World Economic Forum Calls for Global Collaboration to Enhance Cyber Resilience in the Aviation Industry read more Advertise on IT Security News. Read the complete article: World Economic Forum on Securing the Aviation Industry in the Age of Convergence
Category: SecurityWeek RSS Feed
NSA Shares Guidance on Mitigating Cloud Vulnerabilities
The U.S. National Security Agency (NSA) has published advice on mitigating cloud vulnerabilities. While the advice is primarily designed for government agencies and departments, it nevertheless contains good advice for any commercial organization considering or embarking on — or already…
Huawei and Supply Chain Security – The Great Geopolitical Debate
read more Advertise on IT Security News. Read the complete article: Huawei and Supply Chain Security – The Great Geopolitical Debate
Trend Micro OfficeScan Flaw Apparently Exploited in Mitsubishi Electric Hack
A cyberattack disclosed recently by Mitsubishi Electric, which resulted in hackers gaining access to the company’s network and stealing corporate data, likely involved exploitation of a vulnerability in Trend Micro’s OfficeScan product. read more Advertise on IT Security News.…
PoC Exploits Created for Recently Patched ‘BlueGate’ Windows Server Flaws
Proof-of-concept (PoC) exploits have been released for two recently patched Remote Desktop Gateway vulnerabilities that can be exploited for remote code execution. read more Advertise on IT Security News. Read the complete article: PoC Exploits Created for Recently Patched…
Trump, Johnson Talk Security Ahead of Huawei Decision
Prime Minister Boris Johnson discussed telecoms security with US President Donald Trump as he prepares to announce if Britain will use China’s Huawei in its 5G networks, officials said Saturday. read more Advertise on IT Security News. Read the…
Cisco Webex Vulnerability Exploited to Join Meetings Without a Password
Cisco on Friday informed customers that it has patched a vulnerability that allowed unauthorized users to join password-protected Webex meetings. Cisco said the flaw had been exploited. read more Advertise on IT Security News. Read the complete article: Cisco…
Questions Linger Over Investigation Into Jeff Bezos’ Hacking
Cybersecurity experts said Thursday there were still many unanswered questions from an investigation commissioned by Jeff Bezos that concluded the billionaire’s cellphone was hacked, apparently after receiving a video file with malicious spyware from the WhatsApp account of Saudi Arabia’s…
2020 Rings in a New Era of Cyber Attacks – and it’s Getting Personal
Recently, I finished a great audiobook by the famed hacker Kevin Mitnick, called “Ghost in the Wires”, where he details his exploits in using social engineering techniques to hack phone systems. For the most part, he used old school methods…
Greece: Government Websites Hit by Cyberattack
The Greek government said Friday that the official state websites of the prime minister, the national police and fire service and several important ministries were briefly disabled by a cyberattack but have been restored. read more Advertise on IT…
Microsoft Releases Azure Security Benchmark
Microsoft this week announced the availability of Azure Security Benchmark v1 (ASB), a collection of more than 90 security best practices recommendations for Azure customers. read more Advertise on IT Security News. Read the complete article: Microsoft Releases Azure…
Bipartisan Bill Aims to Reform NSA Surveillance of Americans
U.S. lawmakers on Thursday introduced a bill that aims to reform the National Security Agency’s surveillance programs in an effort to protect citizens’ rights. read more Advertise on IT Security News. Read the complete article: Bipartisan Bill Aims to…
Privacy Firm Finds Unsecured Cannabis Patient Information
An internet privacy firm says it was able to access private personal information of more than 30,000 medical marijuana patients, recreational pot customers or dispensary employees in several states. The privacy firm was searching for unsecured data online and says…
The More Authentication Methods, the Merrier
An Increasingly Diverse, Dynamic Workforce Is Driving Dramatic Change in How Users Authenticate read more Advertise on IT Security News. Read the complete article: The More Authentication Methods, the Merrier
Citrix Releases More Patches for Exploited Flaw, Tool to Detect Compromise
