Wednesday, May 12, 2021

Facebook Shuts Down Two Hacking Groups in Palestine

Social media giant Facebook today announced that it took action against two groups of hackers originating from Palestine that abused its infrastructure for malware distribution and account compromise across the Internet.  One of the dismantled networks was linked to the...

Cloud Security Alliance Shares Security Guidance for Crypto-Assets Exchange

The Cloud Security Alliance (CSA) has released new Crypto-Asset Exchange Security Guidelines, a set of guidelines and best practices for crypto-asset exchange (CaE) security.   Drafted by CSA’s Blockchain/Distributed Ledger Working Group, the document provides readers with a comprehensive...

Intel Corp. to Speak at SecurityWeek Supply Chain Security Summit

Join Intel on Wednesday, March 10, at SecurityWeek’s Supply Chain Security Summit, where industry leaders will examine the current state of supply chain attacks. Hear Intel’s experts discuss the need for transparency and integrity across the complete product lifecycle,...

GitHub Hires Former Cisco Executive Mike Hanley as Chief Security Officer

Software development platform GitHub announced on Wednesday that it has hired Mike Hanley as its new Chief Security Officer (CSO).   Hanley joins GitHub from Cisco, where he served as Chief Information Security Officer (CISO). He arrived at Cisco via...

Reddit Names Allison Miller as Chief Information Security Officer (CISO)

Social news community site Reddit announced on Monday that it has hired Allison Miller as Chief Information Security Officer (CISO) and VP of Trust.  Miller joins Reddit from Bank of America where she most recently served as SVP Technology Strategy...

SecurityWeek Names Ryan Naraine as Editor-at-Large

SecurityWeek has named Ryan Naraine as Editor-at-Large, adding a veteran cybersecurity journalist and podcaster to its editorial team. Naraine joins SecurityWeek from Intel Corp., where he most recently served as Director of Security Strategy and leader of the chipmaker’s security...

Why Cyber Security Should Be at the Top of Your Christmas List

Santa has been making his list and checking it twice. Will you (and your organization's cyber security practices) make the Nice list? Or did you fall on the naughty side this year? Either way, now is the best time to...

United States Federal Government’s Shift to Identity-Centric Security

Across the globe, government agencies have begun transformation and modernization of their IT ecosystem to deliver services in an agile, secure, and timely efficient manner, this means broad and rapid adoption of cloud infrastructure and services at pace we've...

How Extreme Weather Will Create Chaos on Infrastructure

Extreme weather events will soon become more frequent and widespread, devastating areas of the world that typically don’t experience them and amplifying the destruction in areas that do. We have already seen devastating wildfires and an increase in hurricane...

BSIMM11 Observes the Cutting Edge of Software Security Initiatives

If you want to improve the security of your software—and you should—then you need the Building Security In Maturity Model (BSIMM), an annual report on the evolution of software security initiatives (SSIs). The latest iteration, BSIMM11, is based on...

Sustaining Video Collaboration Through End-to-End Encryption

The last several months have been the ultimate case study in workplace flexibility and adaptability. With the onset of the COVID-19 pandemic and widespread emergency activation plans through March and April, businesses large and small have all but abandoned...

Will Robo-Helpers Help Themselves to Your Data?

Over the coming years, organizations will experience growing disruption as threats from the digital world have an impact on the physical. Invasive technologies will be adopted across both industrial and consumer markets, creating an increasingly turbulent and unpredictable security...

Securing the Hybrid Workforce Begins with Three Crucial Steps

The global shift to a remote workforce has redefined the way organizations structure their business models. As executives reestablish work policies to accommodate remote employees well beyond the initially anticipated duration, a new era of work will emerge: the...

A New Strategy for DDoS Protection: Log Analysis on Steroids

Anyone whose business depends on online traffic knows how critical it is to protect your business against Distributed Denial of Service (DDoS) attacks. And with cyber attackers more persistent than ever – Q1 2020 DDoS attacks surged by 80%...

COVID-19 Aside, Data Protection Regulations March Ahead: What To Consider

COVID-19 may be complicating organizations’ cybersecurity efforts as they shift more of their operations online, but that doesn’t lessen the pressure to comply with government regulations that are placing increased scrutiny on data privacy. Despite the pandemic, companies are obligated...
The Hacker News

Ransomware Gang Leaks Metropolitan Police Data After Failed Negotiations

The cybercrime syndicate behind Babuk ransomware has leaked more personal files belonging to the Metropolitan Police Department (MPD) after negotiations with the DC Police broke down, warning that they intend to publish all data ransom demands are not met. "The...
Security Affairs

NSA and ODNI analyze potential risks to 5G networks

U.S. Intelligence agencies warn of weaknesses in 5G networks that could be exploited by crooks and nation-state actors for intelligence gathering. The U.S. National Security Agency (NSA), along with the DHS Cybersecurity and Infrastructure Security Agency (CISA), and the Office...
The Hacker News

Alert: Hackers Exploit Adobe Reader 0-Day Vulnerability in the Wild

Adobe has released Patch Tuesday updates for the month of May with fixes for multiple vulnerabilities spanning 12 different products, including a zero-day flaw affecting Adobe Reader that's actively exploited in the wild. The list of updated applications includes Adobe Experience Manager,...
The Register

Beijing twirls ban-hammer at 84 more apps it says need to stop slurping excess data

Online lending apps and more given fifteen days to ‘rectify’ behaviour China’s Central Cyberspace Affairs Commission has named 84 apps it says breach local privacy laws and given their developers 15 days to “rectify” their code.…
SecurityWeek

SAP Patches High-Severity Flaws in Business One, NetWeaver Products

SAP has released a total of six new security notes on its May 2021 Security Patch Day, along with updates for five other security notes, including three rated Hot News. read more