β Mozilla mandates 2FA security for Firefox developers β
π Read
via "Naked Security".
Mozilla last week fired off an important memo to all Firefox extension developers telling them to turn on authentication (2FA) on their addons.mozilla.org (AMO) accounts.π Read
via "Naked Security".
Naked Security
Mozilla mandates 2FA security for Firefox developers
Mozilla last week fired off an important memo to all Firefox extension developers telling them to turn on authentication (2FA) on their addons.mozilla.org (AMO) accounts.
π Salary survey: Experienced security managers make more than $250,000 a year π
π Read
via "Security on TechRepublic".
Security pros in banking and finance make the most money but bonuses were common across all roles and industries.π Read
via "Security on TechRepublic".
TechRepublic
Salary survey: Experienced security managers make more than $250,000 a year
Security pros in banking and finance make the most money but bonuses were common across all roles and industries.
β Researchers discover weakness in IoT digital certificates β
π Read
via "Naked Security".
IoT devices are using weak digital certificates that could expose them to attack, according to a study released over the weekend.π Read
via "Naked Security".
Naked Security
Researchers discover weakness in IoT digital certificates
IoT devices are using weak digital certificates that could expose them to attack, according to a study released over the weekend.
β Ransomware-seized New Orleans declares state of emergency β
π Read
via "Naked Security".
There are signs that the attackers used the particularly pernicious Ryuk strain of ransomware.π Read
via "Naked Security".
Naked Security
Ransomware-seized New Orleans declares state of emergency
There are signs that the attackers used the particularly pernicious Ryuk strain of ransomware.
π Ellen DeGeneres, Lisa Kudrow, Facebook, and Google named worst password offenders of 2019 π
π Read
via "Security on TechRepublic".
Big business aren't the only ones susceptible to password-related blunders, Dashlane found.π Read
via "Security on TechRepublic".
TechRepublic
Ellen DeGeneres, Lisa Kudrow, Facebook, and Google named worst password offenders of 2019
Big business aren't the only ones susceptible to password-related blunders, Dashlane found.
β Alexa, Google Home Eavesdropping Hack Not Yet Fixed β
π Read
via "Threatpost".
Researchers say that Amazon and Google need to focus on weeding out malicious skills from the getgo, rather than after they are already live.π Read
via "Threatpost".
Threat Post
Alexa, Google Home Eavesdropping Hack Not Yet Fixed
Researchers say that Amazon and Google need to focus on weeding out malicious skills from the getgo, rather than after they are already live.
π΄ Disarming Disinformation π΄
π Read
via "Dark Reading: ".
Disinformation attacks are just as detrimental to businesses as they are to national elections. Here's what's at stake in 2020 and what infosec teams can do about them.π Read
via "Dark Reading: ".
Dark Reading
Disarming Disinformation: Why CISOs Must Fight Back Against False Info
Misinformation and disinformation campaigns are just as detrimental to businesses as they are to national elections. Here's what's at stake in 2020 and what infosec teams can do about them.
π΄ Data Security Startup Satori Cyber Launches with $5.25M Seed Round π΄
π Read
via "Dark Reading: ".
Satori Cyber aims to help businesses better protect and govern their information with its Secure Data Access Cloud.π Read
via "Dark Reading: ".
Dark Reading
Data Security Startup Satori Cyber Launches with $5.25M Seed Round
Satori Cyber aims to help businesses better protect and govern their information with its Secure Data Access Cloud.
π΄ Don't Make Security Training a 'One-and-Done' π΄
π Read
via "Dark Reading: ".
How to move beyond one-off campaigns and build a true security awareness program.π Read
via "Dark Reading: ".
Darkreading
Don't Make Security Training a 'One-and-Done'
How to move beyond one-off campaigns and build a true security awareness program.
π΄ Siemens Contractor Sentenced for Writing 'Logic Bombs' π΄
π Read
via "Dark Reading: ".
David Tinley, 62, rigged software he wrote for the company starting in 2014 and into 2016, causing the programs to fail.π Read
via "Dark Reading: ".
Dark Reading
Siemens Contractor Sentenced for Writing 'Logic Bombs'
David Tinley, 62, rigged software he wrote for the company starting in 2014 and into 2016, causing the programs to fail.
π΄ Talking to the Board about Cybersecurity π΄
π Read
via "Dark Reading: ".
