Security

0 Comments
Chinese-made drones may be sending sensitive flight data to their manufacturers in China, according an alert issued by the US Department of Homeland Security (DHS), CNN reported on May 20. In a copy of the alert obtained by CNN, DHS said, “The United States government has strong concerns about any technology product that takes American data
0 Comments
Complying with a request by US authorities, Ecuadorian officials are preparing to hand over documents that are reportedly the entire legal defense against Julian Assange, compiled during the time he has been living in the Ecuadorian embassy in London, according to WikiLeaks. “On Monday Ecuador will perform a puppet show at the embassy of Ecuador
0 Comments
by John E Dunn Arrests in Europe and the US appear to have ended the cybercrime careers of the gang behind the GozNym banking malware. According to Europol, which coordinated the pursuit of 10 people in Ukraine, Moldova, Georgia, Bulgaria, Germany and the US, GozNym stole $100 million by infecting 41,000 devices around the world
0 Comments
A recent survey found that to gain counterintelligence the vast majority of organizations would allow an attacker to take decoy files rather than stop an attack in progress, according to the latest International Cyber Benchmark Index from the Neustar International Security Council (NISC). A reported one in five companies are currently employing forensic investigations, as
0 Comments
by Lisa Vaas Six people have been indicted for allegedly being SIM card swappers who stole victims’ identities and their cryptocurrency, and three mobile phone company employees have been indicted for allegedly accepting bribes to help them steal subscribers’ identities. On Thursday, federal prosecutors in the US Attorney’s Office for the Eastern District of Michigan
0 Comments
Slack users have been urged to upgrade their applications and clients to the most recent version, 3.4.0, after Tenable researcher David Wells discovered a new vulnerability that would allow an attacker to share malicious hyperlinks that could alter where a victim’s files were stored. Wells discovered a download hijack vulnerability in Slack Desktop version 3.3.7 for Windows.
0 Comments
A high-risk vulnerability in Cisco‘s secure boot process was disclosed earlier this week by Cisco and Red Balloon Security and is believed to have affected an estimate 100 or more devices. The vulnerability (CVE-2019-1649) is “in the logic that handles access control to one of the hardware components in Cisco’s proprietary Secure Boot implementation could allow
0 Comments
After analyzing the top three breaches from the past three years, Bitglass found that in the aftermath of a data breach, a decrease in stock price was a notable repercussion identifiable for publicly traded companies. The report, Kings of the Monster Breaches, identified the extensive damage done by improper security by looking specifically at the Marriott
0 Comments
Lawmakers in San Francisco will vote today on legislation that would ban the use of facial recognition technology among city departments, according to NPR. If approved, the law would make San Francisco the first city to ban the technologies use, a ban that would extend to police body cameras. “Governments have used the technology for
0 Comments
Malicious or criminal attacks accounted for nearly twice as many data breaches as those resulting from human error during the first quarter of 2019, according to the Notifiable Data Breaches Quarterly Statistics Report by the Office of the Australian Information Commissioner (OAIC). The report, published today, marks the start of Australia’s Privacy Awareness Week. “By understanding the
0 Comments
A report published today by Advanced Intelligence revealed that three US-based antivirus software vendors have been breached, and a high-profile collective of Russian hackers is claiming responsibility. Using a credential-stuffing botnet, the known international cybercrime group has reportedly stolen more than 30 terabytes of data from the networks of three U.S.-based antivirus firms. Advanced Intelligence research
0 Comments
by Lisa Vaas The US Federal Trade Commission (FTC) is yet again beating the drum for the long-discussed, much-debated, when-in-the-world-will-this-happen national data privacy law, the lack of which keeps the country from parity with the EU and its General Data Protection Regulation (GDPR)… …or, for that matter, with the state of California, with its California’s
0 Comments
Photo storage app Ever failed to get consent from users who uploaded millions of images to the service before it adopted the images as tools to train a commercial facial recognition system, according to NBC News. Without disclosing their use of the images to users of the app, Ever also reportedly offered to sell that facial
0 Comments
In an attempt to reduce exposure and enable network security, the Department of Homeland Security (DHS) in collaboration with the Federal Bureau of Investigation (FBI) has released a report analyzing a North Korean traffic tunneling tool named ELECTRICFISH. The DHS and FBI have identified a malware variant used by the North Korean government, yet another
0 Comments
Americans in every state are overconfident in their cybersecurity coverage, with the majority of consumers expressing confidence they are taking appropriate steps to protect themselves, according to the 2019 report published by Wakefield Research and commissioned by Webroot. The Cyber Hygiene Risk Index, published on May 8, found that 88% of consumers expressed confidence in
0 Comments
After its acquisition of SecureData earlier this year, Orange has announced another agreement it has signed to acquire SecureLink, a transaction that will advance Orange’s position in the EU’s cybersecurity industry, according to a May 7 press release. The deal will afford Orange a position of leadership in Europe’s cybersecurity scene as SecureLink already has
0 Comments
Researchers have identified a significant uptick in breaches and attacks related to the internet of things (IoT), according to a new Ponemon Institute report, The Third Annual Study on Third Party IoT Risk: Companies Don’t Know What They Don’t Know. Released today by the Santa Fe Group, the study yielded 35 key findings on IoT risks