Trending Articles

Facebook Takes $3 Billion Hit, Anticipating FTC Fine

Data Breach Today

Questions Loom About Whether Big Fines Will Prompt Privacy Reform Facebook has set aside $3 billion from its first quarter profit to pay for what is likely to be a record-breaking fine from the U.S. Federal Trade Commission.

MY TAKE: How digital technology and the rising gig economy are exacerbating third-party risks

The Last Watchdog

Accounting for third-party risks is now mandated by regulations — with teeth. Related: Free ‘VRMM’ tool measures third-party exposure Just take a look at Europe’s GDPR , NYDFS’s cybersecurity requirement s or even California’s newly minted Consumer Privacy Act.

Risk 166

Facebook Marketplace Flaw Revealed Seller's Exact Location

Data Breach Today

Privacy Peril: Thieves Use Location Data to 'Shop' for High-Value Items Facebook has fixed a security vulnerability in its digital marketplace that could have been abused to identify the precise location of a seller, and by extension, their goods.

Who’s Behind the RevCode WebMonitor RAT?

Krebs on Security

Sales 184

G7 Comes Out in Favor of Encryption Backdoors

Schneier on Security

jQuery JavaScript library flaw opens the doors for attacks on hundreds of millions of websites

Security Affairs

The popular jQuery JavaScript library is affected by a rare prototype pollution vulnerability that could allow attackers to modify a JavaScript object’s prototype.

More Trending

Marcus “MalwareTech” Hutchins Pleads Guilty to Writing, Selling Banking Malware

Krebs on Security

Marcus Hutchins, a 24-year-old blogger and malware researcher arrested in 2017 for allegedly authoring and selling malware designed to steal online banking credentials, has pleaded guilty to criminal charges of conspiracy and to making, selling or advertising illegal wiretapping devices.

NEW TECH: Alcide introduces a “microservices firewall” as a dynamic ‘IaaS’ market takes shape

The Last Watchdog

As a tech reporter at USA TODAY, I wrote stories about how Google fractured Microsoft’s Office monopoly , and then how Google clawed ahead of Apple to dominate the global smartphone market. Related: A path to fruition of ‘SecOps’ And now for Act 3, Google has thrown down the gauntlet at Amazon, challenging the dominant position of Amazon Web Services in the fast-emerging cloud infrastructure global market.

Excellent Analysis of the Boeing 737 MAX Software Problems

Schneier on Security

This is the best analysis of the software causes of the Boeing 737 MAX disasters that I have read. Technically this is safety and not security; there was no attacker.

Zero-day vulnerability in Oracle WebLogic

Security Affairs

Security experts are warning of a dangerous zero-day remote code vulnerability that affects the Oracle WebLogic service platform. Oracle WebLogic wls9_async and wls-wsat components are affected by a deserialization remote command execution zero-day vulnerability.

Access 104

Regulator to Facebook: Move Fast But Stop Breaking Things

Data Breach Today

FTC Reportedly Eyes Holding Mark Zuckberberg Personally Accountable for Privacy "Move fast and break things," Facebook CEO Mark Zuckerberg once said of his company's internal motto.

EU To Build Massive Biometric Database

Adam Levin

The European Union’s parliament voted to create a biometric database of over 350 million people.

NEW TECH: Circadence deploys ‘gamification’ training to shrink cybersecurity skills gap

The Last Watchdog

It’s clear that closing the cybersecurity skills gap has to happen in order to make our internet-centric world as private and secure as it ought to be. Related: The need for diversity in cybersecurity personnel One of the top innovators in the training space is Circadence ®. The Boulder, CO-based company got its start in the mid-1990s as a pioneer of massive multi-player video games.

A 'Blockchain Bandit' Is Guessing Private Keys and Scoring Millions

WIRED Threat Level

The larger lesson of an ongoing Ethereum crime spree: Be careful with who's generating your cryptocurrency keys. Security Security / Cyberattacks and Hacks

60 Million records of LinkedIn users exposed online

Security Affairs

Researcher discovered eight unsecured databases exposed online that contained approximately 60 million records of LinkedIn user data. Researcher Sanyam Jain at GDI foundation discovered eight unsecured databases exposed online that contained approximately 60 million records of LinkedIn user data.

