Saturday, July 11, 2020

Mobile App Fraud Jumped in Q1 as Attackers Pivot from Browsers

RSA data reveals a continued shift away from browser-based fraud as attackers target mobile apps.

Biden Campaign Hires 2 Top Cybersecurity Executives

The campaign has filled the positions of CISO and CTO in the runup to the 2020 presidential election.

Zoom to Patch Zero-Day Vulnerability in Windows 7

The flaw also affects older versions of the operating system, even if they're fully patched.

Zoom Patches Zero-Day Vulnerability in Windows 7

The flaw also affects older versions of the operating system, even if they're fully patched.

As Offices Reopen, Hardware from Home Threatens Security

Devices out of sight for the past several months could spell trouble when employees bring them back to work.

4 Security Tips as the July 15 Tax-Day Extension Draws Near

We're continuing to see cybercriminals take advantage of COVID-19, and the extension of Tax Day will be the next technique used in their sophisticated method of attacks.

Black Hat USA Debuts Cyber-Physical Systems Briefings Track

Discover how to defend systems where computers monitor, manage, and control a physical process.

Using Adversarial Machine Learning, Researchers Look to Foil Facial Recognition

For privacy-seeking users, good news: Computer scientists are finding more ways to thwart facial and image recognition. But there's also bad news: Gains will likely be short-lived.

Huge DDoS Attack Launched Against Cloudflare in Late June

The 754 million packets-per-second peak was part of a four-day attack involving more than 316,000 sending addresses.

Up Close with Evilnum, the APT Group Behind the Malware

The group behind Evilnum malware, which continues to target financial institutions, appears to be testing new techniques.

Omdia Research Launches Page On Dark Reading

Data and insight from a leading cybersecurity research and analysis team will broaden the information available to security professionals and technology vendors.

‘Joker’ Android Malware Pulls Another Trick to Land on Google’s Play Store

Authors of the malware, which signs up mobile users for premium services, are repeatedly finding ways to bypass app review checks.

When WAFs Go Wrong

Web application firewalls are increasingly disappointing enterprises today. Here's why.

56% of Large Companies Handle 1,000+ Security Alerts Each Day

For 70% of IT security professionals, the volume of security alerts has doubled in the past five years, researchers report.

Fight Phishing with Intention

Phishing exercises have become a staple, but it helps to be as clear as possible on exactly why you're doing them.

Name That Toon: Tough Times, Tough Measures

Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.

COVID-19: Latest Security News & Commentary

Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.

6 Tips for Getting the Most From Nessus

Books have been written on using the powerful network-discovery and vulnerability-scanning tool. These tips will help you get started.

Pen Testing ROI: How to Communicate the Value of Security Testing

There are many reasons to pen test, but the financial reasons tend to get ignored.

Windows 10 Security Game-Changer As Microsoft Reveals New Hacker Protection

Microsoft is set to bring a powerful new security feature to Windows 10 that just might be a game-changer.

15 Billion Stolen Logins Are Circulating on the Dark Web

Plus: Facebook's Roger Stone takedown, the BlueLeaks server seizure, and more of the week's top security news.
The Hacker News

Exclusive: Any Chingari App (Indian TikTok Clone) Account Can Be Hacked Easily

Following vulnerability disclosure in the Mitron app, another viral TikTok clone in India has now been found vulnerable to a critical but easy-to-exploit authentication bypass vulnerability, allowing anyone to hijack any user account and tamper with their information, content,...

Is TikTok Seriously Dangerous—Do You Need To Delete It?

Here's the reality behind all the headlines...

iPhone User Sues LinkedIn For Reading Clipboard Data After iOS 14 Alert Revelations

The fallout from Apple's new iOS 14 privacy notification feature continues as one iPhone user files a class-action lawsuit against LinkedIn for silently reading clipboard data.