Tuesday, March 19, 2019

1 Million Apps Patched in Android Security Improvement Program

Over its five-year lifetime, the Android Application Security Improvement Program helped over 300,000 developers to fix more than 1,000,000 apps on Google Play, Google says. The program was launched to help the Android ecosystem thrive by helping developers improve the...

The Role of Analytics in Protecting Healthcare Data Privacy and Security

Healthcare has traditionally had a weaker security profile than most other industries. On the one hand, it is a favorite target for ransomware attacks, and for hackers looking to steal confidential patient records that have a high resale value...

WINDSHIFT Hackers Target Government Agency in the Middle East

A recently discovered threat actor was observed targeting a Middle Eastern government agency on several occasions over the course of last year, Palo Alto Networks security researchers reveal.  Referred to as WINDSHIFT, the surveillance-focused threat actor is believed to have remained...

The Rise of Ransomware and the Consequences for SMBs

Ransomware has been making a lot of splashy headlines over recent years with high profile attacks, such as WannaCry and NotPetya, dominating the news in large-scale breaches. While these massive breaches are certainly terrifying, the more common attacks are...

Trump Administration Starts the Ball Rolling with the National Cyber Strategy

The Trump Administration has released a comprehensive National Cyber Strategy (NCS) that, if fully implemented, could address claims that the critical issue of current cyberspace threats are not being taken seriously enough. The report outlines a plan that spans...

A Call to Structure

When building a threat Intelligence team you will face a range of challenges and problems. One of the most significant ones is about how to best take on the ever-growing amount of Threat Intel. It might sound like a...

What CEOs Need to Know About the Future of Cybersecurity

Until recently, Chief Executive Officers (CEOs) received information and reports encouraging them to consider information and cyber security risk. However, not all of them understood how to respond to those risks and the implications for their organizations. A thorough...

Who’s Responsible for Your Cyber-Security?

Threats to online security are constantly evolving, and organisations are more aware than ever of the risks that it can pose. But no matter how seriously cyber security is viewed by most businesses, many still fall short of properly...

CERT/CC Warns of Vulnerabilities in Marvell Avastar Wireless SoCs

The CERT Coordination Center (CERT/CC) has issued a vulnerability note providing information on a series of security issues impacting Marvell Avastar wireless system on chip (SoC) models. Initially presented by Embedi security researcher Denis Selianin at the ZeroNights conference on...

Mozilla Concerned of Facebook’s Lack of Transparency

Mozilla is concerned about Facebook’s lack of transparency regarding political advertising, Chief Operating Officer Denelle Dixon said last week in a letter to the European Commission. Mozilla is currently working to launch its Firefox Election package for the European Union...

OWASP: What Are the Top 10 Threats and Why Does It Matter?

Since the founding of the Open Web Application Security Project (OWASP) in 2001, it has become a leading resource for online security best practices. OWASP identifies itself as an open community dedicated to enabling organizations to develop and maintain...

Magento Patches Command Execution, Local File Read Flaws

Magento recently addressed two vulnerabilities that could lead to command execution and local file read, a SCRT security researcher reveals.  Written in PHP, Magento is a popular open-source e-commerce platform that is part of Adobe Experience Cloud. Vulnerabilities in Magento...

The Biggest Security Hurdles in Your Business, and How to Overcome Them

With cyber security spanning almost every aspect of a modern business, implementing effective mitigation policies is often a source of frustration for IT managers. It’s widely accepted across the industry that with malicious attacks showing no signs of slowing down,...

Four Technologies that will Increase Cybersecurity Risk in 2019

Attackers are not just getting smarter, they are also using the most advanced technologies available, the same ones being used by security professionals – namely, artificial intelligence (AI) and machine learning (ML). Meanwhile, the widespread adoption of cloud, mobile and...

Strategies for Winning the Application Security Vulnerability Arms Race

As cyber criminals continuously launch more sophisticated attacks, security teams increasingly struggle to keep up with the constant stream of security threats they must investigate and prioritize. When observing companies that have a large web presence (e.g., retail/e-commerce companies),...
SC Magazine

Norwegian aluminum producer Norsk Hydro hit by an unspecified cyberattack

Norwegian aluminum producer Norsk Hydro was hit by a cyber attack which began Monday evening and escalated into the night. The Norwegian National Security Authority (NSM) declined to comment on what type of attack it was but said the extent...
SC Magazine

Glitch exposes Sprint customer data to other users

A bug has allowed some Sprint customers to see the personal data of other customers from their online accounts. The information visible includes names, cell phone numbers as well as calls made by other users and, and a Tech Crunch report cited...

6 Ways Mature DevOps Teams Are Killing It in Security

New survey shows where "elite" DevOps organizations are better able to incorporate security into application security.
The Register

Ransomware drops the Lillehammer on Norsk Hydro: Aluminium giant forced into manual mode after systems scrambled

Norway the power and metals wrangler could have seen this one coming Norwegian power and metals giant Norsk Hydro is battling an extensive ransomware infection on its computers.…

Old Tech Spills Digital Dirt on Past Owners

Researcher buys old computers, flash drives, phones and hard drives and finds only two properly wiped devices out of 85 examined.