News

News

• July 31, 2018 31 Jul'18

  Malvertising campaign tied to legitimate online ad companies

  A new report from Check Point Research uncovers an extensive malvertising campaign known as Master134 and implicates several online advertising companies in the scheme.

• July 31, 2018 31 Jul'18

  Yale data breach discovered 10 years too late

  A Yale University data breach from 2008 was only just discovered, and the school has released details on the compromised information, including Social Security numbers.

• July 31, 2018 31 Jul'18

  Bugcrowd CTO on the need for responsible disclosure policy, 'good faith'

  Bugcrowd founder and CTO Casey Ellis talks about his concerns that the era of 'good faith' between security researchers and enterprises is in jeopardy.

• July 31, 2018 31 Jul'18

  U.S. government making progress on DMARC implementation

  The deadline for full DMARC implementation in U.S. government-owned domains is less than three months away, and only half of the domains have the correct policy in place.

• July 31, 2018 31 Jul'18

  Citrix's Peter Lefkowitz on impact of GDPR privacy requirements

  New consumer privacy laws are changing the global privacy landscape. Citrix's Peter Lefkowitz explains how Citrix is approaching GDPR compliance and privacy issues in general.

• July 31, 2018 31 Jul'18

  NetSpectre is a remote side-channel attack, but a slow one

  A new PoC attack using Spectre variant 1 called NetSpectre marks the first time Spectre v1 has been exploited remotely, although questions remain on the practicality of the attack.

• July 27, 2018 27 Jul'18

  How Dropbox dropped the ball with anonymized data

  Dropbox came under fire for sharing anonymized data with academic researchers after questions emerged about how the data was protected and used.

• July 27, 2018 27 Jul'18

  LifeLock vulnerability exposed user email addresses to public

  News roundup: A LifeLock vulnerability exposed the email addresses of millions of customers. Plus, Amazon's Rekognition misidentified 28 members of Congress as criminals, and more.

• July 27, 2018 27 Jul'18

  Senator wants government to stop Adobe Flash use

  Senator Ron Wyden wrote a letter to multiple government agencies advocating that the entire U.S. government stop Adobe Flash use on all systems due to security risks.

• July 26, 2018 26 Jul'18

  Ponemon: Mega breaches, data breach costs on the rise

  The Ponemon Institute's '2018 Cost of a Data Breach Study' details a rise in data breaches with a look at mega breaches and why U.S. companies experience the greatest loss.

• July 26, 2018 26 Jul'18

  Risk & Repeat: DHS warns of power grid cyberattacks

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss a new warning from the Department of Homeland Security regarding Russian hackers targeting the U.S. power grid.

• July 26, 2018 26 Jul'18

  DHS details electrical grid attacks by Russian agents

  For the first time, DHS has offered more detailed and unclassified information about electrical grid attacks carried out by Russian hackers and the dangers to U.S. infrastructure.

• July 24, 2018 24 Jul'18

  Physical security keys eliminate phishing at Google

  Successful phishing attempts have been eliminated among Google employees following a requirement to use physical security keys in order to gain access to all Google accounts.

• July 20, 2018 20 Jul'18

  Critical Cisco vulnerabilities patched in Policy Suite

  News roundup: Critical Cisco vulnerabilities in Policy Suite products were patched this week. Plus, Venmo's API is set to public, exposing a trove of customer data, and more.

• July 20, 2018 20 Jul'18

  Microsoft launches Identity Bounty Program, offers up to $100,000

  Microsoft introduced its new Identity Bounty Program that offers up to $100,000 in rewards for reported vulnerabilities in its identity services, such as Azure Active Directory.