Good Heavens! 10M Impacted in Pray.com Data ExposureThe information exposed in a public cloud bucket included PII, church-donation information, photos and users' contact lists.
Facebook Messenger Flaw Enabled Spying on Android CalleesA critical flaw in Facebook Messenger on Android would let someone start an audio or video call without the victim's knowledge.
How Industrial IoT Security Can Catch Up With OT/IT ConvergenceRansomware can easily make a connection between IT and OT already. How can blue teams do the same?
Security Pros Push for More Pervasive Threat ModelingWith the release of the "Threat Modeling Manifesto," a group of 16 security professionals hope to prompt more companies to consider the threats to software.
Drupal sites vulnerable to double-extension attacksThe 90s called. They want their vulnerability back.
Week in security with Tony Anscombe
Lazarus takes aim at South Korea via an unusual supply-chain attack – The harsh reality of poor passwords – Bumble bitten by bugs
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
New Grelos Skimmer Variants Siphon Credit Card DataDomains related to the new variant of the Grelos web skimmer have compromised dozens of websites so far.
5 takeaways from the 2020 (ISC)2 Cybersecurity Workforce Study
From the impact of the pandemic on cybersecurity careers to workers’ job satisfaction, the report offers a number of interesting findings
The post 5 takeaways from the 2020 (ISC)<sup>2</sup> Cybersecurity Workforce Study appeared first on WeLiveSecurity
SAFECode and PCI SSC Discuss the Evolution of Secure Software
When the PCI Security Standards Council (PCI SSC) developed its Software Security Framework (SSF) a few years ago, it relied on the expertise of a Software Security Task Force. As part of this task force, SAFECode, along with other industry partners, played an instrumental role in the development of the framework and its standards.