Some Elasticsearch security features are now free for everyone
Company makes TLS support and fine-grained user/role management free for everyone.
Root account misconfigurations found in 20% of top 1,000 Docker containers
Issue similar to Alpine Linux's CVE-2019-5021 impacts 201 other Docker images.
Google research: Most hacker-for-hire services are frauds
Survey of 27 hacker-for-hire services found that only five launched attacks against victims.
Google changes how the Escape key is handled in Chrome to fight popup ads
Google Chrome v76 is getting a new security feature to fight popup spam.
Security researchers discover Linux version of Winnti malware
Winnti Linux variant used in 2015 in the hack of a Vietnamese gaming company.
Company behind LeakedSource pleads guilty in Canada
LeakedSource sold data on over 3.1 billion accounts, made CAN$247,000 (US$183,000).
Faulty database script brings Salesforce to its knees
Faulty production script gave users access to all their company's Salesforce data.
Stack Overflow hacker went undetected for a week
Stack Overflow now says hacker might have also accessed user data.
Chinese cyberspies breached TeamViewer in 2016
TeamViewer said it detected and stopped the attack before hackers could do any damage.
Facebook bans Israel’s Archimedes Group over fake political activity, election disruption
The corporation has been accused of using fake accounts to influence political campaigns.
A large chunk of Ethereum clients remain unpatched
Unpatched clients leave Ethereum network vulnerable to 51% attacks.
Hacktivist attacks dropped by 95% since 2015
Hacktivist scene collapses as Anonymous hacker collective dies a slow death.
Stack Overflow says hackers breached production systems
Stack Overflow said it detected a security breach over the weekend.
US telcos say they stopped selling user location data, with a few exceptions
AT&T, Sprint, T-Mobile, and Verizon tell the FCC they've terminated most user data sharing arrangements.
Privacy concerns raised about upcoming Client-Hints web standard
Brave devs warn about new alternative user fingerprinting method being rolled out with Chromium-based browsers.
Microsoft releases new version of Attack Surface Analyzer utility
New Attack Surface Analyzer 2.0 works on Windows, but also Mac and Linux.
Trump signs executive order banning US telcos from buying or using foreign gear
Executive order doesn't mention Huawei, but it's a Huawei ban for all intents and purposes.
Russian government sites leak passport and personal data for 2.25 million users
Passport data for high-ranking Russian politicians among the leaked information.
Google to replace faulty Titan security keys
Vulnerability in Bluetooth pairing protocol forces Google to replace Titan keys sold in the US.
UK hacking powers can be challenged in court, judge rules
UK spies are no longer allowed to skip court if their choices are considered unlawful.
HawkEye Attack Wave Sends Stolen Data to Another Keylogger Provider
A recent attack wave involving HawkEye malware sends data stolen from its victims to another keylogger provider’s website. On 21 May, My Online Security came across a new sample of HawkEye. The actual delivery mechanism itself wasn’t unique compared...
Washington Issues Temporary License to Huawei
Washington Issues Temporary License to Huawei The US government has issued a temporary license to Huawei and its affiliates, allowing American companies to supply the telecoms and handset giant until August.
Despite reports emerging over the weekend of various chipmakers...
GDPR: The Best Strategy For International Businesses
The EU’s General Data Protection Regulation (GDPR) was created with the aim of homogenising data privacy laws across the EU. GDPR also applies to organisations outside the EU, if they monitor EU data subjects, or offer goods and services...
How Cyber-Secure Are Business Travelers? New Report Says Not Very
I travel frequently for business — to industry conferences such as RSA Conference and Black Hat and meeting with clients. Whenever I travel, I bring my work laptop, my personal cellphone enabled with work email and calendar, and, of...
Haas F1 team leans on service providers as security force multipliers
If today’s cars are smartphones on wheels, then race cars are supercomputers with engines attached. As the fastest racing sport in the world, Formula One cars come laden with over 100 sensors measuring every aspect of a car’s internal...
