π΄ Equifax to Pay Up to $700mn for Data Breach Damages π΄
π Read
via "Dark Reading: ".
In a settlement with the FTC, consumers affected by the breach are eligible for up to $20,000 in a cash settlement, depending on damages they can prove.π Read
via "Dark Reading: ".
Dark Reading
Equifax to Pay Up to $700mn for Data Breach Damages
In a settlement with the FTC, consumers affected by the breach are eligible for up to $20,000 in a cash settlement, depending on damages they can prove.
β FSB hackers drop files online β
π Read
via "Naked Security".
A hacking group that distributed files stolen from a Russian contractor to the media last week has published some of the documents online.π Read
via "Naked Security".
Naked Security
FSB hackers drop files online
A hacking group that distributed files stolen from a Russian contractor to the media last week has published some of the documents online.
β Your Androidβs accelerometer could be used to eavesdrop on your calls β
π Read
via "Naked Security".
Researchers have created an attack called Spearphone that uses the motion sensors in Android phones to listen to phone calls, interactions with your voice assistant, and more.π Read
via "Naked Security".
Naked Security
Your Androidβs accelerometer could be used to eavesdrop on your calls
Researchers have created an attack called Spearphone that uses the motion sensors in Android phones to listen to phone calls, interactions with your voice assistant, and more.
β Big password hole in iOS 13 beta spotted by testers β
π Read
via "Naked Security".
A security clanger has been spotted in the current beta version of iOS 13 which allows anyone to access a userβs stored web and app passwords without having to authenticate.π Read
via "Naked Security".
Naked Security
Big password hole in iOS 13 beta spotted by testers
A security clanger has been spotted in the current beta version of iOS 13 which allows anyone to access a userβs stored web and app passwords without having to authenticate.
π How organizations and employees can protect themselves against financial email scams π
π Read
via "Security on TechRepublic".
Fraudulent emails that try to trick their victims into conducting financial transactions amounted to losses of more than $1.2 billion in 2018, according to a new study from Symantec.π Read
via "Security on TechRepublic".
TechRepublic
How organizations and employees can protect themselves against financial email scams
Fraudulent emails that try to trick their victims into conducting financial transactions amounted to losses of more than $1.2 billion in 2018, according to a new study from Symantec.
π How businesses can reduce the financial impact of data breaches π
π Read
via "Security on TechRepublic".
The cost of a data breach has grown 12% over the past 5 years, hitting $3.92 million on average. Organizations can take steps to mitigate the financial damage, according to a new report.π Read
via "Security on TechRepublic".
TechRepublic
How businesses can reduce the financial impact of data breaches
The cost of a data breach has grown 12% over the past 5 years, hitting $3.92 million on average. Organizations can take steps to mitigate the financial damage, according to a new report.
π΄ Security Considerations in a BYOD Culture π΄
π Read
via "Dark Reading: ".
The 'bring your own device' movement has put security pros on high alert for a new breed of predator who is on the hunt to find ways to exploit the ever-expanding attack surface.π Read
via "Dark Reading: ".
Dark Reading
Security Considerations in a BYOD Culture
The 'bring your own device' movement has put security pros on high alert for a new breed of predator who is on the hunt to find ways to exploit the ever-expanding attack surface.
π΄ Planning a Bug Bounty Program? Follow Shopify's Example π΄
π Read
via "Dark Reading: ".
Four years, $1 million in payouts, and the identification of 950 bugs later, Shopify provides an excellent example for organizations looking to launch their own programs.π Read
via "Dark Reading: ".
Dark Reading
Planning a Bug Bounty Program? Follow Shopify's Example
Four years, $1 million in payouts, and the identification of 950 bugs later, Shopify provides an excellent example for organizations looking to launch their own programs.
π΄ DHS's Bob Kolasky Goes All in on Risk Management π΄
π Read
via "Dark Reading: ".
As director of the DHS's National Risk Management Center, measuring and managing risk for critical infrastructure across 16 industrial sectors, Kolasky stands at a busy crossroads.π Read
via "Dark Reading: ".
Dark Reading
DHS's Bob Kolasky Goes All in on Risk Management
As director of the DHS's National Risk Management Center, measuring and managing risk for critical infrastructure across 16 industrial sectors, Kolasky stands at a busy crossroads.
β Programmer from hell plants logic bombs to guarantee future work β
π Read
via "Naked Security".
