News

ccleaner

Avast pulls CCleaner version that lacked privacy options after backlash

Avast-owned Piriform reverted to a previous version of CCleaner in response to user outrage over its new data collection policy that had no privacy options.

jobs collaboration careers network

Security executives on the move and in the news

Find up-to-date news of CSO, CISO and other senior security executive appointments.

quantum

How quantum computers will destroy and (maybe) save cryptography

Quantum computers advance mean we might have only a few years before they can break all public key encryption. The day when every secret is known is near.

vulnerable virus breach hacked cyber attack

Reddit discloses hack, says SMS intercept allowed attackers to skirt 2FA protections

Reddit, one of the largest websites on the internet, announced on Wednesday that someone was able to compromise staff accounts at their cloud and source code hosting providers, leaving backups, source code, and various logs exposed.

FinTech abstract / virtual world of dollars, pounds, euros, bitcoins, etc.

Bounty for hacking the ‘unhackable’ Bitfi wallet jumps from $100K to $250K

Toss around claims about a device being unhackable, and they will come for you. Amid the drama, McAfee upped the bounty for hacking the Bitfi hardware crypto wallet to $250,000.

locked door with key

How pervasive is the insider threat in your company?

The Dtex 2018 Threat Report finds that 100 percent of companies have blind spots when it comes to the insider threat.

Bug bounty program

$10,000 for hacking HP printers: First bug bounty program for printer security

HP invited 34 security researchers to participate in its bug bounty program for printers, offering up to $10,000 per bug.

Samsung SmartThings

Researchers reveal 20 vulnerabilities in Samsung SmartThings Hub

Samsung released firmware to patch 20 flaws that if exploited, could have let attackers remotely control and even physically damage IoT gadgets connected the SmartThings Hub.

Man on phone in airport

Secret Quiet Skies surveillance program tracks citizens not suspected of wrongdoing

The TSA has a secret, domestic Quiet Skies surveillance program that includes federal air marshals tracking U.S. travelers not under investigation or suspected of wrongdoing.

The word eMail spelled out with computer keys

C-suite is a weak link when it comes to email-based attacks

Phishing and impersonation attacks are up, and the C-suite is the weak link in email-borne attacks.

Hacker in hoodie holding up finger to be quiet secret

Rapid7 penetration tests reveal multitude of software flaws, network misconfigurations

In 268 penetration tests, Rapid7’s testers exploited software flaws 84% of the time, abused network misconfigurations 80% of the time, and captured credentials 53% of the time.

cyber terrorism dynamite explosion blow up binary detinate

Can cyber insurance cover acts of cyber terrorism?

Cyber insurance policies do not typically cover physical destruction or loss of life, but the UK government-backed reinsurer, Pool Re, announced this year it will cover acts of cyber officially deemed "terrorism" by Her Majesty's...

cloud security data breach crime accessible

Unsecured server exposes 157 GB of highly sensitive data from Tesla, Toyota and more

A publicly accessible server belonging to Level One Robotics and Controls exposed 157 GB of highly sensitive data from hundreds of companies, including Tesla, Toyota and Ford.

iot network

Half a billion smart devices vulnerable to decade-old DNS rebinding attacks

Researchers warned that 496 million smart devices used by enterprises are vulnerable to DNS rebinding attacks.

allscripts health care ransomware bitcoin

Samsam infected thousands of LabCorp systems via brute force RDP

LabCorp, one of the largest clinical labs in the U.S., said the Samsam ransomware attack that forced their systems offline was contained quickly and didn't result in a data breach. However, in the brief time between detection and...

windows bugs crashes

Microsoft’s Identity Bug Bounty program pays up to $100,000

Microsoft’s new Identity Bounty program offers payouts of up to $100,000 for bugs in its identity solutions, as well as bugs in select OpenID standards.

passwords

What is single sign-on? How SSO improves security and the user experience

Password fatigue, cloud sprawl and developer simplicity are pushing the rise of SSO.

walmart registers

Walmart teamed up with Microsoft to take on their rival Amazon

Walmart, Amazon’s largest retail rival, inked a five-year agreement to use Amazon Web Services rival Azure as well as other Microsoft AI and machine learning projects.

hacker

IoT search engine ZoomEye cached passwords for tens of thousands of Dahua DVRs

IoT search engine ZoomEye scanned and stored Dahua DVR login credentials for anyone to find. Users should update vulnerable firmware before someone hacks the device.

spying tv

Lawmakers ask FTC to investigate smart TV privacy concerns

Two senators, alarmed about the potential of smart TVs to spy on users, asked the FTC to investigate the privacy policies and practices of smart TV manufacturers.

Load More