β Google throws bug bounty bucks at mega-popular third-party apps β
π Read
via "Naked Security".
Googleβs going to throw more bug bounty money at the problem of nasty apps in its Play Store, it announced on Thursday. In a post from the Android Security & Privacy teamβs Adam Bacchus, Sebastian Porst, and Patrick Mutchlerβ, the company said that itβs throwing the security net over not just its own apps, but [β¦]π Read
via "Naked Security".
Sophos
Google throws bug bounty bucks at mega-popular third-party apps β Naked Security
If an app has more than 100 million installs, Google will pay for bugs, even if the app makers already have their own bounty programs.
β Gamification Can Transform Company Cybersecurity Culture β
π Read
via "Threatpost".
Implementing game mechanics and competition into the mix can incentivize employees to improve their cybersecurity posture.π Read
via "Threatpost".
Threat Post
Gamification Can Transform Company Cybersecurity Culture
Implementing game mechanics and competition into the mix can incentivize employees to improve their cybersecurity posture.
π΄ ISAC 101: Unlocking the Power of Information π΄
π Read
via "Dark Reading: ".
How information sharing and analysis centers provide contextual threat information by creating communities that helps security professionals and their organizations grow in maturity and capability.π Read
via "Dark Reading: ".
Dark Reading
Cyber Risk recent news | Dark Reading
Explore the latest news and expert commentary on Cyber Risk, brought to you by the editors of Dark Reading
β WordPress sites are being backdoored with rogue admin users β
π Read
via "Naked Security".
A malvertising campaign has evolved to give hackers control of entire sites.π Read
via "Naked Security".
Naked Security
WordPress sites are being backdoored with rogue admin users
A malvertising campaign has evolved to give hackers control of entire sites.
β XKCD forums breached β
π Read
via "Naked Security".
How did the Correct Horse Battery get Stapled?π Read
via "Naked Security".
Naked Security
XKCD forums breached
How did the Correct Horse Battery get Stapled?
β FBI asks Google for help finding criminals β
π Read
via "Naked Security".
FBI agents issued Google with a warrant in November 2018, seeking its help with a bank robbery the month before.π Read
via "Naked Security".
Naked Security
FBI asks Google for help finding criminals
FBI agents issued Google with a warrant in November 2018, seeking its help with a bank robbery the month before.
β Chinaβs new face-swapping app Zao gets whiplash-fast privacy backlash β
π Read
via "Naked Security".
Fast trip: in two days, it debuted, shot to the top of China's App Store, sparked privacy outrage, and got banned by WeChat.π Read
via "Naked Security".
Naked Security
Chinaβs new face-swapping app Zao gets whiplash-fast privacy backlash
Fast trip: in two days, it debuted, shot to the top of Chinaβs App Store, sparked privacy outrage, and got banned by WeChat.
β βUSBAnywhereβ Bugs Open Supermicro Servers to Remote Attackers β
π Read
via "Threatpost".
Trivial-to-exploit authentication flaws can give an unsophisticated remote attacker 'omnipotent' control over a server and its contents.π Read
via "Threatpost".
Threat Post
βUSBAnywhereβ Bugs Open Supermicro Servers to Remote Attackers
Trivial-to-exploit authentication flaws can give an unsophisticated remote attacker 'omnipotent' control over a server and its contents.
β iPhone attack may have targeted Android and Windows too β
π Read
via "Naked Security".
A sophisticated and sustained watering hole attack affecting iPhones may have targeted Windows and Android too.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Data Leak Impacts Millions of Yves Rocher Cosmetics Company Customers β
π Read
via "Threatpost".
International cosmetics brand Yves Rocher found itself caught in a third-party data exposure incident that leaked the personal information of millions of customers.π Read
via "Threatpost".
Threat Post
Data Leak Impacts Millions of Yves Rocher Cosmetics Company Customers
International cosmetics brand Yves Rocher found itself caught in a third-party data exposure incident that leaked the personal information of millions of customers.
π Part 4: Why Frank Abagnale, security expert and inspiration for the hit movie Catch Me if You Can, likes blockchain and dislikes cryptocurrency π
π Read
via "Security on TechRepublic".
Frank Abagnale, the real life subject of the movie Catch Me If You Can, shares his views on blockchain, passwords, and cryptocurrency.π Read
via "Security on TechRepublic".
