Cybersecurity News
New Global Threat Landscape Report Reveals ‘Unprecedented’ Cyberattacks
Fortinet's recently released Global Threat Landscape Report shows how the perimeter is extending to the home in the first half of 2020 - and what that means for cybercrime.
13 August 2020
Black Hat USA 2020 Shines Spotlight on the Mental Challenges of Cybersecurity
Infosec practitioners face a variety of mental struggles in areas such as awareness training, problem solving, or general mental health. Several sessions at Black Hat USA 2020 highlighted these challenges and how to overcome them.13 August 2020
PCI SSC Offers Informational Training via New eLearning Platform
PCI Security Standards Council (PCI SSC) has adopted a new eLearning platform to move all informational and certification programs online. With the rise of the COVID-19 pandemic, the Council took important steps earlier this year to protect the health and safety of all involved by canceling face-to-face, instructor-led training courses for the remainder of the calendar year.
13 August 2020
Forcepoint Hopes for Breakout Moment by Hopping on the ZTA Bandwagon
The debut of Forcepoint's two-pronged zero trust access (ZTA) solution delivers much-needed competitive momentum, but it must do more to stand out against a growing field of ZTA competitors.13 August 2020
With iOS's Privacy Nutrition Label, Apple Upstages Regulators
New iOS privacy features require developers to disclose what data they're collecting, how they're using it, and with whom they share it.13 August 2020
Security Jobs With a Future -- And Ones on the Way Out
Some titles are hot, while others are not, amid rapidly shifting business priorities.
13 August 2020
ReVoLTE Attack Allows Hackers to Listen in on Mobile Calls
Rare attack on cellular protocol exploits an encryption-implementation flaw at base stations to record voice calls.
13 August 2020
Adaptive Shield Emerges From Stealth
Israeli startup joins growing number of vendors offering platform for detecting and mitigating common configuration errors in cloud environments.13 August 2020
Emotet Return Brings New Tactics & Evasion Techniques
Security researchers tracking Emotet report its reemergence brings new tricks, including new evasion techniques to bypass security tools.13 August 2020
High-Severity TinyMCE Cross-Site Scripting Flaw Fixed
The cross-site scripting flaw could enable arbitrary code execution, information disclosure - and even account takeover.
13 August 2020
Signal adds message requests to stop spam and protect user privacy
New feature lets Signal users control who can text or voice call, add them to groups.13 August 2020
Amazon Alexa ‘One-Click’ Attack Can Divulge Personal Data
Researchers disclosed flaws in Amazon Alexa that could allow attackers to access personal data and install skills on Echo devices.
13 August 2020
In one click: Amazon Alexa could be exploited for theft of voice history, PII, skill tampering
Subdomains belonging to the service were found to be harboring CORS errors and vulnerable to XSS attacks.13 August 2020
Mekotio: These aren’t the security updates you’re looking for…
Another in our occasional series demystifying Latin American banking trojans
The post Mekotio: These aren’t the security updates you’re looking for… appeared first on WeLiveSecurity
13 August 2020
FireEye’s bug bounty program goes public
42 vulnerabilities in FireEye domains have, so far, been resolved.13 August 2020
RedCurl cybercrime group has hacked companies for three years
New hacker group discovered; believed to operate out of Russia.13 August 2020
Unique Passwords
Make sure each of your accounts has a separate, unique password. Can't remember all of your passwords/passphrases? Consider using a password manager to securely store all of them for you.13 August 2020
FireEye Announces New Bug-Bounty Program
The program, administered by Bugcrowd, will pay bounties of up to $2,500 per vulnerability.12 August 2020
Using 'Data for Good' to Control the Pandemic
The tech community should unite to develop and distribute a universal COVID-19 contact-tracing application. Here's why and how.12 August 2020
Women in Payments: Q&A with Robin Trickel
Companies achieve more when a variety of perspectives are represented at the table. In this month’s blog series, Robin Trickel explains why having a culturally different, or non-traditional, background may be the key to success in cybersecurity.
12 August 2020