News
News
- December 13, 2018
13 Dec'18
Project Zero finds Logitech Options app critically flawed
Tavis Ormandy of Google's Project Zero discovered a serious authentication vulnerability in Logitech's Options application, but the peripheral device maker has yet to address the flaw.
- December 13, 2018
13 Dec'18
Risk & Repeat: NRCC breach stokes election security fears
This week's Risk & Repeat podcast looks at the recently disclosed cyberattack on the National Republican Congressional Committee and the questions that remain about it.
- December 13, 2018
13 Dec'18
Operation Sharpshooter targets infrastructure around the world
Operation Sharpshooter is a recently discovered global cyberattack campaign targeting critical infrastructure organizations, including nuclear, defense and financial companies.
-
- December 12, 2018
12 Dec'18
Equifax breach report highlights multiple security failures
An Equifax breach report, based on a government investigation, blamed the incident on multiple security failures and concluded the breach was preventable.
- December 11, 2018
11 Dec'18
Second Google+ data exposure leads to earlier service shutdown
Another Google Plus data exposure -- this time potentially affecting more than 52 million users -- will cause the service to be shut down four months earlier than scheduled.
- December 07, 2018
07 Dec'18
Facebook app permissions skirted rules to gather call logs
New email messages revealed that Facebook app permissions were carefully implemented to avoid alerting users to the fact that the Android app was gathering call log and SMS data.
- December 07, 2018
07 Dec'18
Risk & Repeat: RSA Conference 2019 eyes diversity improvements
This week's Risk & Repeat podcast looks at RSA Conference's diversity and inclusion initiatives and discusses what they mean for both the event and the infosec industry.
- December 06, 2018
06 Dec'18
NRCC email breach confirmed eight months later
A security company was brought in to investigate a National Republican Congressional Committee breach from April, but little is known about the NRCC email theft.
- December 06, 2018
06 Dec'18
NSO Group's Pegasus spyware linked to Saudi journalist death
Soon after the Pegasus spyware was linked to the death of a Mexican journalist, a new lawsuit alleged the NSO Group and its spyware were also linked to the death of a Saudi journalist.
- December 05, 2018
05 Dec'18
Testing email security products: Results and analysis
Kevin Tolly of the Tolly Group offers a look at how his company set out to test several email security products and the challenges it faced to come up with sound methodologies.
-
- December 05, 2018
05 Dec'18
New VirusTotal hash causes drop in antivirus detection rates
Questions were raised about how antivirus vendors use the VirusTotal database after a researcher highlighted a significant drop in malware detection rates following an upload of a new VirusTotal hash.
- November 30, 2018
30 Nov'18
Are US hacker indictments more than Justice Theater?
New hacker indictments and U.S.Treasury Department sanctions highlight the disconnect between government action and real world consequences for threat actors.
- November 30, 2018
30 Nov'18
Mitre enters product testing with Mitre ATT&CK framework
The first round of evaluations using the Mitre ATT&CK framework has gone public, putting on display how different endpoint products detect advanced threat activities.
- November 30, 2018
30 Nov'18
RSA Conference launches diversity and inclusion initiative
Following the criticism of the last conference, RSA Conference started a diversity and inclusion initiative that, among many other changes, eliminates all-male panels.
- November 30, 2018
30 Nov'18
Marriott discloses Starwood data breach affecting 500 million guests
Marriott International admitted to a Starwood data breach that began in 2014 and affects about 500 million customers. Experts are unsure about the GDPR implications.