Citrix has released a new set of patches for the recently disclosed CVE-2019-19781 vulnerability and partnered with FireEye for a tool that tells users if their systems have been compromised via the security flaw. read more Advertise on IT…
UK ‘to Decide on Huawei 5G Next Week’
Britain is expected to announce next week whether to allow China’s Huawei to develop its 5G network, an official said on Friday, setting out reasons for agreeing despite US opposition. read more Advertise on IT Security News. Read the…
Researchers Earn $280,000 for Hacking Industrial Systems at Pwn2Own Miami
Researchers who took part this week in the Zero Day Initiative’s Pwn2Own Miami hacking competition have earned a total of $280,000 for exploits targeting industrial control systems (ICS) and associated protocols. read more Advertise on IT Security News. Read…
Russian Pleads Guilty in Virginia to Large-Scale Card Fraud
A Russian national pleaded guilty Thursday to running a website that helped people commit more than $20 million in credit-card fraud. Aleksei Burkov, 29, of St. Petersburg, Russia, entered the plea to charges including fraud and money laundering in a…
Safari’s Intelligent Tracking Prevention Fails to Prevent Tracking
The privacy mechanism implemented by Apple’s Safari browser to prevent user tracking across websites is not efficient at protecting users’ privacy, Google security researchers have discovered. read more Advertise on IT Security News. Read the complete article: Safari’s Intelligent…
Some Hackers Take the Ransom and Run: Researchers
Paying off hackers after a ransomware infection could end up being a total loss, according to a study released Thursday which finds some attackers just take the money and run. read more Advertise on IT Security News. Read the…
Cisco Patches Critical Vulnerability in Network Security Tool
A critical vulnerability in the Cisco Firepower Management Center (FMC) could allow a remote attacker to bypass authentication and execute arbitrary actions on affected devices as administrator. read more Advertise on IT Security News. Read the complete article: Cisco…
Vulnerabilities Found in GE Healthcare Patient Monitoring Products
Several potentially serious vulnerabilities have been found in patient monitoring products made by GE Healthcare, the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) and healthcare cybersecurity firm CyberMDX revealed on Thursday. read more Advertise on IT Security News. Read…
CloudKnox Security Raises $12 Million in Funding
Cloud security firm CloudKnox Security today announced that it has raised $12 million in a new funding round, which brings its total funding to $22.75 million. read more Advertise on IT Security News. Read the complete article: CloudKnox Security…
Targeted Phishing Campaign Leverages Death of Iranian General Qasem Suleimani
A targeted phishing campaign against government entities in Persian Gulf and Middle East countries was detected earlier this month. The campaign was using the heightened tension in the region following the killing of Iranian general Qasem Suleimani at a Baghdad…
What We Know, And Don’t, About the Alleged Bezos Phone Hack
U.N. human rights experts are asking Washington to investigate a suspected Saudi hack that may have siphoned data from the personal smartphone of Jeff Bezos, Amazon founder and owner of The Washington Post. But the forensic evidence they cite comes…
Data Security Startup Privafy Emerges From Stealth Mode
Data security solutions provider Privafy has emerged from stealth mode with $22 million in funding, which it will use to scale product development. read more Advertise on IT Security News. Read the complete article: Data Security Startup Privafy Emerges…
Iran-Linked RAT Used in Recent Attacks on European Energy Sector
Attacks recently identified to target a key organization in the European energy sector have employed a remote access Trojan (RAT) previously associated with Iran-linked threat actors, Recorded Future reports. read more Advertise on IT Security News. Read the complete…
Mastercard Opens New Intelligence and Cyber Center in Vancouver, Canada
New Vancouver Space Becomes One of Six Global Technology Centres for Mastercard read more Advertise on IT Security News. Read the complete article: Mastercard Opens New Intelligence and Cyber Center in Vancouver, Canada
Serious Vulnerabilities Expose Honeywell Surveillance Systems to Attacks
