Cybersecurity News
What Disney+ Can Teach Businesses About Customer Security
Businesses must prioritize customer protection by taking on some of the responsibility to prevent credential stuffing attacks through multipronged authentication and identity management.Brave deemed most private browser in terms of 'phoning home'
The new Microsoft Edge and the Yandex Browser deemed the most data greedy.UK Home Office breached GDPR 100 times through botched management of EU Settlement Scheme
ID cards sent to the wrong addresses, third party data disclosures, and lost passports are only some examples of mishandling.Swiss government submits criminal complaint over CIA Crypto spying scandal
US and German intelligence deliberately implemented backdoors in Crypto AG systems to eavesdrop on governments worldwide.China: new internet censorship rules raise fears of renewed crackdown
Controls on the ‘online information content ecosystem’ bring heightened concern about freedom of speech
Sweeping new internet censorship rules have gone into effect in China, prompting concerns that authorities will further control information and online debate as the country reels from the coronavirus outbreak.
China’s cybersecurity administration has since Saturday implemented a set of new regulations on the governance of the “online information content ecosystem” that encourage “positive” content while barring material deemed “negative” or illegal.
Related: ‘They’re chasing me’: the journalist who wouldn’t stay quiet on Covid-19
Related: Dramatic fall in China pollution levels ‘partly related’ to coronavirus
Continue reading...Scamming You Through Social Media
You may be aware that cyber attacks will try to trick you over the phone or through email using phishing attacks, but do you realize they may try to attack you also over Social Media, such as through Snapchat, Twitter, Facebook or LinkedIn? Just like in email, if you get any Social Media messages that are highly urgent or too good to be true, it may be an attack.Hackers are actively exploiting zero-days in several WordPress plugins
There's quite the WordPress p0wnage going on right now.Walgreens says mobile app leaked users' personal data
US pharmacy store says mobile app exposed names, prescription details, and shipping addresses.Meet the white-hat group fighting Emotet, the world's most dangerous malware
A private group of 20+ security researchers and system administrators have been waging a silent war against Emotet, today's most dangerous malware operation.FCC Proposes to Fine Wireless Carriers $200M for Selling Customer Location Data
The U.S. Federal Communications Commission (FCC) today proposed fines of more than $200 million against the nation's four largest wireless carriers for selling access to their customers' location information without taking adequate precautions to prevent unauthorized access to that data. While the fines would be among the largest the FCC has ever levied, critics say the penalties don't go far enough to deter wireless carriers from continuing to sell customer location data.New Trickbot Delivery Method Focuses on Windows 10
Researchers discover attackers abusing the latest version of the remote desktop ActiveX control class introduced for Windows 10.Bruce Schneier Proposes ‘Hacking Society’ for a Better Tomorrow
The security industry has the perfect skillset and adversarial defense outlook to deal with some of the emerging societal issues in today's world, said security technologist Bruce Schneier.
6 Truths About Disinformation Campaigns
Disinformation goes far beyond just influencing election outcomes. Here's what security pros need to know.
Exploitation, Phishing Top Worries for Mobile Users
Reports find that mobile malware appears on the decline, but the exploitation of vulnerabilities along with phishing has led to a rise in compromises, experts say.Week in security with Tony Anscombe
ESET research uncovers a vulnerability in Wi-Fi chips – How to protect yourself against tax refund fraud – Clearview AI suffers a data breach
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Reducing Risk with Data Minimization
Putting your company on a data diet that reduces the amount of the sensitive data you store or use is a smart way to achieve compliance with GDPR and CCPA.Ghostcat bug impacts all Apache Tomcat versions released in the last 13 years
Ghostcat vulnerability can allow hackers to read configuration files or plant backdoors on Tomcat servers.Facebook, Google, Twitter spark mutiny over Pakistan censorship demands
The companies have joined forces in a threat to abandon the country entirely.Firefox turns on DNS over HTTPS by default for US users
People in other parts of the world also have the option to flip on DNS encryption
The post Firefox turns on DNS over HTTPS by default for US users appeared first on WeLiveSecurity
RSAC 2020: Ransomware a ‘National Crisis,’ CISA Says, Ramps ICS Focus
The federal agency plans a slew of initiatives to address industrial control security this year.