News

News

• December 14, 2018 14 Dec'18

  Mozilla distrusts all Symantec certificates with Firefox 64 release

  News roundup: Mozilla finally removes trust for Symantec certificates with Firefox 64. Plus, Supermicro's investigation challenges Bloomberg Businessweek's report, and more.

• December 14, 2018 14 Dec'18

  Initial RSA Conference 2019 keynote lineup released

  RSA Conference 2019's diversity and inclusion initiative appears to be paying off, as the initial keynote speaker lineup has equal representation for men and women speakers.

• December 13, 2018 13 Dec'18

  Project Zero finds Logitech Options app critically flawed

  Tavis Ormandy of Google's Project Zero discovered a serious authentication vulnerability in Logitech's Options application, but the peripheral device maker has yet to address the flaw.

• December 13, 2018 13 Dec'18

  Risk & Repeat: NRCC breach stokes election security fears

  This week's Risk & Repeat podcast looks at the recently disclosed cyberattack on the National Republican Congressional Committee and the questions that remain about it.

• December 13, 2018 13 Dec'18

  Operation Sharpshooter targets infrastructure around the world

  Operation Sharpshooter is a recently discovered global cyberattack campaign targeting critical infrastructure organizations, including nuclear, defense and financial companies.

• December 12, 2018 12 Dec'18

  Equifax breach report highlights multiple security failures

  An Equifax breach report, based on a government investigation, blamed the incident on multiple security failures and concluded the breach was preventable.

• December 11, 2018 11 Dec'18

  Second Google+ data exposure leads to earlier service shutdown

  Another Google Plus data exposure -- this time potentially affecting more than 52 million users -- will cause the service to be shut down four months earlier than scheduled.

• December 07, 2018 07 Dec'18

  Facebook app permissions skirted rules to gather call logs

  New email messages revealed that Facebook app permissions were carefully implemented to avoid alerting users to the fact that the Android app was gathering call log and SMS data.

• December 07, 2018 07 Dec'18

  Risk & Repeat: RSA Conference 2019 eyes diversity improvements

  This week's Risk & Repeat podcast looks at RSA Conference's diversity and inclusion initiatives and discusses what they mean for both the event and the infosec industry.

• December 06, 2018 06 Dec'18

  NRCC email breach confirmed eight months later

  A security company was brought in to investigate a National Republican Congressional Committee breach from April, but little is known about the NRCC email theft.

• December 06, 2018 06 Dec'18

  NSO Group's Pegasus spyware linked to Saudi journalist death

  Soon after the Pegasus spyware was linked to the death of a Mexican journalist, a new lawsuit alleged the NSO Group and its spyware were also linked to the death of a Saudi journalist.

• December 05, 2018 05 Dec'18

  Testing email security products: Results and analysis

  Kevin Tolly of the Tolly Group offers a look at how his company set out to test several email security products and the challenges it faced to come up with sound methodologies.

• December 05, 2018 05 Dec'18

  New VirusTotal hash causes drop in antivirus detection rates

  Questions were raised about how antivirus vendors use the VirusTotal database after a researcher highlighted a significant drop in malware detection rates following an upload of a new VirusTotal hash.

• November 30, 2018 30 Nov'18

  Are US hacker indictments more than Justice Theater?

  New hacker indictments and U.S.Treasury Department sanctions highlight the disconnect between government action and real world consequences for threat actors.

• November 30, 2018 30 Nov'18

  Mitre enters product testing with Mitre ATT&CK framework

  The first round of evaluations using the Mitre ATT&CK framework has gone public, putting on display how different endpoint products detect advanced threat activities.