Some of Honeywell’s MAXPRO video surveillance systems are affected by serious vulnerabilities that can be exploited by hackers to take complete control of the system, a researcher has discovered. read more Advertise on IT Security News. Read the complete…
US Presses France for ‘Strong Security Measures’ Against Huawei
The United States pressed France on Wednesday to take “strong security measures” against potential breaches from 5G services provided by Chinese telecommunications firm Huawei, saying failure to do so could imperil intelligence exchanges. read more Advertise on IT Security…
Multiple Vulnerabilities Found in AMD ATI Radeon Graphics Cards
Security vulnerabilities in some AMD ATI Radeon graphics cards could allow attackers to remotely execute code or cause a denial of service condition, researchers from Cisco Talos have warned. read more Advertise on IT Security News. Read the complete…
Wednesday is Deadline for Claims in 2017 Equifax Data Breach
Wednesday is the deadline to seek cash payments and claim free services as part of Equifax’s $700 million settlement over a massive data breach. read more Advertise on IT Security News. Read the complete article: Wednesday is Deadline for…
Cyber Insurance Provider Coalition Acquires BinaryEdge
Coalition, a San Francisco-based cyber insurance provider for SMBs, on Wednesday announced that it has acquired internet scanning and threat intelligence services provider BinaryEdge. Financial terms of the deal have not been disclosed. read more Advertise on IT Security…
UN Experts Urge Probe Into Alleged Saudi Hacking of Bezos Phone
Independent UN rights experts said Wednesday they had received information that Amazon owner Jeff Bezos’s phone was hacked through a WhatsApp account belonging to Saudi Crown Prince Mohammad bin Salman. read more Advertise on IT Security News. Read the…
Intezer Raises $15 Million in Series B Funding
Cyber threat detection provider Intezer this week announced it has raised $15 million in a Series B funding round. The New York-based cyber-security company helps organizations detect threats by revealing the “genetic” origins of software code, and also provides context…
World Economic Forum Global Risks Report Highlights Dangers of Digital innovation
World Economic Forum Publishes Global Risks Report 2020 read more Advertise on IT Security News. Read the complete article: World Economic Forum Global Risks Report Highlights Dangers of Digital innovation
Source Code Released for All ProtonVPN Apps
Proton Technologies, the company best known for its privacy-focused email service ProtonMail, this week announced that the source code for all of its ProtonVPN virtual private network (VPN) applications has been made public after each app underwent independent security audits.…
Microsoft Exposed 250 Million Customer Support Records
Nearly 250 million Microsoft Customer Service and Support (CSS) records were found exposed to the Internet in five insecure Elasticsearch databases, Comparitech reports. read more Advertise on IT Security News. Read the complete article: Microsoft Exposed 250 Million Customer…
Unofficial Patch Released for Recently Disclosed Internet Explorer Zero-Day
ACROS Security’s 0patch service on Tuesday released an unofficial fix for CVE-2020-0674, a recently disclosed vulnerability in Internet Explorer that has been exploited in targeted attacks. read more Advertise on IT Security News. Read the complete article: Unofficial Patch…
Secure DevOps Company Sysdig Raises $70 Million
California-based secure DevOps company Sysdig on Wednesday announced that it raised $70 million in a Series E funding round, which it plans on using to fuel global expansion, including through significant investments in sales and marketing. read more Advertise…
French Spy Suspected of Selling Data on Darknet
An anti-terrorism agent in France’s domestic intelligence service could soon face trial on charges of selling confidential data and fake IDs in the hidden corners of the internet, prosecutors say. read more Advertise on IT Security News. Read the…
Saudi Dismisses Link to Hack of Amazon Owner Bezos
The Saudi embassy in Washington on Tuesday dismissed suggestions the kingdom hacked the phone of Washington Post owner Jeff Bezos, as media reports linked the security breach to a WhatsApp message from an account of Crown Prince Mohammed bin Salman.…
Design Weaknesses Expose Industrial Systems to Damaging Attacks