TechRepublic
Part 4: Why Frank Abagnale, security expert and inspiration for the hit movie Catch Me if You Can, likes blockchain and dislikesβ¦
Frank Abagnale, the real life subject of the movie Catch Me If You Can, shares his views on blockchain, passwords, and cryptocurrency.
π Why cybersecurity is a big problem for small businesses π
π Read
via "Security on TechRepublic".
Cybersecurity attacks can cripple small businesses that aren't prepared. TechRepublic's Karen Roby talks with a security expert about ransomware, phishing attacks, and inadequate IT defense plans.π Read
via "Security on TechRepublic".
TechRepublic
Why cybersecurity is a big problem for small businesses
Cybersecurity attacks can cripple small businesses that aren't prepared. TechRepublic's Karen Roby talks with a security expert about ransomware, phishing attacks, and inadequate IT defense plans.
π Why cybersecurity is a big problem for small businesses π
π Read
via "Security on TechRepublic".
Cybersecurity attacks can cripple small businesses that aren't prepared. TechRepublic's Karen Roby talks with a security expert about ransomware, phishing attacks, and inadequate IT defense plans.π Read
via "Security on TechRepublic".
TechRepublic
Why cybersecurity is a big problem for small businesses
Cybersecurity attacks can cripple small businesses that aren't prepared. TechRepublic's Karen Roby talks with a security expert about ransomware, phishing attacks, and inadequate IT defense plans.
π΄ Report: Iranian 'Mole' Carried Stuxnet to Iranian Nuclear Facility π΄
π Read
via "Dark Reading: ".
An engineer recruited by the Dutch intelligence agency AIVD helped bring to Iran's Natanz nuclear facility the malware via USB that ultimately infected systems there and sabotaged centrifuges, according to an exclusive report from Yahoo News.π Read
via "Dark Reading: ".
Darkreading
Report: Iranian 'Mole' Carried Stuxnet to Iranian Nuclear Facility
An engineer recruited by the Dutch intelligence agency AIVD helped bring to Iran's Natanz nuclear facility the malware via USB that ultimately infected systems there and sabotaged centrifuges, according to an exclusive report from Yahoo News.
β WordPress Plugins Anchor Widespread Malvertising, Rogue Backdoor Campaign β
π Read
via "Threatpost".
An ongoing attack on websites has added new exploits and an administrative backdoor to its bag of tricks.π Read
via "Threatpost".
Threat Post
WordPress Plugins Anchor Widespread Malvertising, Rogue Backdoor Campaign
An ongoing attack on websites has added new exploits and an administrative backdoor to its bag of tricks.
ATENTIONβΌ New - CVE-2015-9355 (two-factor-authentication)
π Read
via "National Vulnerability Database".
The two-factor-authentication plugin before 1.1.10 for WordPress has XSS in the admin area.π Read
via "National Vulnerability Database".
π΄ 3 Promising Technologies Making an Impact on Cybersecurity π΄
π Read
via "Dark Reading: ".
The common thread: Each acts as a force multiplier, adding value to every other security technology around it.π Read
via "Dark Reading: ".
Darkreading
3 Promising Technologies Making an Impact on Cybersecurity
The common thread: Each acts as a force multiplier, adding value to every other security technology around it.
β How to Get a Handle on Patch Management β
π Read
via "Threatpost".
As the number vulnerabilities hit a historic high, battle-worn security teams are upping their patching game.π Read
via "Threatpost".
Threat Post
How to Get a Handle on Patch Management
As the number vulnerabilities hit a historic high, battle-worn security teams are upping their patching game.
β Firefox 69 Release Kills Default Tracking Cookies, Flash Support β
π Read
via "Threatpost".
Mozilla's newest Firefox iteration also offers new fixes for critical and high-severity vulnerabilities.π Read
via "Threatpost".
Threat Post
Firefox 69 Release Kills Default Tracking Cookies, Flash Support
Mozilla's newest Firefox iteration also offers new fixes for critical and high-severity vulnerabilities.
ATENTIONβΌ New - CVE-2015-9358 (feedwordpress)
π Read
via "National Vulnerability Database".
The feedwordpress plugin before 2015.0514 for WordPress has XSS via add_query_arg() and remove_query_arg().π Read
via "National Vulnerability Database".