05 Aug 2019

Ransom Note Replaces 2.1M Customer Records on Open MongoDB

Threat actors are holding 1.2 million sensitive files belonging to Mexican bookseller Librería Porrúa for ransom. On July 15, a security researcher discovered the records in an unprotected MongoDB database. Three days later, threat actors also stumbled upon the unsecured server and proceeded to replace all records in it with

Read More
05 Aug 2019

FSI organizations are failing to assess their software for security vulnerabilities before release

Organizations in the Financial Services Industry (FSI) are doing a rather poor job at preventing cyberattacks, new research by Synopsys shows. The majority of FSI organizations have suffered a cyberattack that caused system failure and downtime (56%) or have had threat actors steal sensitive customer data (51%). Ransomware infections or

Read More
02 Aug 2019

70 Percent of Organizations Will be Using Security-as-a-Service by 2021

Two in three firms are implementing Security-as-a-Service (SECaaS), or plan to do so in the next 12 months, a new Thycotic study shows. It projects that by 2021, SECaaS will have been adopted by over 70% of organizations. SECaaS can involve the use of security software provided by third-party firms,

Read More
02 Aug 2019

The Landmark US-Russia Arms Control Treaty Is Dead

On Friday, the Intermediate-Range Nuclear Forces (INF) Treaty that played a key role in ending the Cold War nuclear arms race between the United States and the Soviet Union, officially became defunct. The INF Treaty collapsed in February when the US government announced that it will pull out of the agreement, a

Read More
02 Aug 2019

Microsoft Slammed For Investment In Israeli Facial Recognition ‘Spying On Palestinians’

Privacy advocates are accusing Microsoft of investing in surveillance technology that is used to spy on people whose human rights are being trampled upon by authorities. In particular, activists criticize the tech giant’s funding of AnyVision, an Israeli facial recognition firm that provides technology used to carry out surveillance on

Read More
02 Aug 2019

N Korea conducts third weapons test in eight days

On Friday, North Korea carried out its third missile test in eight days. South Korean officials stated that the missiles were likely a new kind of short range ballistic missile just like the type used in the previous launches. Experts believe that Pyongyang is carrying out the tests as a

Read More
02 Aug 2019

Organizations At Risk for Data Breaches: System Vulnerabilities Increase by 92 Percent

Bugcrowd has released a new study on the current state of crowdsourced security. The report cites a 92% surge in the total number of vulnerabilities that were reported by bug bounty researchers last year, compared to the previous report. Researchers are not only finding more flaws, but they are also

Read More
02 Aug 2019

Resource Headaches Top Security Pros’ Challenges

A new report by the Chartered Institute of Information Security points to a lack of resources (45%), a lack of experience (37%), and skills gaps (31%) as the three biggest problems that cybersecurity professionals are currently facing. The estimated global shortage of qualified security pros is estimated to approach three

Read More
02 Aug 2019

Top 10 IoT security risks for businesses

A new Deloitte survey among IT security professionals found that almost half (48%) of them recognize the importance of embedding DevSecOps throughout the life cycle of Internet-of-things (IoT) development and of cooperating with legal, procurement, and compliance across deployments. About the same number of respondents (51%) expressed mild confidence in

Read More
02 Aug 2019

PCI Council & Retail ISAC Issue Magecart Warning

The PCI Security Standards Council and Retail and Hospitality ISAC have issued a joint bulletin to warn about the rise of online skimming attacks like Magecart campaigns. Magecart is an umbrella term for various criminal groups that attack web shops with the aim of injecting them with card skimming malware.

Read More