by Lisa Vaas In spite of Apple having turned over the shooter’s iCloud backups in the case of the Pensacola, Florida mass shooting last month, the US government has been raking it over the coals for supposedly not helping law enforcement in investigations. But according to a new allegation, Apple has been far more accommodating …
Apple allegedly made nice with FBI by dropping iCloud encryption plan Read More »
Companies should realize that any user could be a target and use threat data to build a security awareness training program, says Proofpoint. View Original Source Article HERE
Dating Apps Are Sharing Your Personal Data with Third-Parties and Advertisers Some of the most popular dating services may be violating GDPR or other privacy laws Unbeknownst to their users, several popular dating apps, including Tinder, OkCupid, and Grindr, share detailed personal data on their users with third parties for advertising purposes, a study conducted …
Dating Apps Share Personal Data with Advertisers and 3rd Parties Read More »
Organizations are moving toward next-generation cybersecurity solutions this year, but security fragmentation is a looming threat. View Original Source Article HERE
by Paul Ducklin Microsoft has today announced a data breach that affected one of its customer databases. The blog article, entitled Access Misconfiguration for Customer Support Databases, admits that between 05 December 2019 and 31 December 2019, a database used for “support case analytics” was effectively visible from the cloud to the world. Microsoft didn’t …
Big Microsoft data breach – 250 million records exposed Read More »
Enterprise VulnerabilitiesFrom DHS/US-CERT’s National Vulnerability Database CVE-2020-7227PUBLISHED: 2020-01-18 Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, … CVE-2019-15625PUBLISHED: 2020-01-18 A memory usage vulnerability …
Ransomware Upgrades with Credential-Stealing Tricks Read More »
Traditional data-leak prevention is not enough for businesses facing today’s dynamic threat landscape. Data attacks reached an all-time high in 2019 as we continued to transform our lives digitally — moving our work, health, financial, and social information online. In response, businesses must meet hefty data and information protection regulatory and compliance requirements. There’s no …
by Danny Bradbury A researcher has discovered thousands of Tinder users’ images publicly available for free online. Aaron DeVera, a cybersecurity researcher who works for security company White Ops and also for the NYC Cyber Sexual Assault Taskforce, uncovered a collection of over 70,000 photographs harvested from the dating app Tinder, on several undisclosed websites. …
What do online file sharers want with 70,000 Tinder images? Read More »
Experts weigh in on whether schools should teach kids the skills they need to safely reap the benefits of the online world With education being one of the key factors in everyone’s life, the education system of any country seeks to provide children not only with elementary competencies, but also equip them with at least …
A device that is supposed to help parents keep track of their children and give them a peace of mind can be turned into a surveillance device Researchers at the AV-Test Institute have uncovered gaping privacy and security holes in the SMA-WATCH-M2 smartwatch that is designed to keep children safe and their parents feeling secure …
Smartwatch exposes locations and other data on thousands of children Read More »
Smart selections when starting small can ease the pain as you scale up your company’s privacy infrastructure If, unlike enterprise customers, you don’t have six figures to spend, what are some things you can do to protect your data that can scale as your business grows? Even if you don’t plan on scaling to an …
5 personal (and cheap) data privacy tools that scale for business Read More »
The second authentication factor might be a minor inconvenience, but it provides a major security boost With past years riddled with security breaches, it is high time we evaluated the way we secure our online presence. The usual way to secure most of your digital accounts is by using a password, no question about it. …
SIM Swapping Attacks 5 Vulnerable Major US Wireless Phone Carriers When it comes to protection against this insidious type of scam, the telcos’ authentication procedures leave a lot be desired, a study finds Five major US wireless carriers – AT&T, T-Mobile, Verizon, Tracfone and US Mobile – are susceptible to SIM swap scams, a danger …
5 Major US Wireless Carriers Vulnerable to SIM Swapping Attacks Read More »
Cybercriminals are evolving their tactics, and the security community anticipates voice and video fraud to play a role in one of the next big data breaches — so start protecting your business now. Deepfake fraud is a new, potentially devastating issue for businesses. In fact, last year a top executive at an unidentified energy company …
Phishing Today, Deepfakes Tomorrow: Training Employees to Spot This Emerging Threat Read More »
An ESET-commissioned survey sheds light on the browsing habits of Australians and how they protect themselves online Australia is a highly interconnected country with nine in ten inhabitants being internet users, most of which use the internet every day. What do they know about cybersecurity and how do they approach it, though? A recent survey …
Cyberawareness in Australia: The good and the bad Read More »
by Lisa Vaas US elementary and grade schools have been experimenting with facial recognition. But so far, it hasn’t been widely adopted at colleges – and students are taking part in a nationwide effort to keep it that way. On Tuesday, the digital rights group Fight for the Future announced that it’s teamed up with …
College students call for ban on facial recognition on campus Read More »
Company agrees to set aside a minimum of $380.5 million as breach compensation and spend another $1 billion on transforming its information security over the next five years. The 147 million US consumers affected by the breach have one week from today to file a claim. The final minimum tab for Equifax’s failure to patch …
2017 Data Breach Will Cost Equifax at Least $1.38 Billion Read More »
Many organizations underestimate the value of their data to skilled and organized cybercriminals, said security provider eSentire. Keeping up with cybercriminals can be a never-ending challenge for organizations and security professionals. As hackers and attackers come up with increasingly more clever and devious ways to infiltrate an organization, your critical and sensitive data becomes more …