Hackers Can Cause Damage to Industrial Systems by Abusing Design Weaknesses read more Advertise on IT Security News. Read the complete article: Design Weaknesses Expose Industrial Systems to Damaging Attacks
Hackers Can Cause Damage to Industrial Systems by Abusing Design Weaknesses
An analysis of industrial control systems (ICS) has shown that many products contain features and functions that have been designed with no security in mind, allowing malicious hackers to abuse them and potentially cause serious damage. read more Advertise…
Brazilian Prosecutors Accuse Glenn Greenwald in Hacking Case
Brazilian prosecutors on Tuesday accused U.S. journalist Glenn Greenwald of involvement in hacking the phones of officials involved in a corruption investigation, but said court rulings protecting free speech prevent them from bringing charges. read more Advertise on IT…
Snyk is Latest Cybersecurity Unicorn After Adding $150 Million in Funding
Developer-focused cybersecurity solutions provider Snyk today announced a $150 million funding round, at a valuation of more than $1 billion, earning the company “unicorn” status. read more Advertise on IT Security News. Read the complete article: Snyk is Latest…
FireEye Acquires Cloud Governance Firm Cloudvisory
FireEye (NASDAQ: FEYE) on Tuesday announced that it has acquired Cloudvisory, a Dallas, Texas-based provider of tools for cloud visibility, security, and policy management. Terms of the acquisition were not disclosed. read more Advertise on IT Security News. Read…
Advanced “16Shop” Phishing Kit Expands Offerings
One of the most advanced phishing kits, known as 16Shop and probably developed by a group known as the Indonesian Cyber Army, has expanded its phish targets from Apple account holders and Amazon to now include PayPal. read more …
US Military Claimed ‘Success’ in Hacking ISIS: Documents
The US military claims to have “successfully” disrupted the online propaganda efforts of the Islamic State in a hacking operation dating back at least to 2016, according to declassified national security documents released Tuesday. read more Advertise on IT…
New Ransomware Process Leverages Native Windows Features
A new methodology for instigating ransomware makes use of Windows’ own Encrypting File System (EFS). EFS has been a part of Windows since Windows 2000. Unlike Windows’ BitLocker — which is a full disk encryption feature — EFS can selectively…
Hackers Steal Employee and Corporate Information From Mitsubishi Electric
Personal and corporate information was stolen from electronics and electrical equipment manufacturing company Mitsubishi Electric during a data breach that occurred last year. read more Advertise on IT Security News. Read the complete article: Hackers Steal Employee and Corporate…
Georgia Man Admits to Launching DDoS Attack
A Georgia man has admitted in court to employing a third-party to launch a distributed denial of service (DDoS) attack. The man, Tucker Preston, 22, of Macon, Georgia, was charged with one count of damaging protected computers by transmission of…
Realistic Factory Honeypot Shows Threats Faced by Industrial Organizations
Trend Micro researchers have set up a factory honeypot and found that industrial organizations should be more concerned about attacks launched by profit-driven cybercriminals rather than the threat posed by sophisticated state-sponsored groups. read more Advertise on IT Security…
Hardcoded SSH Key Found in Fortinet SIEM Appliances
A hardcoded SSH public key in Fortinet’s Security Information and Event Management FortiSIEM can be abused to access the FortiSIEM Supervisor. read more Advertise on IT Security News. Read the complete article: Hardcoded SSH Key Found in Fortinet SIEM…
Hanna Andersson Data Breach: Hackers Compromise Website of Children’s Clothier
Portland, Oregon-based children’s clothing maker Hanna Andersson has quietly disclosed a breach to affected customers. Very few details of the breach have been made public. read more Advertise on IT Security News. Read the complete article: Hanna Andersson Data…
Apple Received Tens of Thousands of Government Requests in H1 2019
Apple has published its latest transparency report, which provides details on the number of government requests the tech company received during the first half of 2019. read more Advertise on IT Security News. Read the complete article: Apple Received…
NIST Releases Framework for Privacy Risk Management
