Cybersecurity News


Women in Payments: Q&A with Diane Rogerson


Diane Rogerson didn’t choose a career in cybersecurity; rather, it chose her. In this month’s blog series, find out how Rogerson’s transferrable skillsets were more valuable than her subject matter expertise around cybersecurity, and how she thinks other women can be successful in this regard, too.  

02 June 2020

Octopus Scanner Sinks Tentacles into GitHub Repositories

Octopus Scanner Sinks Tentacles into GitHub Repositories At least 26 different open-source code repositories were found to be infected with an unusual attack on the open-source software supply chain.
02 June 2020

Google adds Nest devices to Advanced Protection Program

You can now shore up your smart home security by leveraging Google's top security offering

The post Google adds Nest devices to Advanced Protection Program appeared first on WeLiveSecurity

02 June 2020

Cybersecurity Spending Hits 'Temporary Pause' Amid Pandemic

For now, security teams face freezes in projects and hiring - and budget cuts, security industry analysts say.
02 June 2020

Banking on Data Security in a Time of Insecurity

How banks can maintain security and data integrity in the middle of a pandemic.
02 June 2020

Apple Jailbreak Zero-Day Gets a Patch

Apple Jailbreak Zero-Day Gets a Patch The zero-day vulnerability tracked as CVE-2020-9859 is exploited by the "Uncover" jailbreak tool released last week.
02 June 2020

Podcast: Why Identity Access Management is the New Perimeter

Podcast: Why Identity Access Management is the New Perimeter DivvyCloud discusses the changing nature of identity access management (IAM) - and what kind of challenges and opportunities that is creating for businesses.
02 June 2020

G Suite Marketplace primed for a privacy scandal, researchers warn

G Suite apps that have access to Drive and Gmail data found communicating with undisclosed external services.
02 June 2020

Amtrak discloses data breach, potential leak of customer account data

The rail service says that customer PII may have been compromised.
02 June 2020

VMware Cloud Director vulnerability could lead to hijack of enterprise server infrastructure

The security flaw handed over the keys to enterprise infrastructure.
02 June 2020

Data on Indian Mobile Payments App Reportedly Exposed via Open S3 Bucket

Over 7 million records exposed, according to vpnMentor, but app maker says there is no sign of malicious use.
01 June 2020

Apple Pays Researcher $100,000 for Critical Vulnerability

Apple has fixed a flaw in the "Sign in with Apple" feature that could have enabled attackers to break into user accounts for third-party services.
01 June 2020

White House says security incidents at US federal agencies went down in 2019

US federal agencies reported 28,581 cyber-security incidents in 2019, down by 8% from 31,107 in 2018.
01 June 2020

26 IoT Flaws Enable Denial-of-Service Attacks, Privilege Escalation

Research details vulnerabilities in the Zephyr Real Time Operating Systems and MCUboot, both used in IoT devices and sensors.
01 June 2020

After a breach, users rarely change their passwords, study finds

Only a third of users changed their password following a data breach.
01 June 2020

Rare NSA Advisory About Russia-Based Cyberattacks Unlikely to Stop Them

The Sandworm group -- behind disinformation and election-hacking campaigns and responsible for a 2016 power outage in the Ukraine -- is now targeting e-mail servers.
01 June 2020

Apple Pays $100K Bounty for Critical ‘Sign in With Apple’ Flaw

Apple Pays $100K Bounty for Critical ‘Sign in With Apple’ Flaw Apple has fixed a critical flaw in its Sign in with Apple feature, which could have been abused by attackers to takeover victims' third-party applications.
01 June 2020

Minneapolis Police Department Hack Likely Fake, Says Researcher

Minneapolis Police Department Hack Likely Fake, Says Researcher Troy Hunt said that the supposed data breach perpetrated by Anonymous is most likely a hoax.
01 June 2020

Bug in ‘Sign in with Apple’ could have allowed account hijacking

The tech giant rewards the bug bounty hunter who found the severe flaw in its login mechanism with US$100,000

The post Bug in ‘Sign in with Apple’ could have allowed account hijacking appeared first on WeLiveSecurity

01 June 2020

Hosting Provider’s Database of Crooked Customers Leaked

Hosting Provider’s Database of Crooked Customers Leaked Database of sensitive info, including emails and passwords, from owners of Daniel’s Hosting portals could be incriminating.
01 June 2020