Canadian online pharmacy PlanetDrugsDirect is emailing customers, notifying them of a data security incident that might have impacted some of their sensitive personal and financial information. […] Advertise on IT Security News. Read the complete article: Online Pharmacy PlanetDrugsDirect…
IT Security News Daily Summary 2020-01-15
Why government is a breeding ground for insider threats
While distributed environments, external contractors and skills shortages are escalating security risks for agencies, data science can level the playing field. Advertise on IT Security News. Read the complete article: Why government is a breeding ground for insider threats
Rights Groups to European Commission: Prioritize Users’ Rights, Get Public Input For Article 17 Application Guidelines
The implementation of Art 17 (formerly Article 13) into national laws will have a profound effect on what users can say and share online. The controversial rule, part of the EU’s copyright directive approved last year, turns tech companies and…
Cybersecurity front and center in Iran threat hearing
Members of the House Homeland Security Committee quizzed experts about the capabilities of Iran’s cyber forces. Advertise on IT Security News. Read the complete article: Cybersecurity front and center in Iran threat hearing
What to watch in federal IT in 2020
This will be the year when IT governance practices drive a new wave of mission benefits, rather than just better control over IT infrastructure spending. Advertise on IT Security News. Read the complete article: What to watch in federal…
Yo, sysadmins! Thought Patch Tuesday was big? Oracle says ‘hold my Java’ with huge 334 security flaw fix bundle
House of Larry delivers massive update for 93 products Oracle has released a sweeping set of security patches across the breadth of its software line.… Advertise on IT Security News. Read the complete article: Yo, sysadmins! Thought Patch Tuesday…
ExpressVPN will now come pre-installed on all Dynabook laptops
ExpressVPN and Dynabook have announced a new global partnership with the aim of providing all of the PC maker’s users with increased internet protection on their devices. As part of the partnership, Dynabook will preinstall ExpressVPN on all new and…
Constrained Delegation Abuse: Abusing Constrained Delegation to Achieve Elevated Access
Kerberos Delegation Recap Previously, I gave an overview of all of the various types of Kerberos delegation, how they’re configured, and how they can potentially be abused. Prior to that, I wrote about abusing resource-based constrained delegation and Jeff Warren…
Google Lets iPhone Users Turn Device into Security Key
The iPhone can now be used in lieu of a physical security key as a means of protecting Google accounts. Advertise on IT Security News. Read the complete article: Google Lets iPhone Users Turn Device into Security Key
A Practical Guide to Zero-Trust Security
There are five different pillars to implement when moving to a modern, zero-trust security model. Advertise on IT Security News. Read the complete article: A Practical Guide to Zero-Trust Security
iPhones Can Now Double As a Security Key for Google Accounts
Google announced that iPhones running iOS 10 or later can now be used as security keys to protect Google accounts against phishing attacks by verifying sign-ins on Chrome OS, iOS, macOS and Windows 10 devices without pairing. […] Advertise…