Popular News
23 hours ago Whistleblower Everett Stern: 'Do the Right Thing'
InfoRiskToday View Synopsis+1"If You See Something, Say Something' Applies to Banks, Money LaunderingIt's been nearly seven years since HSBC was fined $1.9 billion by U.S. authorities for money laundering violations involving international drug cartels. But Everett Stern, the former employee who blew the whistle on the bank, continues to tell his story because he believes similar criminal activity is ongoing.
17 hours ago Some Elasticsearch security features are now free for everyone
ZDNet View Synopsis+1Company makes TLS support and fine-grained user/role management free for everyone.
12 hours ago iPhone gyroscopes, of all things, can uniquely ID handsets on anything earlier than iOS 12.2
The Register View Synopsis+1Cheapskate fandroids get a pass on this one, thoughYour iPhone can be uniquely fingerprinted by apps and websites in a way that you can never clear. Not by deleting cookies, not by clearing your cache, not even by reinstalling iOS.…
12 hours ago US Warns Chinese Drones May Steal Data: Report
SecurityWeek View Synopsis+1Washington has warned that Chinese-made drones could be giving spy agencies in Beijing "unfettered access" to stolen data, according to a report in American media.
The Department of Homeland Security sent out an alert on Monday flagging drones built in China as a "potential risk to an organization's information", CNN reported.
19 hours ago Root account misconfigurations found in 20% of top 1,000 Docker containers
ZDNet View Synopsis+1Issue similar to Alpine Linux's CVE-2019-5021 impacts 194 other Docker images.
Top News
2 hours ago Windows 10 May 2019 Update now rolling out to everyone… slowly
ArsTechnica View Synopsis+1Unless you explicitly want it installed, you probably won't get this update.
1 day ago User Data Exposed in Stack Overflow Hack
SecurityWeek View Synopsis+1Hackers had access to Stack Overflow systems for nearly one week before the attack was detected and some user data was exposed after all, the company has admitted.
1 day ago Google Restricts Huawei's Access to Android
InfoRiskToday View Synopsis+1As US/China Trade Tensions Escalate, Experts Warn of 'Unintended Consequences'After the Trump administration last week blacklisted Huawei amid rising trade tensions, Google says it has canceled the Chinese smartphone giant's Android license. Many chipmakers and other technology firms have also said they will cease or at least pause the sharing of software, hardware and services.
1 day ago How to block hijacking attacks on your Google account
TechRepublic View Synopsis+1Bot and phishing attacks can compromise your G Suite account, but there is an easy way to block the majority of these attempts, according to Google.
1 day ago Let adware be treated as malware, Canuck boffins declare after breaking open Wajam ad injector
The Register View Synopsis+1If it walks like a duck and quacks like a duck then...Analysis The technology industry has numerous terms for sneaky software, including malware, adware, spyware, ransomware, and the ever adorable PUPs - potentially unwanted programs. But there isn't always a clear difference between malware and less threatening descriptors.…
1 day ago Melbourne students are guinea pigs for NEC's facial recognition fraud tech
ZDNet View Synopsis+1NEC's NeoFace facial recognition software will be used by Melbourne-based Cambridge Boxhill Language Assessments in a bid to ensure those sitting tests are those enrolled.
Latest News
9 hours ago Database May Have Exposed Instagram Data for 49 Million
InfoRiskToday View Synopsis+1Email Addresses, Phone Numbers Potentially ExposedThere's been a potential leak of personally identifiable information from Instagram, but it's not clear yet whether the data on 49 million users came directly from the social media company. A database that was left online without password protection has since been taken down.
10 hours ago Why post-quantum encryption will be critical to protect current classical computers
TechRepublic View Synopsis+1Quantum computers are theorized to be capable of breaking RSA encryption. Experts disagree on when it could happen, but agree on a need for quantum-proof encryption.
11 hours ago Database May Have Exposed Instagram Personal Data
InfoRiskToday View Synopsis+1Email Addresses, Phone Numbers for 49 Million People Potentially ExposedThere's been a potential leak of personally identifiable information from Instagram, but it's not clear yet whether the data on 49 million users came directly from the social media company. A database that was left online without password protection has since been taken down.
2 hours ago Google says it stored some G Suite passwords in unhashed form for 14 years
ZDNet View Synopsis+1G Suite passwords were encrypted when stored in disk, so at least they weren't stored in plaintext.
2 hours ago Google Warns G Suite Customers of Passwords Stored Unhashed
SecurityWeek View Synopsis+1Google on Tuesday said that some customer passwords for its G Suite customers were stored in an unhashed format.
2 hours ago How does API Management Complement IAM?
InfoRiskToday View Synopsis+1Flat-out, traditional IAM practices are insufficient to secure a modern enterprise that relies on such diverse endpoints and connected devices. But API management can play a strong complementary role, says Jay Thorne of CA Technologies, a Broadcom company.
3 hours ago Firefox Now Has Fingerprinting and Crypto-mining Protection
SecurityWeek View Synopsis+1Mozilla this week released Firefox 67 to the stable channel with improved protection against tracking and with fingerprinting and crypto-mining protection capabilities.
3 hours ago Fending off Zombieload attacks will crush your performance
ZDNet View Synopsis+1To fully protect yourself from potential Zombieload attacks, vendors and early benchmarks show you'll face performance losses of up to 40%.
4 hours ago First official version of Tor Browser for Android released on the Play Store
ZDNet View Synopsis+1After eight months of alpha testing, Tor Browser for Android is now ready for rollout.
5 hours ago Attack Combines Phishing, Steganography, PowerShell to Deliver Malware
SecurityWeek View Synopsis+1URLZone Morphs Into a Downloader for Ursnif
Researchers have discovered a malware campaign targeting Japan and combining phishing, steganography, PowerShell, and the URLZone and Ursnif malwares.
8 hours ago How to improve cloud provider security: 4 tips
TechRepublic View Synopsis+1Many IT pros remain concerned with the risk of data loss and leakage in the cloud, according to a new survey from AlgoSec.
8 hours ago Your data, stolen twice: Pirated phishing kit contains hidden backdoor
TechRepublic View Synopsis+1A commercial phishing platform that targets Apple users has proven popular enough for other criminals to pirate, though the pirated version transmits harvested data through a hidden back channel.