The National Institute of Standards and Technology (NIST) last week announced version 1.0 of its Privacy Framework, a tool designed to help organizations manage privacy risks. read more Advertise on IT Security News. Read the complete article: NIST Releases…
Citrix Releases First Patches for Critical ADC Vulnerability
Citrix has started rolling out security patches for the recently revealed Citrix Application Delivery Controller (ADC) and Citrix Gateway vulnerability. read more Advertise on IT Security News. Read the complete article: Citrix Releases First Patches for Critical ADC Vulnerability
Microsoft to Patch Internet Explorer Vulnerability Exploited in Targeted Attacks
Microsoft announced on Friday that it’s in the process of developing a patch for a zero-day vulnerability in Internet Explorer that has been exploited in targeted attacks. Until a fix becomes available, the company has shared some workarounds and mitigations.…
Turkish Hackers Target Greek Government Websites, Stock Exchange
Turkish hackers claimed Friday to have hijacked for more than 90 minutes the official websites of the Greek parliament, the foreign affairs and economy ministries, as well as the country’s stock exchange. read more Advertise on IT Security News.…
Microsoft Introduces Free Source Code Analyzer
Microsoft this week announced a new source code analyzer designed to identify interesting characteristics of code. read more Advertise on IT Security News. Read the complete article: Microsoft Introduces Free Source Code Analyzer
FBI Takes Down Site Selling Subscriptions to Stolen Data
WeLeakInfo Website Taken Down in International Law Enforcement Operation read more Advertise on IT Security News. Read the complete article: FBI Takes Down Site Selling Subscriptions to Stolen Data
Attacker Installs Backdoor, Blocks Others From Exploiting Citrix ADC Vulnerability
A threat group targeting the recently disclosed critical vulnerability in Citrix Application Delivery Controller (ADC) is installing their own backdoor while cleaning up other malware infections and blocking others from exploiting the vulnerability, FireEye has discovered. read more Advertise…
New Legislation Would Require a Cybersecurity Coordinator in Every State
Cybersecurity State Coordinator Program Would Bolster State and Local Cybersecurity Four United States Senators have introduced a bipartisan bill that would require the Department of Homeland Security (DHS) to establish a Cybersecurity State Coordinator program, with each of the 50…
Data Security Startup Cyral Emerges From Stealth Mode
California-based data security startup Cyral emerged from stealth mode this week and announced that it has raised $11 million in a Series A funding round. The company previously received $4.1 million in an angel investment round, which brings the total…
Industry Reactions to Crypto Vulnerability Found by NSA: Feedback Friday
One of the vulnerabilities patched this week by Microsoft in its Windows operating system is a crypto-related issue that was reported to the company by the U.S. National Security Agency. read more Advertise on IT Security News. Read the…
Hackers Earn $275,000 for Vulnerabilities in U.S. Army Systems
A total of 146 valid vulnerabilities were reported as part of the second Hack the Army bug bounty program, and more than $275,000 were paid in rewards. read more Advertise on IT Security News. Read the complete article: Hackers…
Expert: Georgia Election Server Showed Signs of Tampering
A computer security expert says he found that a forensic image of the election server central to a legal battle over the integrity of Georgia elections showed signs that the original server was hacked. read more Advertise on IT…
Siemens Warns of Security Risks Associated With Use of ActiveX
Siemens this week addressed several vulnerabilities and warned customers about the security risks associated with the use of ActiveX in industrial products. read more Advertise on IT Security News. Read the complete article: Siemens Warns of Security Risks Associated…
U.S. Girds for Cyber Threats From Iran as Military Clash Fears Ebb
Iran is widely expected to ramp up cyberattacks against the United States in response to the US killing of a top Iranian leader this month even as fears have receded about a military confrontation between the two countries. read more…
Cloudflare Announces Free Security Services for Political Campaigns