Fooling Automated Surveillance Cameras with Patchwork Color Printout

Schneier on Security

Nice bit of adversarial machine learning. The image from this news article is most of what you need to know, but here's the research paper. academicpapers biometrics cybersecurity machinelearning

Paper 74

UK-based organisations are getting better at preventing ransomware

IT Governance

The UK is one of the few countries that has seen a year-on-year reduction in ransomware attacks, a new study has found. According to the 2019 SonicWall Cyber Threat Report , ransomware infections in the UK decreased by 59% in the past year, a stark contrast to the 11% increase globally.

Mueller Report Fallout Pressures Democrats to Impeach Trump

WIRED Threat Level

Congressional Democrats have punted on the question of impeaching Donald Trump. The Mueller report makes that calculus much harder. Security Security / National Security

Hacker broke into super secure French Government’s Messaging App Tchap hours after release

Security Affairs

A white hat hacker discovered how to break Tchap, a new secure messaging app launched by the French government for officials and politicians.

TA505 Group Hides Malware in Legitimate Certificates

Data Breach Today

APT Group Targets Banks With Backdoor Malware to Penetrate Networks TA505, a sophisticated advanced persistent threat group, is now using legitimately signed certificates to disguise malware that can penetrate banking networks, security researchers warn in a new report

Groups 208

Iranian Cyberespionage Tools Leaked Online

Schneier on Security

The source code of a set of Iranian cyberespionage tools was leaked online. cyberespionage doxing hacking iran leaks

Tools 88

GDPR fines are coming and here’s why

IT Governance

Stop us if you’ve heard this one before: organisations that fail to meet the requirements of the GDPR (General Data Protection Regulation) face fines of up to €20 million (about £17.3 million) or 4% of their annual global turnover.

GDPR 79

Lavaman 2019 Triathlon – We did It Together!

Reltio

Mona Rakibe , Director Product Manager, Reltio. Triathlon is a great opportunity to test your endurance, if you have an extreme determination coupled with rigorous training. We had the determination, but always lacked time for training.

IT 79

Source code of tools used by OilRig APT leaked on Telegram

Security Affairs

Lab Dookhtegan hackers leaked details about operations carried out by Iran-linked OilRig group, including source code of 6 tools.

Tools 108

Intelligence Agencies Seek Fast Cyber Threat Dissemination

Data Breach Today

Mapping Data Flows: Help Us Ask the Right Questions

John Battelle's Searchblog

I’ve been quiet here on Searchblog these past few months, not because I’ve nothing to say, but because two major projects have consumed my time. The first, a media platform in development, is still operating mostly under the radar.

The Future of Payments? Frictionless.

Thales eSecurity

The financial industry has been turned on its head over the past 10 years. The emergence of fintech players like Stripe, Square and PayPal have pushed banks to innovate in ways they haven’t since the ATM was implemented.

Mueller Makes It Clear: Trump Was Worse Than a 'Useful Idiot'

WIRED Threat Level

The Mueller report exposes the extent to which not just Russia but Donald Trump's own associates grifted the president. Security

IT 75

Ransomware attack knocks Weather Channel off the Air

Security Affairs

A ransomware attack knocked the Weather Channel off the air for at least 90 minutes Thursday morning, federal law enforcement are investigating the incident.

'Virus Infection' Prohibits Access to Patient Records

Data Breach Today

Attack on a California Medical Group Affects Nearly 198,000 Individuals A recent cyberattack on a California medical imaging and oncology services provider, which prohibited access to patient data, is one of the largest health data breaches reported so far this year

Access 190

Vulnerability in French Government Tchap Chat App

Schneier on Security

A researcher found a vulnerability in the French government WhatsApp replacement app: Tchap. The vulnerability allows anyone to surreptitiously join any conversation. Of course the developers will fix this vulnerability.

Is Your Customer Experience Future-Ready?

Reltio

Ankur Gupta, Sr. Product Marketing Manager, Reltio. Are your customers demanding and want only the best? I guess the question is redundant. Customers are always demanding and we must deliver to top those expectations.

Engineering Secure Systems

Thales eSecurity

Systems. The word “system” comes from the Greek ???????, a whole thing made of parts, or a composition.

Facebook admitted to have stored millions of Instagram users’ passwords in plaintext

Security Affairs

Other problems for Facebook that admitted to have stored m illions of Instagram users’ passwords in plaintext. Yesterday, Facebook made the headlines once again for alleged violations of the privacy of its users, the company admitted to have ‘unintentionally’ collected contacts from 1.5