How to better protect your organization’s most valuable data Read More »
Wondering how this guy could be so clumsy? So is he. [youtube https://www.youtube.com/watch?v=5uVuW7VhIsA] Source: Emirates NBD What security-related videos have made you laugh? Let us know! Send them to [email protected]. Beyond the Edge content is curated by Dark Reading editors and created by external sources, credited for their work. View Full Bio View Original Article HERE
An ongoing phishing scam uncovered by ESET researchers seeks to wreak havoc on your money and digital life in one fell swoop ESET researchers in Latin America have spotted fraudulent websites that impersonate PayPal and attempt to trick users into handing over considerably more than ‘only’ their access credentials to the payment service. The ruse …
Ambitious scam wants far more than just PayPal logins Read More »
It amazes me how many people confuse the importance of vulnerability scanning with penetration testing. Vulnerability scanning cannot replace the importance of penetration testing, and penetration testing, on its own, cannot secure the entire network. Both are important at their respective levels, needed in cyber risk analysis, and are required by standards such as PCI, …
All it can take is a swipe of your credit or debit card for your personally identifiable information to end up on the dark web. Audio Transcript Mollie Halpern: All it can take is a swipe of your credit or debit card for your personally identifiable information to end up on the dark web. It’s …
What are some of the key things you should do with your shiny new device as soon as you unbox it? It’s that time of year again, and chances are that new tech will be one of the gifts tucked under your Christmas tree. Whether it’s a smartphone, laptop or, say, an Internet-of-Things (IoT) gadget, …
The Five: Ransomware Attacks Cyber-attacks that threaten to publish a victim’s data or block access to it unless a ransom is paid have grown internationally since 2012. Sodinokibi and Travelex Hackers attacked Travelex’s network on New Year’s Eve, stealing customer data including dates of birth, credit card information, and national insurance numbers. The ransomware gang …
In some ways, the cloud has made security management easier, as many cloud providers have taken the responsibilities traditionally associated with local server management out of your hands. But in other ways, the security management conversation has become more confusing for decision makers, as “cloud” is a very broadly defined term and could speak to …
Malware in the Cloud: Protecting Yourself Based on Your Cloud Environment Read More »
When looking for a good deal this holiday shopping season, the FBI suggests keeping this old adage in mind: If it sounds too good to be true, it probably is. Audio Transcript Mollie Halpern: When looking for a good deal this holiday shopping season, the FBI suggests keeping this old adage in mind… James Harris, Jr: If it sounds too …
In the first instalment of this two-article series we will be looking at cybersecurity habits to avoid when using your computing devices As we’re entering 2020, we’re also plotting out our New Year’s resolutions. Instead of suggesting what you should do next year, however, let’s have a look at some cybersecurity mistakes you should avoid …
In the second blogpost of this two-part series we’ll suggest handy tips to help enhance the security of your mobile devices Yesterday, we discussed bad cybersecurity habits you should avoid in 2020, especially where computers are involved. We’re not done yet. Some of the recommendations apply to both computers and smartphones, such as being especially …
20 tips for 2020: Be smarter with your smartphone Read More »
We were excited to celebrate National Cybersecurity Career Awareness Week (NCCAW), November 11-16, 2019. Technology and cybersecurity play a vital role in many facets of our lives. Our growing dependence on the internet and the convenience of technology comes with unique challenges. Attackers are constantly trying to steal sensitive data and cripple systems, such as …
The Federal Trade Commission has issued its biennial report to Congress focusing on the use of the National Do Not Call (DNC) Registry by both consumers and businesses and other organizations over the past two years. This year’s report includes: 1) a summary of current Registry operations; 2) a summary of the impact on the …
FTC Issues Biennial Report to Congress on the National Do Not Call Registry Read More »
FORT MEADE, Md., Dec. 13, 2019 — NSA Congratulates Centers of Academic Excellence (CAE) The NSA congratulates these Centers of Academic Excellence as they recognize the following list of academic institutions. The following academic institutions were recognized as designated or re-designated CAE schools at the November 2019 NICE conference: On November 20, 2019, NSA celebrated …
NSA Congratulates Centers of Academic Excellence (CAE) Read More »
The University of Phoenix (UOP) and its parent company, Apollo Education Group, will settle for a record $191 million to resolve Federal Trade Commission charges that they used deceptive advertisements that falsely touted their relationships and job opportunities with companies such as AT&T, Yahoo!, Microsoft, Twitter, and The American Red Cross. Under the settlement unanimously …
South Korean cryptocurrency exchange Upbit today said hackers could steal $49 million in Ethereum. On 27 November, the crypto-coins were moved from Upbeat Ethereum Hot Wallet to an unknown wallet, announced Doo-myeon’s CEO Lee Seok-woo who operates Upbit. In a publication on the Upbit website, the hackers, Seokwoo, disclosed 342,000 ETH (Ethereum), equivalent to approximately …
Hackers Steal $49 million in Cryptocurrency Exchange Upbit Ethereum Read More »
What Sort of Security Software and Backups do I Need for a Home Business? I’m looking to set up a small business working from home and would like some advice on backup and security measures. I have an Office 365 account so my main directory for saving documents will be OneDrive. I was looking to back …
What sort of security software and backups do I need for a home business? Read More »
Thanks for Checking Us Out! Welcome to Making Sense of Security. Technology is evolving at a rapid speed. There is much advancement at the stroke of a key. Making sense of what functions best for one may not be for another. Keeping up with advancements to be able to maintain functions is vital. We are …
