Cybersecurity News


5 Objectives for Establishing an API-First Security Strategy

With APIs predicted to be the most common attack vector by 2022, an API-first security strategy is critical now more than ever.
13 April 2021

Adobe Patches Slew of Critical Security Bugs in Bridge, Photoshop

Adobe Patches Slew of Critical Security Bugs in Bridge, Photoshop The security bugs could open the door for arbitrary code-execution and full takeover of targeted machines.
13 April 2021

WhatsApp flaw lets anyone lock you out of your account

An attacker can lock you out of the app using just your phone number and without requiring any action on your part

The post WhatsApp flaw lets anyone lock you out of your account appeared first on WeLiveSecurity

13 April 2021

Clear & Present Danger: Data Hoarding Undermines Better Security

Facebook and Google can identify patterns of attack within their own data, but smaller businesses rarely see enough traffic to successfully identify an attack or warn users.
13 April 2021

Chrome Zero-Day Exploit Posted on Twitter

Chrome Zero-Day Exploit Posted on Twitter An update to Google’s browser that fixes the flaw is expected to be released on Tuesday.
13 April 2021

Recording Conference Calls

When hosting or attending conference calls, only record the call if you have prior permission, a work related need to record the call, and you make sure everyone on the call knows it will be recorded.
13 April 2021

ParkMobile Breach Exposes License Plate Data, Mobile Numbers of 21M Users

Someone is selling account information for 21 million customers of ParkMobile, a mobile parking app that's popular in North America. The stolen data includes customer email addresses, phone numbers, license plate numbers, hashed passwords and mailing addresses.
12 April 2021

Biden Nominates Former NSA Officials for Top Cybersecurity Roles

President Biden has nominated Jen Easterly as the new director of CISA and is expected to nominate Chris Inglis as the first national cyber director.
12 April 2021

1.3M Clubhouse Users’ Data Dumped in Hacker Forum for Free

1.3M Clubhouse Users’ Data Dumped in Hacker Forum for Free Clubhouse denies it was ‘breached’ and says the data is out there for anyone to grab.
12 April 2021

Microsoft Warns of Malware Delivery via Google URLs

A new campaign abuses legitimate website contact forms to send URLs that ultimately deliver the IcedID banking Trojan.
12 April 2021

Man Arrested for AWS Bomb Plot

Man Arrested for AWS Bomb Plot A man caught in an FBI sting said he wanted to destroy "70 percent of the internet" by going after the tech giant's data centers.
12 April 2021

Federal Reserve Chairman Says Cyber-Risk a Top Threat to National Economy

Jerome Powell tells 60 Minutes that cyberattacks have the potential to do major damage to US financial system.
12 April 2021

Zero Trust: The Mobile Dimension

Zero Trust: The Mobile Dimension Hank Schless, senior security solutions manager at Lookout, discusses how to secure remote working via mobile devices.
12 April 2021

IcedID Circulates Via Web Forms, Google URLs

IcedID Circulates Via Web Forms, Google URLs Attackers are filling out and submitting web-based "contact us" forms, thus evading email spam filters.
12 April 2021

Paving the way: Inspiring Women in Payments - A podcast featuring Noel Haskins-Hafer

 

With a background in Russian language and literature, Noel Haskins-Hafer might have seemed like an unlikely candidate for a career in technology. But through her love for learning, she started out in the industry by reading IBM manuals and assembler programming books, often while on vacation. Over time, she explored and eliminated roles that she hated until she discovered where she fit, and what she loved, in the realm of audit and compliance. In this edition of our podcast, Noel explains why lifelong learning – and learning broadly – can be the key to a successful career.

12 April 2021

Microsoft Uses Machine Learning to Predict Attackers' Next Steps

Researchers build a model to attribute attacks to specific groups based on tactics, techniques and procedures, and then figure out their next move.
12 April 2021

New Malware Downloader Spotted in Targeted Campaigns

Saint Bot is being used to drop stealers on compromised systems but could be used to deliver any malware.
12 April 2021

Clubhouse in the spotlight after user records posted online

Reports of another trove of scraped user data add to the recent woes of popular social media platforms

The post Clubhouse in the spotlight after user records posted online appeared first on WeLiveSecurity

12 April 2021

Wake Up and Smell the JavaScript

The SolarWinds attack showed the true meaning of a supply chain breach. And it's the canary in the coal mine for sensitive data on the Web.
12 April 2021

Omdia Research Spotlight: XDR

Few emerging cybersecurity market segments are garnering more attention than XDR. Here, Omdia highlights its recent research on XDR.
12 April 2021