Think Data Security, Not Endpoint Security
A strong data protection strategy is essential to protect information as it moves across endpoints and in the cloud.
TeamViewer Admits Breach from 2016
The company says it stopped the attack launched by a Chinese hacking group.
DHS Warns of Data Theft via Chinese-Made Drones
The drones are reportedly built with parts that can compromise organizations' data and share it on a server accessible to the Chinese government.
New Trickbot Variant Uses URL Redirection to Spread
Switch in tactic is the latest attempt by operators of the prolific banking Trojan to slip past detection mechanisms.
97% of Americans Can’t Ace a Basic Security Test
Still, a new Google study uncovers a bit of good news, too.
Killer SecOps Skills: Soft Is the New Hard
The sooner we give mindsets and tool sets equal bearing, the better. We must put SOC team members through rigorous training for emergency situations.
Financial Sector Under Siege
The old take-the-money-and-run approach has been replaced by siege tactics such as DDOS attacks and land-and-expand campaigns with multiple points of persistence and increased dwell time.
7 Signs of the Rising Threat of Magecart Attacks in 2019
Magecart attacks continue to grow in momentum. Here are the stats and stories that show what's behind the mayhem.
How a Manufacturing Firm Recovered from a Devastating Ransomware Attack
The infamous Ryuk ransomware slammed a small company that makes heavy-duty vehicle alternators for government and emergency fleet. Here's what happened.
Black Hat Q&A: Bruce Schneier Calls For Public-Interest Technologists
Ahead of his 2019 Black Hat USA talk, cybersecurity luminary Bruce Schneier explains why it's so important for tech experts to be actively involved in setting public policy.
Artist Uses Malware in Installation
A piece of 'art' currently up for auction features six separate types of malware running on a vulnerable computer.
Q1 2019 Smashes Record For Most Reported Vulnerabilities in a Quarter
Once again, a high-proportion of the reported flaws have no current fix, according to Risk Based Security.
DevOps Repository Firms Establish Shared Analysis Capability
Following an attack on their users, and their shared response, Atlassian, GitHub, and GitLab decide to make the sharing of attack information a permanent facet of their operations.
When Older Windows Systems Won’t Die
Microsoft's decision to patch unsupported machines for the critical CVE-2019-0708 flaw a reminder that XP, 2003, and other older versions of Windows still run in some enterprises.
Exposed Elasticsearch Database Compromises Data on 8M People
Personal data exposed includes full names, physical and email addresses, birthdates, phone numbers, and IP addresses.
A Trustworthy Digital Foundation Is Essential to Digital Government
Agencies must take steps to ensure that citizens trust in the security of government's digital channels.
Google to Replace Titan Security Keys Affected by Bluetooth Bug
A misconfiguration in Bluetooth Titan Security Keys' pairing protocols could compromise users under specific circumstances.
Executive Order Limits Certain Tech Sales, Hits Huawei Hard
The executive order signed by President Trump bars the sale or installation of equipment seen to be controlled by hostile foreign governments and a threat to national security.
US Charges Members of GozNym Cybercrime Gang
The FBI and counterparts from other nations say group infected over 41,000 computers with malware that steals banking credentials.
The Data Problem in Security
CISOs must consider reputation, resiliency, and regulatory impact to establish their organization's guidelines around what data matters most.
HawkEye Attack Wave Sends Stolen Data to Another Keylogger Provider
A recent attack wave involving HawkEye malware sends data stolen from its victims to another keylogger provider’s website. On 21 May, My Online Security came across a new sample of HawkEye. The actual delivery mechanism itself wasn’t unique compared...
Washington Issues Temporary License to Huawei
Washington Issues Temporary License to Huawei The US government has issued a temporary license to Huawei and its affiliates, allowing American companies to supply the telecoms and handset giant until August.
Despite reports emerging over the weekend of various chipmakers...
GDPR: The Best Strategy For International Businesses
The EU’s General Data Protection Regulation (GDPR) was created with the aim of homogenising data privacy laws across the EU. GDPR also applies to organisations outside the EU, if they monitor EU data subjects, or offer goods and services...
How Cyber-Secure Are Business Travelers? New Report Says Not Very
I travel frequently for business — to industry conferences such as RSA Conference and Black Hat and meeting with clients. Whenever I travel, I bring my work laptop, my personal cellphone enabled with work email and calendar, and, of...
Haas F1 team leans on service providers as security force multipliers
If today’s cars are smartphones on wheels, then race cars are supercomputers with engines attached. As the fastest racing sport in the world, Formula One cars come laden with over 100 sensors measuring every aspect of a car’s internal...
