---

The more cybersecurity tools an enterprise deploys, the less effective their defense is

New research highlights how throwing money indiscriminately at security doesn’t guarantee results.

---

Google removes 25 Android apps caught stealing Facebook credentials

The malicious apps were downloaded more than 2.34 million times.

---

COVID‑19 contact tracing – technology panacea or privacy nightmare?

Can a technological intervention stem the pandemic while avoiding the privacy pitfalls of location tracking?

The post COVID‑19 contact tracing – technology panacea or privacy nightmare? appeared first on WeLiveSecurity

---

US Cyber Command says foreign hackers will most likely exploit new PAN-OS security bug

Palo Alto Networks disclosed today a major bug that lets hackers bypass authentication on its firewall and corporate VPN products.

---

US Cyber Command says foreign hackers will attempt to exploit new PAN-OS security bug

Palo Alto Networks disclosed today a major bug that lets hackers bypass authentication on its firewall and corporate VPN products.

---

University of California SF Pays Ransom After Medical Servers Hit

As one of at least three universities hit in June, the school paid $1.14 million to cybercriminals following an attack on "several IT systems" in the UCSF School of Medicine.

---

Russian Cybercriminal Behind CardPlanet Sentenced to 9 Years

Aleksei Burkov will go to federal prison for operating two websites built to facilitate payment card fraud, hacking, and other crimes.

---

HackerOne Reveals Top 10 Bug-Bounty Programs

Rankings based on total bounties paid, top single bounty paid, time to respond, and more.

---

REvil Ransomware Gang Adds Auction Feature for Stolen Data

An anonymous bidding mechanism enhances the REvil group's double-extortion game.

---

A hacker gang is wiping Lenovo NAS devices and asking for ransoms

Ransom notes signed by 'Cl0ud SecuritY' hacker group are being found on old LenovoEMC NAS devices.

---

Tuesday’s Magento 1 EOL Leaves Clock Ticking on 100K Online Stores

Adobe and payment-card companies are making last-minute pleas for e-commerce sites to update to Magento 2, to avoid Magecart attacks and more.

---

Files Stolen from 945 Websites Discovered on Dark Web

Researchers who found the archived SQL files estimate up to 14 million people could be affected.

---

AWS Facial Recognition Platform Misidentified Over 100 Politicians As Criminals

Comparitech’s Paul Bischoff found that Amazon’s facial recognition platform misidentified an alarming number of people, and was racially biased.

---

Unpatched Wi-Fi Extender Opens Home Networks to Remote Control

The Homeplug device, from Tenda, suffers from web server bugs as well as a DoS flaw.

---

India bans 59 Chinese apps, including TikTok, UC Browser, Weibo, and WeChat

Indian government ban comes after the Indian military has clashed with Chinese forces on the country's northern border.

---

HackerOne's 2020 Top 10 public bug bounty programs

The HackerOne bug bounty platform reveals its most successful bug bounty programs.

---

Tall Order for Small Businesses: 3 Tips to Find Tailored Security Solutions

SMBs are responsible for nearly 44% of US economic activity, but given the current climate, it can be difficult for them to find available and/or affordable resources.

---

Michigan tackles compulsory microchip implants for employees with new bill

RFID implants for workers are not an issue now, but the state wants to get ahead on what could become a huge privacy problem in the future.

---

SEC warns off investment in iBSmartify Nigeria cryptocurrencies

iBledger and InksNation are unregistered, and therefore a financial risk outside of the local commission’s regulatory protections.

---

Remote access at risk: Pandemic pulls more cyber‑crooks into the brute‑forcing game

Poorly secured remote access attracts mostly ransomware gangs, but can provide access to coin miners and backdoors too

The post Remote access at risk: Pandemic pulls more cyber‑crooks into the brute‑forcing game appeared first on WeLiveSecurity