Cybersecurity News


100M Users' Data Exposed via Third-Party Cloud Misconfigurations

Researchers who examined 23 Android apps report developers potentially exposed the data of more than 100 million people.
20 May 2021

Security Providers Describe New Solutions (& Growing Threats) at RSAC

SPONSORED CONTENT: Watch now -- Leading security companies meet Dark Reading in the RSA Conference Broadcast Alley to talk about tackling insider threat, SOC complexity, cyber resilience, mobile security, attacker evasion, supply chain threats, ransomware, and more.
20 May 2021

Cost Savings, Better Security Drive Adoption of Emerging Technologies

However, senior technology managers express concerns about whether their current infrastructure can properly safeguard them.
20 May 2021

The Gig Economy Creates Novel Data-Security Risks

The Gig Economy Creates Novel Data-Security Risks Enterprises are embracing on-demand freelance help -- but the practice, while growing, opens up entirely new avenues of cyber-risk.
20 May 2021

Just published: SPoC Unsupported Operating Systems Annex

 

The PCI Security Standards Council (PCI SSC) has published a new, optional, Software-based PIN Entry on COTS (SPoC)™ Annex for Unsupported Operating Systems (“Unsupported OS Annex”) version 1.0. The purpose of this Annex is to provide additional security and testing requirements to allow solution providers to develop SPoC solutions that merchants can use on commercial off-the-shelf (COTS) devices with unsupported operating systems. The Unsupported OS Annex incorporates stakeholder feedback and comments received via a formal request for comment (RFC) period.

In this post we talk with PCI SSC SVP and Standards Officer Emma Sutcliffe about the new Annex.

20 May 2021

Android 12 will give you more control over how much data you share with apps

An all-new privacy dashboard and better location, microphone and camera controls are all aimed at curbing apps’ data-slurping habits

The post Android 12 will give you more control over how much data you share with apps appeared first on WeLiveSecurity

20 May 2021

3 Ways Anti-Vaxxers Will Undercut Security With Misinformation

Misinformation campaigns thrive on inequality of knowledge, which bad actors use to drive a wedge between communities.
20 May 2021

Four Android Bugs Being Exploited in the Wild

Four Android Bugs Being Exploited in the Wild On Wednesday, Google quietly slipped updates into its May 3 Android security bulletin for bugs that its Project Zero group has confirmed are zero-days.
20 May 2021

2021 Attacker Dwell Time Trends and Best Defenses

2021 Attacker Dwell Time Trends and Best Defenses The time that attackers stay hidden inside an organization’s networks is shifting, putting pressure on defenders and upping the need to detect and respond to threats in real-time.
20 May 2021

How 2 New Executive Orders May Reshape Cybersecurity & Supply Chains for a Post-Pandemic World

A modernized US technology strategy must account for the growing ideological divide between authoritarians and democracies over the use of cyber and emerging technologies.
20 May 2021

Fraudsters employ Amazon ‘vishing’ attacks in fake order scams

Case studies highlight how scam artists are using voice messages to dupe their victims into handing over credentials or cash.
20 May 2021

Apple Exec Calls Level of Mac Malware ‘Unacceptable’

Apple Exec Calls Level of Mac Malware ‘Unacceptable’ Company is using threat of attacks as defense in case brought against it by Epic Games after Fortnite was booted from the App Store for trying to circumvent developer fees.
20 May 2021

Android apps exposed data of millions of users through cloud authentication failures

Malicious apps are not the only security problem on our handsets: misconfiguration can also put us at risk.
20 May 2021

Colonial Pipeline CEO: Paying DarkSide ransom was the ‘right thing to do for the country’

The chief executive has confirmed the payment of a $4.4 million ransom.
20 May 2021

Unique Passwords

Make sure each of your accounts has a separate, unique password. Can't remember all of your passwords/passphrases? Consider using a password manager to securely store all of them for you.
20 May 2021

Cobalt Strike Becomes a Preferred Hacking Tool by Cybercrime, APT Groups

Incident response cases and research show how the red-team tool has become a become a go-to for attackers.
19 May 2021

SolarWinds CEO: Attack Began Much Earlier Than Previously Thought

Investigation shows threat actors began probing SolarWinds' network in January 2019, according to Sudhakar Ramakrishna.
19 May 2021

Google Chrome Makes It Easier to Update Compromised Passwords

A new capability will use Google's Duplex technology to alert people when their passwords are compromised and help change them.
19 May 2021

Can Nanotech Secure IoT Devices From the Inside-Out?

Can Nanotech Secure IoT Devices From the Inside-Out? Work's being done with uber-lightweight nanoagents on every IoT device to stop malicious behavior, such as a scourge of botnet attacks, among other threats.
19 May 2021

Attackers Took 5 Minutes to Start Scanning for Exchange Server Flaws

Research underscores the acceleration of attack activity and points to a growing concern that defenders can't keep pace.
19 May 2021