Saturday, July 11, 2020
The Security Ledger

Episode 185: Attacking COVID, Protecting Privacy

In this episode of the podcast (#185), DigiCert Chief Technology Officer Jason Sabin joins us to talk about how the COVID epidemic is shining a spotlight on the need for strong digital identities - for everything from virus contact...
The Security Ledger

Spotlight Podcast: Securing the Enterprise’s New Normal

In this spotlight edition of the podcast, sponsored by Trusted Computing Group* Steve Hanna joins us to talk about COVID 19 and the security risks that go along with the "new normal" that has emerged out of the pandemic....
The Security Ledger

New LastPass report finds consumer behavior affects the workplace

More than 90% of employees know re-using passwords between accounts is a dangerous business, but two thirds of them do it anyway. Rachael Stockton of LastPass digs into the "why" of password insecurity in the latest LastPass Psychology of...
The Security Ledger

Password Psychology: users know reuse is bad, do it anyway

More than 90% of employees know re-using passwords between accounts is a dangerous business, but two thirds of them do it anyway. Rachael Stockton of LastPass digs into the "why" of password insecurity in the latest LastPass Psychology of...
The Security Ledger

Firms are embracing Open Source. Securing it? Not so much.

The good news: open source software is nearly universal. The bad news: half of source code repositories contains open source code containing high-risk vulnerabilities, according to a new report released by the firm Synopsys. The post Firms are embracing Open...
The Security Ledger

Episode 184: Project BioMed – The Fight to Repair Medical Devices

In this episode of the podcast (#184) Kyle Wiens of iFixit joins us to talk about Project BioMed: an international, crowd-sourced effort to expedite repair of medical devices by making service and repair manuals available online. In our...
The Security Ledger

Scale Cloud Security Engineering by delivering Security -as-Code

As security "shifts left," we need to arm engineers with automated security delivered as code, so they can effectively protect our public cloud infrastructures. The post Scale Cloud Security Engineering by delivering Security -as-Code appeared first on The Security...
The Security Ledger

Episode 183: Researcher Patrick Wardle talks Zoom 0days and Mac (in)Security

You just reported a major security vulnerability in the Zoom platform. Now the CEO of Zoom wants to chat…via Zoom. What do you do? Security researcher Patrick Wardle of Jamf joins us to talk about it, his recent Zoom...
The Security Ledger

With Remote Work: MFA Makes Everyone Happy

The sudden shift to remote work poses two challenges to organizations: fending off cyber attacks and keeping your remote workers productive, according to LogMeIn's Rachael Stockton in this opinion piece. Multi-factor authentication offers one solution. The post With Remote...
The Security Ledger

Experts warn COVID-19 raises Stakes for Nation State Info-Ops Targeting US

The Covid-19 coronavirus may be novel, but security experts say that the cyber and disinformation strategies capitalizing on the crisis are not. The post Experts warn COVID-19 raises Stakes for Nation State Info-Ops Targeting US appeared first on The Security...
The Security Ledger

Episode 182: Hackers take Medical Devices ‘off label’ to Save Lives

In this episode of the podcast (#182) Trammell Hudson of Lower Layer Labs talks to us about Project Airbreak, his recent work to jailbreak a CPAP machines and how an NSA hacking tool helped make this inexpensive equipment usable...
The Security Ledger

Episode 181: How Scammers weaponize COVID Anxiety

In this episode of the podcast (#181), we're joined by Shashi Prakash, Chief Scientist at the firm Bolster.ai, to talk about the surge in COVID 19-themed scams and phishing attacks in recent weeks and what individuals and companies can...
The Security Ledger

Amid Security Concerns: to Zoom or not to Zoom?

Zoom has rolled out new security features and promised a cyber security and privacy makeover after withering reports of the platform's failings. In the meantime, enterprises are left to wonder 'to Zoom or not Zoom?' The post Amid Security Concerns:...
The Security Ledger

Spotlight Podcast: Public Sector levels up to tackle Cyber Threats

In this Spotlight edition of the podcast, sponsored* by RSA Security, we go deep on public sector cyber risk with two interviews from the most recent RSA Conference: Kelvin Coleman, the Executive Director of the National Cyber Security Alliance...
The Security Ledger

Episode 180: Gary McGraw on Machine Learning Security Risks

In this episode of the podcast (#180), Gary McGraw of the Berryville Institute of Machine Learning joins us to talk about the top security threats facing machine learning systems. The post Episode 180: Gary McGraw on Machine Learning Security Risks...

Windows 10 Security Game-Changer As Microsoft Reveals New Hacker Protection

Microsoft is set to bring a powerful new security feature to Windows 10 that just might be a game-changer.

15 Billion Stolen Logins Are Circulating on the Dark Web

Plus: Facebook's Roger Stone takedown, the BlueLeaks server seizure, and more of the week's top security news.
The Hacker News

Exclusive: Any Chingari App (Indian TikTok Clone) Account Can Be Hacked Easily

Following vulnerability disclosure in the Mitron app, another viral TikTok clone in India has now been found vulnerable to a critical but easy-to-exploit authentication bypass vulnerability, allowing anyone to hijack any user account and tamper with their information, content,...

Is TikTok Seriously Dangerous—Do You Need To Delete It?

Here's the reality behind all the headlines...

iPhone User Sues LinkedIn For Reading Clipboard Data After iOS 14 Alert Revelations

The fallout from Apple's new iOS 14 privacy notification feature continues as one iPhone user files a class-action lawsuit against LinkedIn for silently reading clipboard data.