News

News

• February 15, 2019 15 Feb'19

  Astaroth Trojan returns, abuses antivirus software

  Cybereason's Nocturnus Research team has discovered a new strain of the Astaroth Trojan that attacks antivirus software to steal credentials.

• February 15, 2019 15 Feb'19

  Ponemon study: Poor password practices remain rampant

  More than two-thirds of employees share passwords with colleagues, research reveals. Experts sound off on what's fueling poor password practices and how to solve the problem.

• February 13, 2019 13 Feb'19

  Dunkin' security alert warns of new credential-stuffing attacks

  Dunkin' sent a security alert to customers warning of potentially malicious access of accounts due to the second credential stuffing attack in less than three months.

• February 12, 2019 12 Feb'19

  Senators want potential VPN threat investigated by DHS

  Two senators called on the Department of Homeland Security to investigate the possibility that VPNs are allowing valuable information to be routed to foreign adversaries.

• February 12, 2019 12 Feb'19

  MongoDB security head addresses database exposures

  Davi Ottenheimer, MongoDB's head of product security, discusses his company's efforts to prevent accidental database exposures and why so many misconfigurations occur.

• February 08, 2019 08 Feb'19

  Apple releases FaceTime patch and iOS zero-day fixes

  New bug fix releases for both iOS and macOS include the anticipated FaceTime patch for the serious eavesdropping flaw in group chats as well as fixes for two iOS zero-days.

• February 08, 2019 08 Feb'19

  'SpeakUp' backdoor Trojan could spell further trouble for Linux servers

  Check Point Research explains why SpeakUp, the new Trojan targeting Linux servers, has the potential to unleash more harm and offers pointers on how to defend against such malware.

• February 08, 2019 08 Feb'19

  Defense Department eyes behavioral biometrics with new contract

  The Department of Defense awards a $2.4 million contract to Twosense.AI in order to create a behavioral biometrics system that can replace the current ID card system.

• February 08, 2019 08 Feb'19

  Risk & Repeat: Apple restores enterprise certificates for Facebook, Google

  This week's Risk & Repeat podcast looks at Apple's decision to temporarily revoke Facebook's and Google's enterprise certificates following reports of questionable app activity.

• February 07, 2019 07 Feb'19

  Gartner: Expanding SOC capabilities a priority for enterprises

  Reinvesting in SOCs and crafting clear risk appetite statements made the list of Gartner's top security and risk management trends. Experts sound off on what's driving these trends.

• February 06, 2019 06 Feb'19

  Google's Mark Risher: New types of 2FA are 'game changers'

  Google's head of account security, Mark Risher, discusses the various types of 2FA and how new options of WebAuthn and U2F are going to be game changers for enterprise.

• February 06, 2019 06 Feb'19

  Google's Mark Risher discusses 2FA adoption strategies

  Although some types of two-factor authentication have been found to be vulnerable, Google's Mark Risher says 2FA adoption should be the baseline of security for all enterprises.

• February 01, 2019 01 Feb'19

  Google planning warnings for lookalike URLs in Chrome

  Google is planning to add warnings on lookalike URLs in an ongoing effort to ensure internet users experience useful and clear warnings while using the Chrome browser.

• January 31, 2019 31 Jan'19

  Dell unveils endpoint security portfolio with CrowdStrike, Secureworks

  Dell has teamed up with CrowdStrike and Secureworks for SafeGuard and Response, a portfolio of endpoint security technology and services, to tackle the shifting threat landscape.

• January 31, 2019 31 Jan'19

  Facebook and Google exploit Enterprise Certificate loophole on iOS

  Both Facebook and Google were found to be exploiting a loophole in Apple's Developer Enterprise Program for iOS with apps used to gather data on users who installed them.