π΄ Weak Crypto Practice Undermining IoT Device Security π΄
π Read
via "Dark Reading: ".
Keyfactor says it was able to break nearly 250,000 distinct RSA keys - many associated with routers, wireless access points, and other Internet-connected devices.π Read
via "Dark Reading: ".
Dark Reading
Weak Crypto Practice Undermining IoT Device Security
Keyfactor says it was able to break nearly 250,000 distinct RSA keys - many associated with routers, wireless access points, and other Internet-connected devices.
π΄ Financial Services Breaches Less Common, More Damaging, Than Those in Other Sectors π΄
π Read
via "Dark Reading: ".
While far less common than breaches in other industry sectors, financial services breaches were more than twice as expensive, per record exposed, than the average for tech businesses.π Read
via "Dark Reading: ".
Darkreading
Financial Services Breaches Less Common, More Damaging, Than Those in Other Sectors
While far less common than breaches in other industry sectors, financial services breaches were more than twice as expensive, per record exposed, than the average for tech businesses.
β Facebook employeesβ payroll data nabbed in car smash-and-grab β
π Read
via "Naked Security".
Bye-bye, payroll data for 29,000 US Facebook employees that got left on an unencrypted drive in an employee's car.π Read
via "Naked Security".
Naked Security
Facebook employeesβ payroll data nabbed in car smash-and-grab
Bye-bye, payroll data for 29,000 US Facebook employees that got left on an unencrypted drive in an employeeβs car.
β Mozilla mandates 2FA security for Firefox developers β
π Read
via "Naked Security".
Mozilla last week fired off an important memo to all Firefox extension developers telling them to turn on authentication (2FA) on their addons.mozilla.org (AMO) accounts.π Read
via "Naked Security".
Naked Security
Mozilla mandates 2FA security for Firefox developers
Mozilla last week fired off an important memo to all Firefox extension developers telling them to turn on authentication (2FA) on their addons.mozilla.org (AMO) accounts.
π Salary survey: Experienced security managers make more than $250,000 a year π
π Read
via "Security on TechRepublic".
Security pros in banking and finance make the most money but bonuses were common across all roles and industries.π Read
via "Security on TechRepublic".
TechRepublic
Salary survey: Experienced security managers make more than $250,000 a year
Security pros in banking and finance make the most money but bonuses were common across all roles and industries.
β Researchers discover weakness in IoT digital certificates β
π Read
via "Naked Security".
IoT devices are using weak digital certificates that could expose them to attack, according to a study released over the weekend.π Read
via "Naked Security".
Naked Security
Researchers discover weakness in IoT digital certificates
IoT devices are using weak digital certificates that could expose them to attack, according to a study released over the weekend.
β Ransomware-seized New Orleans declares state of emergency β
π Read
via "Naked Security".
There are signs that the attackers used the particularly pernicious Ryuk strain of ransomware.π Read
via "Naked Security".
Naked Security
Ransomware-seized New Orleans declares state of emergency
There are signs that the attackers used the particularly pernicious Ryuk strain of ransomware.
π Ellen DeGeneres, Lisa Kudrow, Facebook, and Google named worst password offenders of 2019 π
π Read
via "Security on TechRepublic".
Big business aren't the only ones susceptible to password-related blunders, Dashlane found.π Read
via "Security on TechRepublic".
TechRepublic
Ellen DeGeneres, Lisa Kudrow, Facebook, and Google named worst password offenders of 2019
Big business aren't the only ones susceptible to password-related blunders, Dashlane found.
β Alexa, Google Home Eavesdropping Hack Not Yet Fixed β
π Read
via "Threatpost".
Researchers say that Amazon and Google need to focus on weeding out malicious skills from the getgo, rather than after they are already live.π Read
via "Threatpost".
Threat Post
Alexa, Google Home Eavesdropping Hack Not Yet Fixed
Researchers say that Amazon and Google need to focus on weeding out malicious skills from the getgo, rather than after they are already live.
π΄ Disarming Disinformation π΄
π Read
via "Dark Reading: ".
Disinformation attacks are just as detrimental to businesses as they are to national elections. Here's what's at stake in 2020 and what infosec teams can do about them.π Read
via "Dark Reading: ".
