Expert insights. Personalized for you.
Security researcher Ahmed Hassan has shown that spoofing the Android’s “People Nearby” feature allows him to pinpoint the physical location of Telegram users: Using readily available software and a rooted Android device, he’s able to spoof the location his device reports to Telegram servers. MORE
A pop-up notification has alerted the messaging app's users to a practice that's been in place since 2016. Security Security / Privacy MORE
Cybercriminals are abusing Facebook ads in a large-scale phishing scam aimed at stealing victims’ login credentials. Researchers from security firm ThreatNix spotted a new large-scale campaign abusing Facebook ads. MORE
Today’s children are online at a young age, for many hours, and in more ways than ever before. As adults, we know that bad online decisions can have negative or dangerous effects for years to come. Related: Web apps are being used to radicalize youth. The question isn’t whether we should educate children about online safety, but how we can best inspire them to learn to be thoughtful, careful, and safe in the cyber world for their lifetime. For adults doing the teaching, it’s no easy task. MORE
Ransomware, Phishing Incidents, Vendor Hacks Prevail Hacking incidents, including ransomware and phishing attacks, as well as security incidents involving vendors dominated the federal tally of major health data breaches in 2020 MORE
Ubiquiti , a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication. MORE
New research into the malware that set the stage for the megabreach at IT vendor SolarWinds shows the perpetrators spent months inside the company’s software development labs honing their attack before inserting malicious code into updates that SolarWinds then shipped to thousands of customers. MORE
We all know that our cell phones constantly give our location away to our mobile network operators; that’s how they work. A group of researchers has figured out a way to fix that. Pretty Good Phone Privacy” (PGPP) protects both user identity and user location using the existing cellular networks. MORE
If you’re a WhatsApp user, pay attention to the changes in the privacy policy that you’re being forced to agree with. In 2016, WhatsApp gave users a one-time ability to opt out of having account data turned over to Facebook. Now, an updated privacy policy is changing that. MORE
Researchers from Trend Micro discovered that the TeamTNT botnet is now able to steal Docker API logins along with AWS credentials. Researchers from Trend Micro discovered that the TeamTNT botnet was improved and is now able to steal also Docker credentials. MORE
The “free speech” social network also allowed unlimited access to every public post, image, and video. Security Security / Privacy MORE
The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S. MORE
The development team behind the Linux Mint distro has fixed a security flaw that could have allowed users to bypass the OS screensaver. The maintainers of the Linux Mint project have addressed a security bug that could have allowed attackers to bypass the OS screensaver. MORE
A security researcher discovered a flaw in the F5 BIG-IP product that can be exploited to conduct denial-of-service (DoS) attacks. MORE
New research has dug into the openings that iOS and Android security provide for anyone with the right tools. Security Security / Privacy MORE
Experts Warn of an Elevated Risk of Attack From Domestic, Foreign Actors As thousands of National Guard troops pour into Washington to provide security for the Jan. MORE
Wednesday's insurrection could have exposed congressional data and devices in ways that have yet to be appreciated. Security Security / National Security MORE
Researchers have been able to find all sorts of personal information within GPT-2. This information was part of the training data, and can be extracted with the right sorts of queries. Paper: “ Extracting Training Data from Large Language Models.” MORE
Microsoft today released updates to plug more than 80 security holes in its Windows operating systems and other software, including one that is actively being exploited and another which was disclosed prior to today. MORE
Hacked Firm Also Taps Former Facebook CSO as It Responds to Supply Chain Attack As security software firm SolarWinds investigates the supply chain attack involving its Orion software and looks to rebuild its security processes and reputation, it's hired former U.S. MORE
Microsoft says there is no increase in security risk; however, experts say access to source code could make some steps easier for attackers MORE
Capcom revealed that the recent ransomware attack has potentially impacted 390,000 people, an increase of approximately 40,000 people from the previous report. In November, Japanese game developer Capcom admitted to have suffered a cyberattack that is impacting business operations. MORE
What else would you expect from the final month of 2020 than the highest number of publicly disclosed incidents we’ve ever recorded? We logged 134 security incidents in December, which accounted for 148,354,955 breached records. That brings the total for 2020 to more than 20 billion. MORE
A third piece of malware is uncovered, but there's still plenty of unknowns about the epic attacks purportedly out of Russia MORE
Meanwhile, Courts Suspend Use of SolarWinds, Adopt New Document Security Measures The U.S. federal court system is investigating an "apparent compromise" of a confidential electronic filing system used for sensitive legal documents. MORE
Data Breach Today
JANUARY 8, 2021
Hacked Firm Also Taps Former Facebook CSO as It Responds to Supply Chain Attack As security software firm SolarWinds investigates the supply chain attack involving its Orion software and looks to rebuild its security processes and reputation, it's hired former U.S.
Krebs on Security
JANUARY 7, 2021
The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The Last Watchdog
JANUARY 13, 2021
Today’s children are online at a young age, for many hours, and in more ways than ever before. As adults, we know that bad online decisions can have negative or dangerous effects for years to come. Related: Web apps are being used to radicalize youth. The question isn’t whether we should educate children about online safety, but how we can best inspire them to learn to be thoughtful, careful, and safe in the cyber world for their lifetime. For adults doing the teaching, it’s no easy task.
Security Affairs
JANUARY 16, 2021
The development team behind the Linux Mint distro has fixed a security flaw that could have allowed users to bypass the OS screensaver. The maintainers of the Linux Mint project have addressed a security bug that could have allowed attackers to bypass the OS screensaver.
Advertisement
In this whitepaper from Onna, we will walk you through data retention best practices and provide you with a downloadable template to help you get organized and gain better visibility into your data’s lifecycle.
