News
News
- February 23, 2018
23 Feb'18
Facebook's 2FA bug lands social media giant in hot water
Facebook came under fire after a two-factor authentication bug sent non-security notifications to users' phones, sparking a debate about media coverage and 2FA adoption.
- February 23, 2018
23 Feb'18
Hackers used SWIFT-based attacks to steal millions from banks
News roundup: Hackers once again used SWIFT-based attacks to steal millions from Russian and Indian banks. Plus, hackers used an L.A. Times website for cryptojacking, and more.
- February 22, 2018
22 Feb'18
SEC cybersecurity disclosure rules get a guidance update
The U.S. Securities and Exchange Commission introduced new SEC cybersecurity disclosure rules to prevent insider trading related to data breaches and other security incidents.
-
- February 22, 2018
22 Feb'18
GDPR data breach notification is just one piece of EU privacy puzzle
With the EU's General Data Protection Regulation looming, Qualys' Darron Gibbard discusses GDPR data breach notifications, and more with the EU's new privacy law.
- February 21, 2018
21 Feb'18
Cryptojacking attacks hit enterprises' cloud servers
Cloud security vendor RedLock discovered threat actors had gained access to several enterprise cloud environments, including Tesla's, and used them for cryptojacking schemes.
- February 21, 2018
21 Feb'18
Risk & Repeat: Intel bug bounty tackles side channel attacks
In this week's Risk & Repeat podcast, SearchSecurity editors examine Intel's new bug bounty for side channel attacks and what it says about Meltdown and Spectre.
- February 21, 2018
21 Feb'18
Google discloses Microsoft Edge vulnerability without a patch
Google's Project Zero publicly published an Edge browser vulnerability after the 90-day disclosure deadline expired, and Microsoft has yet to patch the flaw.
- February 19, 2018
19 Feb'18
Risk & Repeat: Cyberinsurance market gets a shake-up
In this week's Risk & Repeat podcast, SearchSecurity editors discuss a new industry partnership designed to give Apple and Cisco customers beneficial cyberinsurance policies.
- February 16, 2018
16 Feb'18
Olympic Destroyer malware more complex than first thought
News roundup: The Olympic Destroyer malware is more sophisticated than researchers first thought. Plus, Microsoft looks to change identity management with blockchain, and more.
- February 16, 2018
16 Feb'18
SonicWall spots Meltdown exploits with machine learning tech
SonicWall says its new deep memory inspection technology, which powers the vendor's Capture Cloud sandbox service, can block Meltdown threats and other zero-day attacks.
-
- February 15, 2018
15 Feb'18
Intel bug bounty programs widened after Meltdown and Spectre
Intel's bug bounty program expanded its scope and rewards for bugs across all Intel products, and the company added a new program for side-channel flaws like Meltdown and Spectre.
- February 14, 2018
14 Feb'18
Microsoft: Windows Analytics can detect Meltdown and Spectre exposure
Microsoft says Meltdown and Spectre vulnerabilities are now being tracked by Windows Analytics, which shows users the update status for CPU microcode and OS patches.
- February 14, 2018
14 Feb'18
Equifax breach worsens, additional consumer data exposed
The Equifax breach compromised even more consumer data, including tax identification numbers, than originally reported. But the credit rating agency didn't disclose the update.
- February 14, 2018
14 Feb'18
Zero-day Telegram vulnerability exploited for cryptomining
Kaspersky Lab disclosed a zero-day vulnerability in Telegram that the security vendor says was abused by Russian cybercriminals in a cryptomining malware campaign.
- February 13, 2018
13 Feb'18
Critical Broadcom flaws discovered in Lenovo ThinkPads
Two critical flaws in Broadcom Wi-Fi chips disclosed last year were thought to affect only Apple and Android devices, but Lenovo now says ThinkPad models are vulnerable, too.