Dark Reading
Disarming Disinformation: Why CISOs Must Fight Back Against False Info
Misinformation and disinformation campaigns are just as detrimental to businesses as they are to national elections. Here's what's at stake in 2020 and what infosec teams can do about them.
π΄ Data Security Startup Satori Cyber Launches with $5.25M Seed Round π΄
π Read
via "Dark Reading: ".
Satori Cyber aims to help businesses better protect and govern their information with its Secure Data Access Cloud.π Read
via "Dark Reading: ".
Dark Reading
Data Security Startup Satori Cyber Launches with $5.25M Seed Round
Satori Cyber aims to help businesses better protect and govern their information with its Secure Data Access Cloud.
π΄ Don't Make Security Training a 'One-and-Done' π΄
π Read
via "Dark Reading: ".
How to move beyond one-off campaigns and build a true security awareness program.π Read
via "Dark Reading: ".
Darkreading
Don't Make Security Training a 'One-and-Done'
How to move beyond one-off campaigns and build a true security awareness program.
π΄ Siemens Contractor Sentenced for Writing 'Logic Bombs' π΄
π Read
via "Dark Reading: ".
David Tinley, 62, rigged software he wrote for the company starting in 2014 and into 2016, causing the programs to fail.π Read
via "Dark Reading: ".
Dark Reading
Siemens Contractor Sentenced for Writing 'Logic Bombs'
David Tinley, 62, rigged software he wrote for the company starting in 2014 and into 2016, causing the programs to fail.
π΄ Talking to the Board about Cybersecurity π΄
π Read
via "Dark Reading: ".
A chief financial officer shares five winning strategies for an effective board-level conversation about right-sizing risk.π Read
via "Dark Reading: ".
Dark Reading
Talking to the Board about Cybersecurity
A chief financial officer shares five winning strategies for an effective board-level conversation about right-sizing risk.
β Epilepsy Foundation Bombarded with Seizure-Triggering Twitter Posts β
π Read
via "Threatpost".
The Epilepsy Foundation has filed a criminal complaint against undisclosed Twitter users who users its Twitter feed to post seizure-inducing content.π Read
via "Threatpost".
Threat Post
Epilepsy Foundation Bombarded with Seizure-Triggering Twitter Posts
The Epilepsy Foundation has filed a criminal complaint against undisclosed Twitter users who users its Twitter feed to post seizure-inducing content.
ATENTIONβΌ New - CVE-2013-0202
π Read
via "National Vulnerability Database".
Cross-site scripting (XSS) vulnerability in ownCloud 4.5.5, 4.0.10, and earlier allows remote attackers to inject arbitrary web script or HTML via the action parameter to core/ajax/sharing.php.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-2237
π Read
via "National Vulnerability Database".
Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x before 1.4.3 and 1.5.x before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) javascript innerHTML as used when generating login forms, (2) links or (3) resources URLs, and (4) the Display name in a user profile.π Read
via "National Vulnerability Database".
π Ten Steps to Stop Intellectual Property Theft π
π Read
via "Subscriber Blog RSS Feed ".
For every manufacturing firm, sensitive data is the most valuable asset. If this critical information β in particular, intellectual property (IP) β is ever lost or stolen, manufacturers not only face significant fines and penalties but also suffer a hit to their reputations and public trust. Perhaps most importantly, they risk losing their competitive advantage, which can ultimately lead to business failure and bankruptcy.π Read
via "Subscriber Blog RSS Feed ".
β Rooster Teeth Attack Showcases New Magecart Approach β
π Read
via "Threatpost".
The streaming video and podcast content company was hit by a payment-card attack.π Read
via "Threatpost".
Threat Post
Rooster Teeth Attack Showcases New Magecart Approach
The streaming video and podcast content company was hit by a payment-card attack.
π Survey: Customers want integration and strategic support from security vendors π
π Read
via "Security on TechRepublic".
Vendors get low marks for customer support and committing to benchmarks.π Read
via "Security on TechRepublic".
TechRepublic
Survey: Customers want integration and strategic support from security vendors
Vendors get low marks for customer support and committing to benchmarks.