---

RSAC Sets Finalists for Innovation Sandbox

The 10 finalists will each have three minutes to make their case for being the most innovative, promising young security company of the year.

---

RSAC Sets Finalists for Innovation Sandbox

The 10 finalists will each have three minutes to make their case for being the most innovative, promising young security company of the year.

---

Charming Kitten Uses Fake Interview Requests to Target Public Figures

APT group poses as a former Wall Street Journal journalist to launch phishing campaigns and steal victim email account details.

---

Dropbox Passes $1M Milestone for Bug-Bounty Payouts

The file-sharing service also disclosed details of past notable bugs for the first time.

---

Health Share of Oregon discloses data breach, theft of member PII

A break-in and stolen laptop are at the heart of the security incident.

---

Academics steal data from air-gapped systems using screen brightness variations

Israeli researchers use quick flickers in LCD screen brightness to encode and exfiltrate data.

---

Vixie: The Unintended Consequences of Internet Privacy Efforts

Paul Vixie says emerging encryption protocols for endpoints could 'break' security in enterprise - and even home - networks.

---

When Your Used Car is a Little Too ‘Mobile’

Many modern vehicles let owners use the Internet or a mobile device to control the car's locks, track location and performance data, and start the engine. But who exactly owns that control is not always clear when these smart cars are sold or leased anew. Here's the story of one former electric vehicle owner who discovered he could still gain remote, online access to his old automobile years after his lease ended.

---

Majority of Network, App-Layer DDoS Attacks in 2019 Were Small

Attacks turned to cheaper, shorter attacks to try and disrupt targets, Imperva analysis shows.

---

Department of Energy Adds Attivo Decoys for Critical Infrastructure Security

The decoys and lures will help redirect attacks away from devices that can't be protected through traditional means.

---

IoT Malware Campaign Infects Global Manufacturing Sites

The infection uses Lemon_Duck PowerShell malware variant to exploit vulnerabilities in embedded devices at manufacturing sites.

---

Emotet Preps for Tax Season with New Phishing Campaign

Malicious emails in a new attack campaign contain links and attachments claiming to lead victims to W-9 forms.

---

CamuBot Banking Trojan Returns In Targeted Attacks

The malware is back in targeted attacks against Brazilian banking customers, this time using a new technique that involves mobile app authorization.

---

What is a Privileged Access Workstation (PAW)?

Ask the Experts -- about a technological game of keep-away that protects the most precious resources from the greatest dangers.

---

Bug hunter finds cryptocurrency-mining botnet on DOD network

Monero-mining botnet infects one of the DOD's Jenkins servers.

---

Keeping Compliance Data-Centric Amid Accelerating Regulation

As the regulatory landscape transforms, it's still smart to stay strategically focused on protecting your data.

---

New Lemon Duck Malware Campaign Targets IoT, Large Manufacturers

Malware campaign targets global manufacturers that are still dependent on Windows 7 subsystems to run fleets of IoT endpoints.

---

Chrome to block intrusive video ads starting August 5, 2020

Google to implement new quality standard for video ads for Chrome, but also YouTube.

---

WhatsApp Bug Allows Malicious Code-Injection, One-Click RCE

A high-severity vulnerability could allow cybercriminals to push malware or remotely execute code, using seemingly innocuous messages.

---

Critical Cisco ‘CDPwn’ Protocol Flaws Explained: Podcast

The researcher behind the five critical Cisco flaws, collectively called CDPwn, talks about why Layer 2 protocols are under-researched when it comes to security vulnerabilities.