Popular News
10 hours ago Google to remove Chrome's built-in XSS protection (XSS Auditor)
ZDNet View Synopsis+1XSS Auditor became too inefficient at blocking XSS attacks, and a chore to maintain.
10 hours ago Amadeus! Amadeus! Pwn me Amadeus! Airline check-in bug may have exposed all y'all boarding passes to spies
The Register View Synopsis+1Patched IDOR hole would have been child's play to exploitA now-patched vulnerability in the Amadeus flight reservation system - used by airlines around the planet - could, or may, have been exploited by miscreants to view strangers' boarding passes.…
14 hours ago Symantec Shares Plunge After Reports of Broadcom Deal Stall
SecurityWeek View Synopsis+1Shares of cybersecurity giant Symantec plunged on Monday following reports that the company's acquisition talks with Broadcom have stalled due to a disagreement over price.
Several major news outlets reported in early July that chipmaker Broadcom had been in advanced talks to acquire Symantec in a deal that could exceed $15 billion.
12 hours ago Singapore's public sector to adopt new measures to tighten data security
ZDNet View Synopsis+1Following a "stocktake" of the public sector's security practices, Singapore's government agencies will roll out "technical measures" for existing as well as new systems to beef up data security standards, including automated detection of emails containing sensitive information and stronger encryption for files.
Top News
1 day ago New old Windows bug emerges, your 'strong' password is anything but, plus plenty more
The Register View Synopsis+1What you need to know from infosec land latelyRoundup Here is a brief look at some of the other security stories floating around right now.…
1 day ago New Election Systems Use Vulnerable Software
SecurityWeek View Synopsis+1WASHINGTON (AP) - Pennsylvania's message was clear: The state was taking a big step to keep its elections from being hacked in 2020. Last April, its top election official told counties they had to update their systems. So far, nearly 60% have taken action, with $14.15 million of mostly federal funds helping counties buy brand-new electoral systems.
1 day ago Payment Fraud: Criminals Enroll Stolen Cards on Apple Pay
InfoRiskToday View Synopsis+1Fraud Fighters Also See Spikes in ATM Malware, Card Enrollment as a ServiceFraudsters continue to get new tricks up their sleeves. Criminals are increasingly using Apple Pay, setting up mobile call centers to socially engineer victims as well as tricking consumers via fake e-commerce sites that never fulfill orders, fraud-fighting experts warn.
1 day ago Top 5 cybersecurity challenges for CISOs
TechRepublic View Synopsis+1CISOs must drive business strategy amid an expanded attack surface and increasing security complexity, according to Fortinet.
1 day ago Visa's vision for the future of payments is password-free
ZDNet View Synopsis+1A combination of technologies and collaboration from everyone involved to enable a password-free payments experience.
Latest News
11 hours ago Home Affairs floats making telcos retain MAC addresses and port numbers
ZDNet View Synopsis+1Soon it might just be easier for Australia's telcos to keep a copy of every TCP or UDP header for the cops to poke through.
4 hours ago How a Big Rock Revealed a Tesla XSS Vulnerability
InfoRiskToday View Synopsis+1Bug Hunter Sam Curry's Find Left Tesla Slightly Red FacedSoftware vulnerabilities sometimes have an uncanny knack of revealing themselves, even when a bug hunter is looking someplace else. Sam Curry's probing eventually revealed a cross-site scripting flaw in a Tesla service, which netted him a $10,000 bounty.
4 hours ago Extenbro DNS-Changer Used in Adware Campaign
SecurityWeek View Synopsis+1A recently observed DNS-changer Trojan is being used in an adware campaign to prevent users from accessing security-related websites, Malwarebytes reveals.
4 hours ago Permission-greedy apps delayed Android 6 upgrade so they could harvest more user data
ZDNet View Synopsis+1App devs delayed upgrading apps, but lost in the long run due to more negative reviews and less Play Store visibility.
4 hours ago Bulgaria Probes Russia-Linked Leak of Taxpayer Data
SecurityWeek View Synopsis+1Bulgaria ordered Tuesday a probe into the leak of a trove of taxpayer data in a Russia-linked cyberattack that was disclosed on the same day the former Soviet satellite nation moved to buy US-made F-16 jet fighters.
5 hours ago Thousands of Legacy Lenovo Storage Devices Exposed Millions of Files
SecurityWeek View Synopsis+1Cybersecurity firms Vertical Structure and WhiteHat Security on Tuesday reported that their researchers discovered a serious vulnerability that gave remote attackers access to millions of files stored on thousands of exposed Lenovo network-attached storage (NAS) devices.
5 hours ago OnDemand Webinar | The Power of AI to Disrupt Security Ops
InfoRiskToday View Synopsis+1How utilizing AI can and will be realistic for any security organization...Learn about the concept of autonomous security driven by AI, probability theory and advanced algorithms in this exclusive webinar.
6 hours ago Symantec intros CloudSOC Mirror Gateway for enterprise cloud access security
ZDNet View Synopsis+1The platform uses Symantec Web Isolation technology to deliver Cloud Access Security Broker (CASB) controls for unmanaged devices.
6 hours ago Patch now before you get your NAS kicked: Iomega storage boxes leave millions of files open to the internet
The Register View Synopsis+1API blunder exposes data, fix incoming from LenovoLenovo is emitting an emergency firmware patch for Iomega NAS devices after the network-attached storage boxes were discovered inadvertently offering millions of files to the internet via an insecure software interface.…
7 hours ago Phishing alert: 80% of companies lack DMARC policies to protect against spoofing
TechRepublic View Synopsis+1Despite being the industry standard for email authentication to prevent cyberattacks, DMARC policies aren't implemented by most companies , according to 250ok.
10 hours ago Security Flaw Exposed Valid Airline Boarding Passes
InfoRiskToday View Synopsis+1Amadeus Patches Check-In Software Used by Hundreds of AirlinesA vulnerability in global airline check-in software used by 500 airlines could have been exploited to download other individuals' valid boarding passes, potentially giving them access to restricted airport spaces, warns security expert David Stubley. The flaw in Amadeus travel software has now been fixed.
3 hours ago Maybe double-check that HMRC email? UK taxman remains a fave among the phisherfolk
The Register View Synopsis+1And Windows XP is alive and not well in the public sectorThe UK's National Cyber Security Centre (NCSC) has had another busy year trying to disrupt cybercrime.…