Security and web performance company Cloudflare has announced a suite of services for the cyber-protection of political campaigns in the United States and worldwide. read more Advertise on IT Security News. Read the complete article: Cloudflare Announces Free Security…
FBI Plans to Notify States About Local Election Breaches
The FBI, in a change of policy, is committing to inform state officials if local election systems have been breached, federal officials said Thursday. read more Advertise on IT Security News. Read the complete article: FBI Plans to Notify…
Peter Leav Named CEO of McAfee
Cybersecurity firm McAfee announced on Thursday that its board of managers has appointed Peter Leav as the company’s new chief executive officer after Chris Young decided to step down. read more Advertise on IT Security News. Read the complete…
Many High-Risk Users Have Bad Security Habits: Google Survey
High-risk users are aware that they are more likely to be targeted by hackers compared to the general population, but many of them still have bad security habits, a Google survey shows. read more Advertise on IT Security News.…
Facebook Introduces New Login Alerts
Facebook this week introduced a new notification to alert users when their accounts interact with a third-party application using Facebook Login. Dubbed “Login Notifications,” the new feature is meant to provide users with increased control over their data, the social…
PoC Exploits Released for Cisco DCNM Vulnerabilities
A researcher who discovered many vulnerabilities in Cisco’s Data Center Network Manager (DCNM) product has made public some proof-of-concept (PoC) exploits and technical details. read more Advertise on IT Security News. Read the complete article: PoC Exploits Released for…
Equifax Ordered to Spend $1 Billion on Data Security Under Data Breach Settlement
Court Approves Equifax Data Breach Settlement read more Advertise on IT Security News. Read the complete article: Equifax Ordered to Spend $1 Billion on Data Security Under Data Breach Settlement
Court Approves Equifax Data Breach Settlement
On January 13, 2020, a federal court approved the proposed settlement for the class action suit filed against Equifax over the massive data breach it revealed in September 2017. read more Advertise on IT Security News. Read the complete…
Rights Group Demands Israel Rein in Murky Spyware Company
TEL AVIV, Israel (AP) — An Israeli court heard a case Thursday calling for restrictions to be slapped on NSO Group, an Israeli company that makes surveillance software that is said to have been used to target journalists and dissidents…
The Edge is Near. Are You Ready?
Outpacing Your Security Capacity With Digital Innovation is a Formula for Disaster read more Advertise on IT Security News. Read the complete article: The Edge is Near. Are You Ready?
Unprotected Medical Systems Expose Data on Millions of Patients
Hundreds of Internet-accessible, unprotected medical imaging systems expose data on millions of patients worldwide, German security firm Greenbone reveals. read more Advertise on IT Security News. Read the complete article: Unprotected Medical Systems Expose Data on Millions of Patients
PoC Exploits Released for Crypto Vulnerability Found by NSA
Several proof-of-concept (PoC) exploits have already been created — and some of them have been made public — for CVE-2020-0601, the crypto-related Windows vulnerability that Microsoft patched recently after being notified by the U.S. National Security Agency. read more …
P&N Bank Data Breach Exposes Trove of User Data
P&N Bank is reportedly sending out notifications to customers of a data breach that resulted in a large amount of sensitive information being compromised. read more Advertise on IT Security News. Read the complete article: P&N Bank Data Breach…
Public Bug Bounty Program Launched for Kubernetes
The Cloud Native Computing Foundation (CNCF) this week announced the launch of a public bug bounty program for Kubernetes, with rewards of up to $10,000 per vulnerability. read more Advertise on IT Security News. Read the complete article: Public…
Organizations Feel Threat of Nation-State Attacks, Survey Shows
An increasing number of companies believe they are being targeted by state-sponsored hacking groups, a new survey shows. read more Advertise on IT Security News. Read the complete article: Organizations Feel Threat of Nation-State Attacks, Survey Shows
Google Simplifies Enrollment Process for Advanced Protection Program