WIRED Threat Level
JANUARY 12, 2021
The “free speech” social network also allowed unlimited access to every public post, image, and video. Security Security / Privacy
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
JANUARY 11, 2021
David Stewart of SAS on the Tools and Technologies Deployed to Fight Financial Crimes As the financial payments landscape shifts, and as fraudsters employ new technologies and techniques, institutions are deploying a next generation of anti-money laundering defenses.
Krebs on Security
JANUARY 11, 2021
Ubiquiti , a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication.
Dark Reading
JANUARY 15, 2021
As employees moved to working from home and on mobile devices, attackers followed them and focused on weekend attacks, a security firm says
Security Affairs
JANUARY 10, 2021
Researchers from Trend Micro discovered that the TeamTNT botnet is now able to steal Docker API logins along with AWS credentials. Researchers from Trend Micro discovered that the TeamTNT botnet was improved and is now able to steal also Docker credentials.
Speaker: Shannon Lietz, Director of DevSecOps Team, Intuit
You've finally done it: You've won over C-Suite and your DevSecOps team is up and running. You feel ready to take on rising security threats while continuously delivering quality software updates. But how do you monitor your new program? Are you truly able to gauge the state of your projects? To ensure the success of this new breed of a team, you need to know the metrics to look at and how to advocate these metrics to C-Suite and stakeholders. Join Shannon Lietz, Leader and Director of DevsecOps at Intuit, and learn to lead your DevSecOps team to the top.
WIRED Threat Level
JANUARY 8, 2021
A pop-up notification has alerted the messaging app's users to a practice that's been in place since 2016. Security Security / Privacy
Schneier on Security
JANUARY 11, 2021
If you’re a WhatsApp user, pay attention to the changes in the privacy policy that you’re being forced to agree with. In 2016, WhatsApp gave users a one-time ability to opt out of having account data turned over to Facebook. Now, an updated privacy policy is changing that.
Data Breach Today
JANUARY 4, 2021
Ransomware, Phishing Incidents, Vendor Hacks Prevail Hacking incidents, including ransomware and phishing attacks, as well as security incidents involving vendors dominated the federal tally of major health data breaches in 2020
Krebs on Security
JANUARY 12, 2021
New research into the malware that set the stage for the megabreach at IT vendor SolarWinds shows the perpetrators spent months inside the company’s software development labs honing their attack before inserting malicious code into updates that SolarWinds then shipped to thousands of customers.
Advertiser: Amplitude
As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.
Dark Reading
JANUARY 12, 2021
A third piece of malware is uncovered, but there's still plenty of unknowns about the epic attacks purportedly out of Russia
Security Affairs
JANUARY 14, 2021
A security researcher discovered a flaw in the F5 BIG-IP product that can be exploited to conduct denial-of-service (DoS) attacks.
WIRED Threat Level
JANUARY 7, 2021
Wednesday's insurrection could have exposed congressional data and devices in ways that have yet to be appreciated. Security Security / National Security
Schneier on Security
JANUARY 7, 2021
Researchers have been able to find all sorts of personal information within GPT-2. This information was part of the training data, and can be extracted with the right sorts of queries. Paper: “ Extracting Training Data from Large Language Models.”
Advertiser: UserTesting
Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.
Data Breach Today
JANUARY 8, 2021
Meanwhile, Courts Suspend Use of SolarWinds, Adopt New Document Security Measures The U.S. federal court system is investigating an "apparent compromise" of a confidential electronic filing system used for sensitive legal documents.
Krebs on Security
JANUARY 12, 2021
Microsoft today released updates to plug more than 80 security holes in its Windows operating systems and other software, including one that is actively being exploited and another which was disclosed prior to today.
Dark Reading
JANUARY 4, 2021
Microsoft says there is no increase in security risk; however, experts say access to source code could make some steps easier for attackers
Security Affairs
JANUARY 1, 2021
Cybercriminals are abusing Facebook ads in a large-scale phishing scam aimed at stealing victims’ login credentials. Researchers from security firm ThreatNix spotted a new large-scale campaign abusing Facebook ads.
Advertiser: ZoomInfo
Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!
WIRED Threat Level
JANUARY 16, 2021
Plus: A dark web takedown, a bitcoin scam, and more of the week's top security news. Security Security / Security News
Schneier on Security
JANUARY 15, 2021
We all know that our cell phones constantly give our location away to our mobile network operators; that’s how they work. A group of researchers has figured out a way to fix that. Pretty Good Phone Privacy” (PGPP) protects both user identity and user location using the existing cellular networks.
Data Breach Today
JANUARY 15, 2021
Experts Warn of an Elevated Risk of Attack From Domestic, Foreign Actors As thousands of National Guard troops pour into Washington to provide security for the Jan.
IT Governance
JANUARY 4, 2021
What else would you expect from the final month of 2020 than the highest number of publicly disclosed incidents we’ve ever recorded? We logged 134 security incidents in December, which accounted for 148,354,955 breached records. That brings the total for 2020 to more than 20 billion.
Advertisement
Today’s organizations are faced with the overwhelming challenge of managing, finding, and leveraging their information. This eBook discusses a newly discovered information discipline and is filled to the brim with helpful information.
Dark Reading
JANUARY 8, 2021
Cisco analyzes the latest version of the LokiBot malware for stealing credentials, finding that its developers have added more misdirection and anti-analysis features
Security Affairs
JANUARY 14, 2021
Capcom revealed that the recent ransomware attack has potentially impacted 390,000 people, an increase of approximately 40,000 people from the previous report. In November, Japanese game developer Capcom admitted to have suffered a cyberattack that is impacting business operations.
WIRED Threat Level
JANUARY 13, 2021
New research has dug into the openings that iOS and Android security provide for anyone with the right tools. Security Security / Privacy
108 
Let's personalize your content