🛡 Cybersecurity & Privacy 🛡 - News

CISO Pressures: Why the Role Stinks and How to Fix It

CISOs spend much less time in their role than other members of the boardroom. It's a serious problem that must be addressed.

64 views14:10

❌ Equifax to Pay $700 Million in 2017 Data Breach Settlement ❌

Equifax will dish out as much as $700 million on the heels of its infamous 2017 data breach that impacted 150 million customers.

📖 Read

via "Threatpost".

Equifax to Pay $700 Million in 2017 Data Breach Settlement

Equifax will dish out as much as $700 million on the heels of its infamous 2017 data breach that impacted 150 million customers.

56 views14:35

🕴 Ex-NSA Contractor Gets 9 Years for Retaining Defense Data 🕴

Law enforcement recovered two decades' worth of stolen material from the home and car of former government contractor Harold Martin.

📖 Read

via "Dark Reading: ".

Ex-NSA Contractor Gets 9 Years for Retaining Defense Data

Law enforcement recovered two decades' worth of stolen material from the home and car of former government contractor Harold Martin.

50 views14:49

4 ways to avoid malware on Android

🔐 4 ways to avoid malware on Android 🔐

Users can avoid malware on their Android devices if they follow four, easy tips.

📖 Read

via "Security on TechRepublic".

TechRepublic

Users can avoid malware on their Android devices if they follow four, easy tips.

63 views14:55

❌ Large-Scale Government Hacks Hit Russia, Bulgaria ❌

The Bulgarian attack impacted almost tax information for the entire country.

📖 Read

via "Threatpost".

Large-Scale Government Hacks Hit Russia, Bulgaria

The Bulgarian attack impacted almost tax information for the entire country.

50 views16:05

40% of enterprises experienced Office 365 credential theft, report finds

🔐 40% of enterprises experienced Office 365 credential theft, report finds 🔐

While 80% of organizations use more than the default security provided by Office 365, additional measures are needed to secure enterprise email.

📖 Read

via "Security on TechRepublic".

TechRepublic

While 80% of organizations use more than the default security provided by Office 365, additional measures are needed to secure enterprise email.

48 views16:10

ATENTION‼ New - CVE-2018-2024

IBM QRadar SIEM 7.2 and 7.3 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 155350.

📖 Read

via "National Vulnerability Database".

51 views16:28

ATENTION‼ New - CVE-2018-13927

Debug policy with invalid signature can be loaded when the debug policy functionality is disabled by using the parallel image loading in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCS404, QCS605, SD 410/12, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SXR1130

📖 Read

via "National Vulnerability Database".

53 views16:28

ATENTION‼ New - CVE-2018-13924

Lack of check to prevent the buffer length taking negative values can lead to stack overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA6174A, QCA8081, QCS404, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130

📖 Read

via "National Vulnerability Database".

56 views16:28

ATENTION‼ New - CVE-2018-13896

XBL_SEC image authentication and other crypto related validations are accessible to a compromised OEM XBL Loader due to missing lock at XBL_SEC stage.. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCS404, QCS605, Qualcomm 215, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130

📖 Read

via "National Vulnerability Database".

63 views16:28

❌ Amazon Alexa, Google Home On Collision Course With Regulation ❌

Threatpost talks to Tim Mackey with Synopsys about recent Amazon Echo and Google Home privacy faux pas. Will GDPR and other regulations catch up to the voice assistants?

📖 Read

via "Threatpost".

Amazon Alexa, Google Home On Collision Course With Regulation

Threatpost talks to Tim Mackey with Synopsys about recent Amazon Echo and Google Home privacy faux pas. Will GDPR and other regulations catch up to the voice assistants?

64 views16:35

🕴 Firmware Vulnerabilities Show Supply Chain Risks 🕴

A recently announced pair of vulnerabilities in server firmware could put enterprise IT at risk.

📖 Read

via "Dark Reading: ".

Firmware Vulnerabilities Show Supply Chain Risks

A recently announced pair of vulnerabilities in server firmware could put enterprise IT at risk.

52 views17:14

Equifax to Pay Upwards of $700 Million in Data Breach Settlement

🔏 Equifax to Pay Upwards of $700 Million in Data Breach Settlement 🔏

Once approved, the settlement will be the largest ever paid by a company over a data breach.

📖 Read

via "Subscriber Blog RSS Feed ".

Digital Guardian

Once approved, the settlement will be the largest ever paid by a company over a data breach.

53 views19:11

❌ Tackling the Collaboration Conundrum ❌

Enterprises should recognize the data security risk that Slack, Teams or TeamViewer could introduce and address it.

📖 Read

via "Threatpost".

Tackling the Collaboration Conundrum

Enterprises should recognize the data security risk that Slack, Teams or TeamViewer could introduce and address it.

49 views19:50

❌ Critical RCE Flaw in Palo Alto Gateways Hits Uber ❌

The bug is previously unknown but yet still fixed in later releases. However, many organizations are likely still vulnerable.

📖 Read

via "Threatpost".

Critical RCE Flaw in Palo Alto Gateways Hits Uber

The bug is previously unknown but yet still fixed in later releases. However, many organizations are likely still vulnerable.

48 views20:55

🕴 How Cybercriminals Break into the Microsoft Cloud 🕴

Microsoft and Trimarc researchers explore the most common attacks against the cloud and effective defenses and mitigation.

📖 Read

via "Dark Reading: ".

How Cybercriminals Break into the Microsoft Cloud

Microsoft and Trimarc researchers explore the most common attacks against the cloud and effective defenses and mitigation.

56 views22:09

Equifax to Pay Up to $700mn for Data Breach Damages

🕴 Equifax to Pay Up to $700mn for Data Breach Damages 🕴

In a settlement with the FTC, consumers affected by the breach are eligible for up to $20,000 in a cash settlement, depending on damages they can prove.

📖 Read

via "Dark Reading: ".

Dark Reading

In a settlement with the FTC, consumers affected by the breach are eligible for up to $20,000 in a cash settlement, depending on damages they can prove.

56 views22:29

FSB hackers drop files online

⚠ FSB hackers drop files online ⚠

A hacking group that distributed files stolen from a Russian contractor to the media last week has published some of the documents online.

📖 Read

via "Naked Security".

Naked Security

A hacking group that distributed files stolen from a Russian contractor to the media last week has published some of the documents online.

58 views09:55

Your Android’s accelerometer could be used to eavesdrop on your calls

⚠ Your Android’s accelerometer could be used to eavesdrop on your calls ⚠

Researchers have created an attack called Spearphone that uses the motion sensors in Android phones to listen to phone calls, interactions with your voice assistant, and more.

📖 Read

via "Naked Security".

Naked Security

Researchers have created an attack called Spearphone that uses the motion sensors in Android phones to listen to phone calls, interactions with your voice assistant, and more.

59 views10:16

Big password hole in iOS 13 beta spotted by testers

⚠ Big password hole in iOS 13 beta spotted by testers ⚠

A security clanger has been spotted in the current beta version of iOS 13 which allows anyone to access a user’s stored web and app passwords without having to authenticate.

📖 Read

via "Naked Security".

Naked Security

A security clanger has been spotted in the current beta version of iOS 13 which allows anyone to access a user’s stored web and app passwords without having to authenticate.

47 views10:25