News
News
- February 20, 2019
20 Feb'19
ConnectWise plugin flaw exploited in ransomware attacks on MSPs
GandCrab ransomware infected several managed service providers, thanks to an old a ConnectWise manage plugin vulnerability, but a new decryptor tool is offering relief to victims.
- February 20, 2019
20 Feb'19
At RSAC 2019, speculative execution threats take a back seat
The Meltdown and Spectre vulnerabilities loomed large last year, but RSAC 2019 will have little fodder on speculative execution threats and side channels attacks.
- February 19, 2019
19 Feb'19
Palo Alto Networks to acquire SOAR vendor Demisto
Palo Alto Networks announced its plan of acquiring SOAR vendor Demisto for $560 million to accelerate its Application Framework strategy and beef up security operations automation.
-
- February 15, 2019
15 Feb'19
Google Play security improved by targeting repeat offenders
Google this week attributed security improvements in Google Play to both automated processes and human reviewers. The improvements include stopping bad apps from being published.
- February 15, 2019
15 Feb'19
Astaroth Trojan returns, abuses antivirus software
Cybereason's Nocturnus Research team has discovered a new strain of the Astaroth Trojan that attacks antivirus software to steal credentials.
- February 15, 2019
15 Feb'19
Ponemon study: Poor password practices remain rampant
More than two-thirds of employees share passwords with colleagues, research reveals. Experts sound off on what's fueling poor password practices and how to solve the problem.
- February 13, 2019
13 Feb'19
Dunkin' security alert warns of new credential-stuffing attacks
Dunkin' sent a security alert to customers warning of potentially malicious access of accounts due to the second credential stuffing attack in less than three months.
- February 12, 2019
12 Feb'19
Senators want potential VPN threat investigated by DHS
Two senators called on the Department of Homeland Security to investigate the possibility that VPNs are allowing valuable information to be routed to foreign adversaries.
- February 12, 2019
12 Feb'19
MongoDB security head addresses database exposures
Davi Ottenheimer, MongoDB's head of product security, discusses his company's efforts to prevent accidental database exposures and why so many misconfigurations occur.
- February 08, 2019
08 Feb'19
Apple releases FaceTime patch and iOS zero-day fixes
New bug fix releases for both iOS and macOS include the anticipated FaceTime patch for the serious eavesdropping flaw in group chats as well as fixes for two iOS zero-days.
-
- February 08, 2019
08 Feb'19
'SpeakUp' backdoor Trojan could spell further trouble for Linux servers
Check Point Research explains why SpeakUp, the new Trojan targeting Linux servers, has the potential to unleash more harm and offers pointers on how to defend against such malware.
- February 08, 2019
08 Feb'19
Defense Department eyes behavioral biometrics with new contract
The Department of Defense awards a $2.4 million contract to Twosense.AI in order to create a behavioral biometrics system that can replace the current ID card system.
- February 08, 2019
08 Feb'19
Risk & Repeat: Apple restores enterprise certificates for Facebook, Google
This week's Risk & Repeat podcast looks at Apple's decision to temporarily revoke Facebook's and Google's enterprise certificates following reports of questionable app activity.
- February 07, 2019
07 Feb'19
Gartner: Expanding SOC capabilities a priority for enterprises
Reinvesting in SOCs and crafting clear risk appetite statements made the list of Gartner's top security and risk management trends. Experts sound off on what's driving these trends.
- February 06, 2019
06 Feb'19
Google's Mark Risher: New types of 2FA are 'game changers'
Google's head of account security, Mark Risher, discusses the various types of 2FA and how new options of WebAuthn and U2F are going to be game changers for enterprise.