At some dark moment, have you ever wondered: what if the programmers are adding the bugs deliberately?π Read
via "Naked Security".
Naked Security
Programmer from hell plants logic bombs to guarantee future work
At some dark moment, have you ever wondered: what if the programmers are adding the bugs deliberately?
π Top 5 things to know about service mesh π
π Read
via "Security on TechRepublic".
Service mesh helps balance your app infrastructure while still maintaining proper encryption and authentication. Tom Merritt discusses five things you need to know about service mesh.π Read
via "Security on TechRepublic".
TechRepublic
Top 5 things to know about service mesh
Service mesh helps balance your app infrastructure while still maintaining proper encryption and authentication. Tom Merritt discusses five things you need to know about service mesh.
π Top 5 things to know about service mesh π
π Read
via "Security on TechRepublic".
Service mesh helps balance your app infrastructure while still maintaining proper encryption and authentication. Tom Merritt discusses five things you need to know about service mesh.π Read
via "Security on TechRepublic".
TechRepublic
Top 5 things to know about service mesh
Service mesh helps balance your app infrastructure while still maintaining proper encryption and authentication. Tom Merritt discusses five things you need to know about service mesh.
π΄ The War for Cyber Talent Will Be Won by Retention not Recruitment π΄
π Read
via "Dark Reading: ".
Six steps for creating a work environment that challenges, stimulates, rewards, and constantly engages employees fighting the good fight against cybercriminals.π Read
via "Dark Reading: ".
Dark Reading
The War for Cyber Talent Will Be Won by Retention not Recruitment
Six steps for creating a work environment that challenges, stimulates, rewards, and constantly engages employees fighting the good fight against cybercriminals.
π Friday Five: 7/19 Edition π
π Read
via "Subscriber Blog RSS Feed ".
Microsoft's new phishing detection feature, an increase in cybersecurity spend, and more - catch up on the week's news with this round up.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 7/19 Edition
Microsoft's new phishing detection feature, an increase in cybersecurity spend, and more - catch up on the week's news with this round up.
π How risk management can help secure industrial IoT and big data π
π Read
via "Security on TechRepublic".
Read about approaches your company can take to manage IoT and big data cyber risks.π Read
via "Security on TechRepublic".
TechRepublic
How risk management can help secure industrial IoT and big data
Read about approaches your company can take to manage IoT and big data cyber risks.
β VLC Media Player Plagued By Unpatched Critical RCE Flaw β
π Read
via "Threatpost".
A patch does not yet exist for a critical buffer overflow vulnerability in VLC Media Player that could enable remote code execution.π Read
via "Threatpost".
Threat Post
Update: VLC Media Player Plagued By Unpatched Critical RCE Flaw
A patch does not yet exist for a critical buffer overflow vulnerability in VLC Media Player that could enable remote code execution.
ATENTIONβΌ New - CVE-2018-18669
π Read
via "National Vulnerability Database".
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board title contents" parameter, aka the adm/board_form_update.php bo_subject parameter.π Read
via "National Vulnerability Database".
β Popular Samsung, LG Android Phones Open to βSpearphoneβ Eavesdropping β
π Read
via "Threatpost".
A Spearphone attacker can use the accelerometer in LG and Samsung phones to remotely eavesdrop on any audio that's played on speakerphone, including calls, music and voice assistant responses.π Read
via "Threatpost".
Threat Post
Popular Samsung, LG Android Phones Open to βSpearphoneβ Eavesdropping
A Spearphone attacker can use the accelerometer in LG and Samsung phones to remotely eavesdrop on any audio that's played on speakerphone, including calls, music and voice assistant responses.
β SharePoint Online scam β sadly, phishingβs not dead β
π Read
via "Naked Security".
Not all phishes contain easily spotted errors or obviously dodgy web links - here's how to stay safe...π Read
via "Naked Security".
Naked Security
SharePoint Online scam β sadly, phishingβs not dead
Not all phishes contain easily spotted errors or obviously dodgy web links β hereβs how to stay safeβ¦
π΄ CISA Warns Public About the Risks of 5G π΄
π Read
via "Dark Reading: ".
Vulnerabilities include everything from physical risks through the supply chain to business risks.π Read
via "Dark Reading: ".
Dark Reading
CISA Warns Public About the Risks of 5G
Vulnerabilities include everything from physical risks through the supply chain to business risks.