Google announced on Wednesday that it has simplified the enrollment process for its Advanced Protection Program and it now allows users to activate a security key on their iPhone. Google’s Advanced Protection Program (APP) is designed to help high-risk users…
Using Gap Analysis to Fix a Leaky Enterprise
Attackers Evolve Quickly, and We Must Work Daily to Ensure We Are Ready for Their Next Move read more Advertise on IT Security News. Read the complete article: Using Gap Analysis to Fix a Leaky Enterprise
New 5ss5c Ransomware Likely Readied to Replace Satan
The threat actor or group behind the Satan ransomware — and probably DBGer and Lucky and possibly Iron — seems to be engaged in a new version or evolution of Satan: 5ss5c. read more Advertise on IT Security News.…
Trusona Raises $20 Million in Series C Funding Round
Passwordless multi-factor authentication technology provider Trusona this week announced it has raised $20 million as part of a Series C funding round led by Georgian Partners. read more Advertise on IT Security News. Read the complete article: Trusona Raises…
Vulnerabilities Found in VMware Tools, Workspace ONE SDK
VMware on Tuesday advised customers using VMware Tools version 10 for Windows to update their installations to version 11 due to a local privilege escalation vulnerability. read more Advertise on IT Security News. Read the complete article: Vulnerabilities Found…
Oracle’s January 2020 CPU Delivers 334 New Patches
Oracle has released its first Critical Patch Update (CPU) for 2020, which includes a total of 334 new security patches across multiple product families. read more Advertise on IT Security News. Read the complete article: Oracle’s January 2020 CPU…
SAP Releases 6 Security Notes on January 2020 Patch Day
SAP today released 6 Security Notes and 1 Updated Note as part of its January 2020 Security Patch Day, with all addressing Medium severity vulnerabilities. read more Advertise on IT Security News. Read the complete article: SAP Releases 6…
Encryption Battle Reignited as US Govt at Loggerheads With Apple
Apple and the US government are at loggerheads for the second time in four years over unlocking iPhones connected to a mass shooting, reviving debate over law enforcement access to encrypted devices. read more Advertise on IT Security News.…
NSA Discloses Serious Windows Vulnerability to Microsoft
The U.S. National Security Agency (NSA) has informed Microsoft that Windows is affected by a potentially serious spoofing vulnerability that could allow hackers to make a malicious file appear to come from a trusted source or conduct man-in-the-middle (MitM) attacks.…
Google Says it Will Phase Out Web-Tracking ‘Cookies’
Google on Tuesday said is making progress in its quest to vanquish third-party “cookies” on its popular browser used to track people’s online activities, a focus of many privacy activists. read more Advertise on IT Security News. Read the…
Google Researchers Detail Critical iMessage Vulnerability
Google Project Zero security researchers have published technical details on an iMessage vulnerability addressed last year, which could be exploited remotely to achieve arbitrary code execution. read more Advertise on IT Security News. Read the complete article: Google Researchers…
The Changing Face of Cloud Threat Intelligence
As public cloud providers continue to elevate their platforms’ default enterprise protection and compliance capabilities to close gaps in their portfolio or suites of in-house integrated security products, CISOs are increasingly looking to the use and integration of threat intelligence…
Tinder, Grindr Accused of Illegally Sharing User Data
Popular dating apps like Tinder and Grindr are sharing the personal data of their users to third parties in breach of EU regulations, a Norwegian consumer rights group said Tuesday. read more Advertise on IT Security News. Read the…
Go Huawei: UK PM Challenges US Critics of China Firm
Prime Minister Boris Johnson on Tuesday challenged US opponents of Britain’s potential decision to let China’s Huawei telecoms giant develop its 5G network to come up with a better choice. read more Advertise on IT Security News. Read the…
Major U.S. Mobile Carriers Vulnerable to SIM Swapping Attacks
Weak security measures in place at several major wireless carriers in the United States make it easy for attackers to perform SIM swap attacks on prepaid mobile accounts, a recent study found. read more Advertise on IT Security News.…