News

alone at night along a dimly lit path / security / suspicious / threat / hacker

a hooded figure targets a coding vulnerability

Are zero-day exploits the new norm?

Research from Microsoft's Matt Miller shows that every actively exploited Windows vulnerability in 2017 was first done using a zero-day attack. Other research shows this trend extends across the IT landscape.

capitol dome congress

The cybersecurity legislation agenda: 5 areas to watch

The 116th Congress is only a few months old, but far-reaching cybersecurity bills to protect infrastructure and the supply chain, ensure election integrity, and build a security workforce are now being considered. Here’s the list.

botnet

IoT botnets target enterprise video conferencing systems

WootCloud researchers have discovered a trio of IoT botnets based on Mirai that exploit Polycom video conferencing systems. Polycom has issued an advisory and best practices for mitigating the risk.

A hooded man in a halloween mask raises a finger to his lips to encourage silence.

North Korean hackers target Russian-based companies

The North Korean Lazarus APT group is going after the Russians. Russian hackers, however, needed less than 20 minutes in 2018 to completely pwn an organization.

Electronic Health Records [EHR] / digital medical data, monitor health status, doctor, laptop

2.7M recorded medical calls, audio files left unprotected on web

Every call made to 1177 Swedish Healthcare Guide service since 2013, and answered by the subcontractor Medicall, was stored on an unprotected server.

vulnerable cryptojacking hacking breach security

Attackers place cryptojacking apps in the Microsoft App Store

Microsoft has removed eight applications from its app store for Windows that were mining Monero cryptocurrency without users' knowledge.

intro data breach circuit board technology security

Data breaches exposed 5 billion records in 2018

New report from Risk Based Security shows a downward trend in number breaches and exposed records, Unclear if privacy regulations like GDPR are having an effect.

jobs collaboration careers network

Security executives on the move and in the news

Find up-to-date news of CSO, CISO and other senior security executive appointments.

man sitting on chair on dirt road tornado overwhelmed overworked stressed disruption disaster recov

Disastrous cyber attack on email provider wipes US servers and backups

A cyber attack on email provider VFEmail caused “catastrophic destruction,” with hackers wiping the servers and backups.

xiaomi m365 scooter

Popular electric scooters can be remotely hacked

Researchers warned that Xiaomi M365 scooters can be remotely hacked from 100 meters away to slam on the brakes or to accelerate.

Android robot and gears emerging from isometric mobile phone screen

Android phones can be hacked remotely by viewing malicious PNG image

Android users are being told to patch their Android OS Nougat (7.0), Oreo (8.0) and Pie (9.0) as soon as updates are available after a bug related to PNG images was found.

Cloud Security

CrowdStrike Store opens its endpoint security agent to other vendors

CrowdStrike will share data its cloud-based endpoint security platform collects to give customers more options while minimizing compatibility and performance concerns.

tt19 001 thumbnail
video

IoT and retail tech pushes envelope in 2019: TECH(talk)

What's ahead for Internet of Things technology in 2019? Prepare for more location-based advertising, warehouse robotics, and concepts such as the no-line, no-checkout Amazon Go store.

fight shadow

Vendor allegedly assaults security researcher who disclosed massive vulnerability

A security researcher alleges the COO of Atrient assaulted and threatened him after disclosing a massive vulnerability in an Atrient product.

5 gdpr compliant notification documentation

Report: Over 59,000 GDPR data breach notifications, but only 91 fines

The low number of fines relative to the volume of reported breaches might be due to over-extended regulators, says a DLA Piper report.

10 threat landscape apocalypse ruins

Add cybersecurity to Doomsday Clock concerns, says Bulletin of Atomic Scientists

The Doomsday Clock, once a ritual feature of the Cold War, warns that cybersecurity issues like IoT and cyber-enabled information warfare endanger humanity.

Nest Secure

Nest Secure had a secret microphone, can now be a Google Assistant

The Nest Secure system had secret microphone that can now make the Nest Guard security hub double as Google Assistant device.

data security

451 Research: Security is top data management challenge

A survey of highly qualified data management professionals by 451 Research shows that growing data volumes have made security their biggest concern.

Load More