23 Oct 2019

How Much Security Is Enough? Practitioners Weigh In

84% of IT decision-makers lack the financial resources needed to achieve a minimum level of security for their organization and 94% believe more work needs to be done to improve the security practices in their firm, a recent Cisco survey found. 56% of organizations have suffered a significant security incident

Read More
23 Oct 2019

Chance that flaws will ever be dealt with diminishes the longer they stick around

A new report by Veracode highlights the risk of growing security debt for applications as a result of developers prioritizing fixes for new security flaws over resolving older problems. 83% of applications contain at least one vulnerability when they are scanned for the first time, with the most common issues

Read More
23 Oct 2019

Facebook promises action on 2020 US election fraud, wipes out fake networks from Russia, Iran

Facebook on Monday announced that it had shut down multiple Iranian and Russian disinformation campaigns targeting users via hundreds of fraudulent Facebook accounts, pages and groups as well as several popular Instagram accounts. Three of the four networks engaging in “coordinated inauthentic behavior” were linked to Iran, while the fourth

Read More
23 Oct 2019

Microsoft’s EU Contracts ‘Breach GDPR’

Microsoft’s contracts with European Union (EU) appear to be violating the EU General Data Protection Regulation (GDPR), according to a preliminary conclusion by the European Data Protection Supervisor (EDPS), which is investigating the matter. The EDPS stated that “though the investigation is still ongoing, preliminary results reveal serious concerns over the

Read More
23 Oct 2019

Czech authorities dismantle alleged Russian cyber-espionage network

In late 2018, Czech law enforcement took down a Russian cyber espionage network set up by Russia’s intelligence agency (the FSB) and Russia’s embassy in Prague, the Czech government announced earlier this week. Russian spies had established a number of hardware and software firms in the country and used the

Read More
23 Oct 2019

FTC bars company from selling “stalking” apps

Software developer Retina-X Studio is no longer allowed to sell three of its apps designed for monitoring employees and children, because the “stalkerware” applications are often used by cybercriminals to spy on users without their consent, the US Federal Trade Commission (FTC) determined on Tuesday. The FTC wants the company

Read More
23 Oct 2019

Magecart 5 Linked to Carbanak Gang

New research by Malwarebytes connects Magecart Group 5, one of the most prominent payment card skimming threat actors, to the notorious Carbanak threat group. Magecart is an umbrella term for various criminal groups that attack websites with the aim of injecting them with “skimming” malware designed to steal the payment

Read More
22 Oct 2019

Erdogan talks Syria with Putin and issues warning to Kurds

On Tuesday, Russian President Vladimir Putin met with his Turkish counterpart Recep Tayyip Erdogan in order to discuss the situation in northeastern Syria, where Russian forces have been deployed to prevent a confrontation between Syrian troops and Turkish troops. The latter moved into the territory after US President Trump decided

Read More
22 Oct 2019

US Government, Military Personnel Data Leaked By Autoclerk

The personal and travel data of tens of thousands of people, including US government and military personnel, has been exposed by an unsecured database belonging to reservations management system Autoclerk, according to research by vpnMentor. More than 100,000 booking reservations were found on the leaky server, which contained over 179GB

Read More
22 Oct 2019

Most Effective Phishing Tactic Is to Make People Think They’ve Been Hacked

People are most likely to fall for a phishing scam when it involves a fake message warning that their account has been hacked, a new report by KnowBe4 shows. In phishing simulations and actual phishing campaigns, the email headlines that were most successful in getting victim’s to click on malicious

Read More