A chief financial officer shares five winning strategies for an effective board-level conversation about right-sizing risk.π Read
via "Dark Reading: ".
Dark Reading
Talking to the Board about Cybersecurity
A chief financial officer shares five winning strategies for an effective board-level conversation about right-sizing risk.
β Epilepsy Foundation Bombarded with Seizure-Triggering Twitter Posts β
π Read
via "Threatpost".
The Epilepsy Foundation has filed a criminal complaint against undisclosed Twitter users who users its Twitter feed to post seizure-inducing content.π Read
via "Threatpost".
Threat Post
Epilepsy Foundation Bombarded with Seizure-Triggering Twitter Posts
The Epilepsy Foundation has filed a criminal complaint against undisclosed Twitter users who users its Twitter feed to post seizure-inducing content.
ATENTIONβΌ New - CVE-2013-0202
π Read
via "National Vulnerability Database".
Cross-site scripting (XSS) vulnerability in ownCloud 4.5.5, 4.0.10, and earlier allows remote attackers to inject arbitrary web script or HTML via the action parameter to core/ajax/sharing.php.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-2237
π Read
via "National Vulnerability Database".
Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x before 1.4.3 and 1.5.x before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) javascript innerHTML as used when generating login forms, (2) links or (3) resources URLs, and (4) the Display name in a user profile.π Read
via "National Vulnerability Database".
π Ten Steps to Stop Intellectual Property Theft π
π Read
via "Subscriber Blog RSS Feed ".
For every manufacturing firm, sensitive data is the most valuable asset. If this critical information β in particular, intellectual property (IP) β is ever lost or stolen, manufacturers not only face significant fines and penalties but also suffer a hit to their reputations and public trust. Perhaps most importantly, they risk losing their competitive advantage, which can ultimately lead to business failure and bankruptcy.π Read
via "Subscriber Blog RSS Feed ".
β Rooster Teeth Attack Showcases New Magecart Approach β
π Read
via "Threatpost".
The streaming video and podcast content company was hit by a payment-card attack.π Read
via "Threatpost".
Threat Post
Rooster Teeth Attack Showcases New Magecart Approach
The streaming video and podcast content company was hit by a payment-card attack.
π Survey: Customers want integration and strategic support from security vendors π
π Read
via "Security on TechRepublic".
Vendors get low marks for customer support and committing to benchmarks.π Read
via "Security on TechRepublic".
TechRepublic
Survey: Customers want integration and strategic support from security vendors
Vendors get low marks for customer support and committing to benchmarks.
π΄ Higher Degree, Higher Salary? Not for Some Security Pros π΄
π Read
via "Dark Reading: ".
Turns out, skill beats experience and an academic degree doesn't guarantee higher compensation for five security positions.π Read
via "Dark Reading: ".
Dark Reading
Higher Degree, Higher Salary? Not for Some Security Pros
Turns out, skill beats experience and an academic degree doesn't guarantee higher compensation for five security positions.
π΄ Facebook Fixes WhatsApp Group Chat Security Issue π΄
π Read
via "Dark Reading: ".
Flaw allowed attackers to repeatedly crash group chat and force users to uninstall and reinstall app, Check Point says.π Read
via "Dark Reading: ".
Darkreading
Facebook Fixes WhatsApp Group Chat Security Issue
Flaw allowed attackers to repeatedly crash group chat and force users to uninstall and reinstall app, Check Point says.
π΄ 15 Million Patient Records Exposed Attack on Canadian Lab π΄
π Read
via "Dark Reading: ".
A cyberattack against LifeLabs exposed personal information on patients in Ontario and British Columbia.π Read
via "Dark Reading: ".
Darkreading
15 Million Patient Records Exposed Attack on Canadian Lab
A cyberattack against LifeLabs exposed personal information on patients in Ontario and British Columbia.
β Donβt fall for this porn scam β even if your passwordβs in the subject! β
π Read
via "Naked Security".
This "I am well aware" email is just another sextortion scam where crooks try to blackmail you with a video they don't actually have.π Read
via "Naked Security".
Naked Security
Donβt fall for this porn scam β even if your passwordβs in the subject!
This βI am well awareβ email is just another sextortion scam where crooks try to blackmail you with a video they donβt actually have.
π1