Cybersecurity News
Verizon: Attacks on Mobile Devices Rise
Companies of all sizes are being hit by mobile attacks and feeling the effects for extended periods of time, according to the 2020 Verizon Mobile Security Index.25 February 2020
PayPal accounts are getting abused en-masse for unauthorized payments
All signs point to an attack exploiting PayPal's Google Pay integration.24 February 2020
Security, Networking Collaboration Cuts Breach Cost
CISOs report increases in alert fatigue and the number of records breached, as well as the struggle to secure mobile devices in a new Cisco study.24 February 2020
Apple Takes Heat Over ‘Vulnerable’ iOS Cut-and-Paste Data
Software developer builds a malicious proof-of-concept iOS app that can read data temporarily saved to the device’s clipboard.
24 February 2020
Forget passwords: Secure yourself with a passphrase and these tools
Passphrases are much stronger than ordinary passwords -- and a heck of a lot easier to remember. But that's only the start to securing yourself on today's hostile internet. Here's how to protect yourself.24 February 2020
SSRF 101: How Server-Side Request Forgery Sneaks Past Your Web Apps
Server-side request forgery is a dangerous attack method that is also becoming an issue for the cloud. Here are some of the basics to help keep your Web server from turning against you.
24 February 2020
Enterprise Cloud Use Continues to Outpace Security
Nearly 60% of IT and security pros say deployment of business services in the cloud has rushed past their ability to secure them.24 February 2020
Zyxel Fixes 0day in Network Storage Devices
Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them. The patch comes 12 days after KrebsOnSecurity alerted the company that precise instructions for exploiting the vulnerability were being sold for $20,000 in the cybercrime underground. Based in Taiwan, Zyxel Communications Corp. (a.k.a "ZyXEL") is a maker of networking devices, including Wi-Fi routers, NAS products and hardware firewalls. The company has roughly 1,500 employees and boasts some 100 million devices deployed worldwide. While in many respects the class of vulnerability addressed in this story is depressingly common among Internet of Things (IoT) devices, the flaw is notable because it has attracted the interest of groups specializing in deploying ransomware at scale.24 February 2020
Solving the Cloud Data Security Conundrum
Trusting the cloud involves a change in mindset. You must be ready to use runtime encryption in the cloud.24 February 2020
Latest Security News from RSAC 2020
Check out Dark Reading's updated, exclusive coverage of the news and security themes that are dominating RSA Conference 2020 in San Francisco.24 February 2020
Data Breach Occurs at Agency in Charge of Secure White House Communications
A leak at the Defense Information Systems Agency exposed personal information of government employees, including social security numbers.
24 February 2020
7 Tips to Improve Your Employees' Mobile Security
Security experts discuss the threats putting mobile devices at risk and how businesses can better defend against them.
24 February 2020
Cybersecurity alliance launches first open source messaging framework for security tools
OpenDXL Ontology is designed for data and command sharing between cybersecurity software.24 February 2020
Is your phone listening to you?
Do social media listen in on our conversations in order to target us with ads? Or are we just a bit paranoid? A little test might speak a thousand words.
The post Is your phone listening to you? appeared first on WeLiveSecurity
24 February 2020
LTE security flaw can be abused to take out subscriptions at your expense
Researchers say the vulnerability impacts “virtually all” smartphones on the market.24 February 2020
Slickwraps says customer trust was ‘violated’ in data breach caused by glaring security holes
A security researcher’s warnings were reportedly ignored.24 February 2020
Careers in Cybersecurity
Have you considered a career in Cybersecurity? It is a fast-paced, highly dynamic field with a huge number of specialties to choose from, including forensics, endpoint security, critical infrastructure, incident response, secure coding, and awareness and training. In addition, a career in cybersecurity allows you to work almost anywhere in the world, with amazing benefits and an opportunity to make a real difference. However, the most exciting thing is you do NOT need a technical background, anyone can get started.24 February 2020
All About SASE: What It Is, Why It's Here, How to Use It
Secure Access Service Edge is a new name for a known and growing architecture designed to strengthen security in cloud environments.22 February 2020
Emotet Malware Rears Its Ugly Head Again
A resurgence in Emotet malware may make it one of the most pervasive security threats of 2020.21 February 2020
Lawsuit Claims Google Collects Minors’ Locations, Browsing History
A new lawsuit alleges that Google’s G Suite for Education program covertly collects data from students, violating both COPPA and other data privacy regulations.
21 February 2020