Saturday, July 11, 2020

Software-defined perimeters may be the solution to remote work security concerns

The massive remote work shift due to COVID-19 has increased interest in SDPs, with 70% of respondents polled for a new report saying they're now considering adopting one in the coming year.

How expired domain names can redirect you to malicious websites

Pages for inactive domain names can be exploited by cybercriminals to take you to malicious sites, says Kaspersky.

How to detect network abuse with Wireshark

With a few quick clicks, you can detect network abuse with Wireshark. Jack Wallen shows you how.

Highest-paying tech jobs: Where to find them

Find out what tech jobs and skills are most in-demand and where the positions are located.

Microsoft warns organizations of consent phishing attacks

In this type of phishing campaign, attackers trick people into giving a malicious app consent to access sensitive data, says Microsoft.

How to enable Canonical Livepatch from the command line

If you have Ubuntu Servers in your data center, you should consider adding Canonical Livepatch to keep them up to date with kernel security patches.

Joker billing fraud malware eluded Google Play security to infect Android devices

A new variant targeted Android users to subscribe them to premium services without their consent, according to Check Point Research.

Cloud environments are making the security alert overload problem worse

Companies say that automation helps ease the burden but most have a long way to go to reach full implementation, according to new survey.

Microsoft Cloud App Security: This software can help you to manage shadow IT and boost productivity

How to use shadow IT discovery in Microsoft Cloud App Security to help remote workers stay secure and save bandwidth.

BYOD: A trend rife with security concerns

Researchers explored the implications of allowing employees to bring their own devices for sensitive work tasks.

How to encrypt an external drive or card in macOS

Looking to encrypt removable storage on macOS, but can't figure out how? Jack Wallen shows you the way to make this work.

How managed service providers can pose a risk to their customers

The US Secret Service has warned organizations about a rise in hacks of MSPs and offers advice on how to beef up security.

Why people forget their email passwords the most often

Many users save their email password and so don't remember it if they have to enter or reset it, says NordPass.

CompTIA joins the battle to recruit high school and college students into cybersecurity

The certification company will host prep sessions for the National Cyber League's cybersecurity competitions for individuals and teams.

Credit card skimmers target e-commerce websites running Microsoft IIS and ASP.NET

Attackers are looking for credit card numbers on Microsoft IIS servers running an older and vulnerable version of ASP.NET, says Malwarebytes.

Windows 10 Security Game-Changer As Microsoft Reveals New Hacker Protection

Microsoft is set to bring a powerful new security feature to Windows 10 that just might be a game-changer.

15 Billion Stolen Logins Are Circulating on the Dark Web

Plus: Facebook's Roger Stone takedown, the BlueLeaks server seizure, and more of the week's top security news.
The Hacker News

Exclusive: Any Chingari App (Indian TikTok Clone) Account Can Be Hacked Easily

Following vulnerability disclosure in the Mitron app, another viral TikTok clone in India has now been found vulnerable to a critical but easy-to-exploit authentication bypass vulnerability, allowing anyone to hijack any user account and tamper with their information, content,...

Is TikTok Seriously Dangerous—Do You Need To Delete It?

Here's the reality behind all the headlines...

iPhone User Sues LinkedIn For Reading Clipboard Data After iOS 14 Alert Revelations

The fallout from Apple's new iOS 14 privacy notification feature continues as one iPhone user files a class-action lawsuit against LinkedIn for silently reading clipboard data.