Cybersecurity News
Email Campaign Spreads StrRAT Fake-Ransomware RAT
Microsoft Security discovered malicious PDFs that download Java-based StrRAT, which can steal credentials and change file names but doesn't actually encrypt.Irish court issues injunction against Conti hackers to stop health service data exposure, sale
The group has warned that the data will be leaked or sold if a $20 million ransom demand is not met.US insurance giant CNA Financial paid $40 million ransom to regain control of systems: report
CNA Financial reportedly paid up a few weeks after the attack in March.Dev-Sec Disconnect Undermines Secure Coding Efforts
Rather than continue to complain about each other, developers and security pros need to work together and celebrate their successes.Lack of Skills, Maturity Hamper Threat Hunting at Many Organizations
When implemented correctly, threat hunting can help organizations stay head of threats, researcher says at RSA Conference.Don't Let Scary Headlines Shape Your Company's Cyber-Resilience Strategy
Resilience planning should be based on data and backed by technology, cybersecurity pros agreed at this week's RSA Conference.Maricopa County CISO: Online Misinformation/Disinformation in 2020 Election a 'Gamechanger
Custom playbooks played a key role in the Arizona election jurisdiction's security strategy.100M Android Users Hit By Rampant Cloud Leaks
Several mobile apps, some with 10 million downloads, have opened up personal data of users to the public internet – and most aren't fixed.100M Users' Data Exposed via Third-Party Cloud Misconfigurations
Researchers who examined 23 Android apps report developers potentially exposed the data of more than 100 million people.Security Providers Describe New Solutions (& Growing Threats) at RSAC
SPONSORED CONTENT: Watch now -- Leading security companies meet Dark Reading in the RSA Conference Broadcast Alley to talk about tackling insider threat, SOC complexity, cyber resilience, mobile security, attacker evasion, supply chain threats, ransomware, and more.Cost Savings, Better Security Drive Adoption of Emerging Technologies
However, senior technology managers express concerns about whether their current infrastructure can properly safeguard them.The Gig Economy Creates Novel Data-Security Risks
Enterprises are embracing on-demand freelance help -- but the practice, while growing, opens up entirely new avenues of cyber-risk.Just published: SPoC Unsupported Operating Systems Annex
The PCI Security Standards Council (PCI SSC) has published a new, optional, Software-based PIN Entry on COTS (SPoC)™ Annex for Unsupported Operating Systems (“Unsupported OS Annex”) version 1.0. The purpose of this Annex is to provide additional security and testing requirements to allow solution providers to develop SPoC solutions that merchants can use on commercial off-the-shelf (COTS) devices with unsupported operating systems. The Unsupported OS Annex incorporates stakeholder feedback and comments received via a formal request for comment (RFC) period.
In this post we talk with PCI SSC SVP and Standards Officer Emma Sutcliffe about the new Annex.
Android 12 will give you more control over how much data you share with apps
An all-new privacy dashboard and better location, microphone and camera controls are all aimed at curbing apps’ data-slurping habits
The post Android 12 will give you more control over how much data you share with apps appeared first on WeLiveSecurity