Cybersecurity News


Firefox for Mac and Linux to get a new security sandbox system

Firefox's new RLBox sandbox system to ship to Linux users in Firefox 74 and Mac users in Firefox 75.
25 February 2020

UK financial watchdog admits to leaking confidential consumer data

A Freedom of Information Act request published on the FCA website revealed more than it should.
25 February 2020

McAfee acquires Light Point Security team to bring browser isolation tech to MVISION UCE

McAfee’s aim is to improve browser protections by isolating potentially malicious code in virtual environments.
25 February 2020

Google patches Chrome zero-day under active attacks

This is the third Chrome zero-day discovered being exploited in the wild in the past year.
25 February 2020

Mozilla enables DOH by default for all Firefox users in the US

The rollout begins today and will continue over the next few weeks to confirm no major issues are discovered as DoH is enabled for Firefox's US-based users.
25 February 2020

Wanted: Hands-On Cybersecurity Experience

Organizations lament a lack of qualified job candidates as they continue to struggle to hire and retain security teams, the new ISACA State of Cybersecurity 2020 report shows.
25 February 2020

Verizon: Attacks on Mobile Devices Rise

Companies of all sizes are being hit by mobile attacks and feeling the effects for extended periods of time, according to the 2020 Verizon Mobile Security Index.
25 February 2020

PayPal accounts are getting abused en-masse for unauthorized payments

All signs point to an attack exploiting PayPal's Google Pay integration.
24 February 2020

Security, Networking Collaboration Cuts Breach Cost

CISOs report increases in alert fatigue and the number of records breached, as well as the struggle to secure mobile devices in a new Cisco study.
24 February 2020

Apple Takes Heat Over ‘Vulnerable’ iOS Cut-and-Paste Data

Apple Takes Heat Over ‘Vulnerable’ iOS Cut-and-Paste Data Software developer builds a malicious proof-of-concept iOS app that can read data temporarily saved to the device’s clipboard.
24 February 2020

Forget passwords: Secure yourself with a passphrase and these tools

Passphrases are much stronger than ordinary passwords -- and a heck of a lot easier to remember. But that's only the start to securing yourself on today's hostile internet. Here's how to protect yourself.
24 February 2020

SSRF 101: How Server-Side Request Forgery Sneaks Past Your Web Apps

SSRF 101: How Server-Side Request Forgery Sneaks Past Your Web Apps Server-side request forgery is a dangerous attack method that is also becoming an issue for the cloud. Here are some of the basics to help keep your Web server from turning against you.
24 February 2020

Enterprise Cloud Use Continues to Outpace Security

Nearly 60% of IT and security pros say deployment of business services in the cloud has rushed past their ability to secure them.
24 February 2020

Zyxel Fixes 0day in Network Storage Devices

Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them. The patch comes 12 days after KrebsOnSecurity alerted the company that precise instructions for exploiting the vulnerability were being sold for $20,000 in the cybercrime underground. Based in Taiwan, Zyxel Communications Corp. (a.k.a "ZyXEL") is a maker of networking devices, including Wi-Fi routers, NAS products and hardware firewalls. The company has roughly 1,500 employees and boasts some 100 million devices deployed worldwide. While in many respects the class of vulnerability addressed in this story is depressingly common among Internet of Things (IoT) devices, the flaw is notable because it has attracted the interest of groups specializing in deploying ransomware at scale.
24 February 2020

Solving the Cloud Data Security Conundrum

Trusting the cloud involves a change in mindset. You must be ready to use runtime encryption in the cloud.
24 February 2020

Latest Security News from RSAC 2020

Check out Dark Reading's updated, exclusive coverage of the news and security themes that are dominating RSA Conference 2020 in San Francisco.
24 February 2020

Data Breach Occurs at Agency in Charge of Secure White House Communications

Data Breach Occurs at Agency in Charge of Secure White House Communications A leak at the Defense Information Systems Agency exposed personal information of government employees, including social security numbers.
24 February 2020

7 Tips to Improve Your Employees' Mobile Security

7 Tips to Improve Your Employees' Mobile Security Security experts discuss the threats putting mobile devices at risk and how businesses can better defend against them.
24 February 2020

Cybersecurity alliance launches first open source messaging framework for security tools

OpenDXL Ontology is designed for data and command sharing between cybersecurity software.
24 February 2020

Is your phone listening to you?

Do social media listen in on our conversations in order to target us with ads? Or are we just a bit paranoid? A little test might speak a thousand words.

The post Is your phone listening to you? appeared first on WeLiveSecurity

24 February 2020