and will be mulling it all over for two years in jail.
UK E-commerce Fraud Soars 27% in 2018
UK E-commerce Fraud Soars 27% in 2018UK e-commerce fraud hit nearly £400m in 2018, accounting for the vast majority (78%) of all card not present (CNP) fraud and fueled by an ongoing epidemic in data breaches and social engineering,...
Top five application security pitfalls to avoid
What are the common perils and pitfalls CISOs should consider when investing in corporate application security and Application Security Testing (AST)?
Spending without holistic application
inventory
Shadow
and legacy web-based systems, abandoned web services and APIs, expired SSL
certificates, and unprotected cloud storage (e.g....
Get 4 Essential CyberSecurity Software For Less Than $10 Per Month
Major data breaches and cyber attacks are occurring at an alarming rate, and if you are still not using a VPN and password manager app, you are seriously out of excuses.
Not just VPN software and a password manager, cybersecurity...
Spycam sex videos of 1,600 motel guests sold to paying subscribers
1,600 guests were filmed with hidden webcams that livestreamed the action. The site also sold videos.
Medtronic’s Implantable Defibrillators Vulnerable to Life-Threatening Hacks
The U.S. Department of Homeland Security Thursday issued an advisory warning people of severe vulnerabilities in over a dozen heart defibrillators that could allow attackers to fully hijack them remotely, potentially putting lives of millions of patients at risk.
Cardioverter...
NC County Government Suffers Third Ransomware Infection in 6 Years
A county government in North Carolina has suffered a ransomware infection for the third time in the past six years. According to a statement published on its website, the Orange County government observed on 18 March that a virus...
Scammer pleads guilty to fleecing Facebook and Google of $121m
Large, worldly tech companies would never fall for a wire transfer invoice scam, would they?
Enigma, Typex, and Bombe Simulators
GCHQ has put simulators for the Enigma, Typex, and Bombe on the Internet.
News article.
Researchers Raise Privacy Alarm Over Medicine Apps
Researchers Raise Privacy Alarm Over Medicine Apps Researchers have raised serious privacy concerns over the use of medical apps in the Google Play store after noting that the majority share user data with third parties.
Published in The BMJ this...
Observations From RSA Conference 2019
The RSA Conference is one of the premier events in the cybersecurity world. At times, it can be an overwhelming experience for vendors and attendees alike because of its massive scale and fast pace; however, it’s also a great...
Critical flaw revealed in Facebook Fizz TLS project
The DoS vulnerability is trivially easy to trigger.
Man Pleads Guilty to $3m Tech Support Scam
Man Pleads Guilty to $3m Tech Support Scam A North Carolina man has pleaded guilty to his part in a global tech support scam conspiracy which netted over $3 million in profits from unsuspected computer users.
Bishap Mittal, 24, from...
Whip your information security into shape with ISO 27001
Every company has sensitive data that needs to be protected. Securing information properly is a challenge that requires careful management of people and assets through the application of clear policies and procedures. Unfortunately, many businesses lack the expertise needed...
Magecart payment card skimmer gang returns stronger than ever
Hackers are using increasingly sophisticated techniques to hide malicious code on e-commerce websites with the goal of stealing payment card details. Known as web skimmers, these malicious scripts have led to major breaches at online retailers over the past...
Microsoft Announces Windows Defender ATP Antivirus for Mac
Brace yourself guys.
Microsoft is going to release its Windows Defender ATP antivirus software for Mac computers.
Sounds crazy, right? But it's true.
Microsoft Thursday announced that the company is bringing its anti-malware software to Apple’s macOS operating system as well—and to...
Hey, what’s Mandarin for ‘WTF is going on?’ Nokia phones caught spewing device IDs to China, software blunder blamed
Maker insists the privacy cock-up has been fixed, mostly An undisclosed number of Nokia 7 Plus smartphones have been caught sending their identification numbers to a domain owned by a Chinese telecom firm.…
Researchers Earn $270,000 for Firefox, Edge Hacks at Pwn2Own 2019
White hat hackers earned a total of $270,000 on the second day of the Pwn2Own hacking competition for demonstrating exploits against the Mozilla Firefox and Microsoft Edge web browsers.
read more
Microsoft tech support scammer pleads guilty to defrauding victims of $3 million
Suspect admits role in criminal operation within a week after being arrested.
Don’t have a heart attack but your implanted defibrillator can be hacked over the air (by someone who really wants you dead)
US govt sounds alarm over wireless comms, caveats apply Medical gear maker Medtronic is once again at the center of a hacker panic storm. This time, a number of its heart defibrillators, implanted in patients' chests, can, in certain...
‘Sharing of user data is routine, yet far from transparent’ is probably what you don’t want to hear about medical apps. But 2019 is gonna 2019
Study found Android software slinging deets all over the place Folks using healthcare-related Android apps: after you've handed over your private details to that software, do you know where it is sending your data? If you don't, nobody should...
‘Sharing of user data is routine, yet far from transparent’ is not what you want to hear about medical apps. But 2019 is gonna 2019
Study finds Android software slinging deets all over the place Folks using healthcare-related Android apps: after you've handed over your private details to that software, do you know where it is sending your data? If you don't, nobody should...
Over 100,000 GitHub repos have leaked API or cryptographic keys
Thousands of new API or cryptographic keys leak via GitHub projects every day.
LEADERS
Enigma, Typex, and Bombe Simulators
GCHQ has put simulators for the Enigma, Typex, and Bombe on the Internet.
News article.
Some 2000 Facebook staff had access to millions of Facebook users’ passwords… stored in plaintext
Stretching back as far as 2012, Facebook has been storing the passwords of hundreds of millions of users unencrypted, in plaintext.
And those passwords were searchable by Facebook staff…
Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years
Hundreds of millions of Facebook users had their account passwords stored in plain text and searchable by thousands of Facebook employees — in some cases going back to 2012, KrebsOnSecurity has learned. Facebook says an ongoing investigation has so...
Smashing Security #120: Silk Road with Deliveroo
Online drug dealers get busted due to poor OPSEC! People are still failing to wipe their USB sticks properly! A potential presidential candidate is outed as a former hacker! Flat Earthers! Pi! Empathy!
All this and much more is discussed...
First Look Media Shutting Down Access to Snowden NSA Archives
The Daily Beast is reporting that First Look Media -- home of The Intercept and Glenn Greenwald -- is shutting down access to the Snowden archives.
The Intercept was the home for Greenwald's subset of Snowden's NSA documents since 2014,...
