Month: September 2017

Cloud Security

Issued by: Help Net Security

Organizations are uncovering a cloud security paradox

The characteristics of modern applications in the cloud are changing, requiring software and IT architects to shift priorities. Businesses of all sizes are transforming in order to compete in the digital era, but are bogged down by legacy technologies and inefficient siloed processes and tools that are ill-equipped to handle today’s volume of data.

Vulnerabilities

Issued by: Help Net Security

Billions of Bluetooth-enabled devices vulnerable to new airborne attacks

Eight zero-day vulnerabilities affecting the Android, Windows, Linux and iOS implementations of Bluetooth can be exploited by attackers to extract information from, execute malicious code on, or perform a MitM attack against vulnerable devices. The vulnerabilities, collectively dubbed BlueBorne by the researchers who discovered them, can be exploited without users having to click on a…

Malware & Threats

Issued by: Help Net Security

Phishers targeting LinkedIn users via hijacked accounts

A new phishing campaign has been spotted hitting LinkedIn users via direct messages and the LinkedIn InMail feature. They are sent from legitimate LinkedIn Premium accounts that have been hijacked by the phishers, thus increasing the likelihood that recipients will trust the message and click on the link. The messages/emails say that the sender has…

Network Security

Issued by: Help Net Security

Why end-to-end encryption is about more than just privacy

The question of whether regular people need end-to-end encryption will surely be debated for quite some time. But for Alan Duric, CEO and co-founder of Wire, the question can only have a positive answer. As he told the audience at the FSec security symposium in Varazdin, Croatia, end-to-end encryption is about more than just privacy…

Vulnerabilities

Issued by: Help Net Security

Equifax attackers got in through an Apache Struts flaw?

Have the attackers responsible for the Equifax data breach exploited a vulnerability in Apache Struts, a popular open source framework for developing web applications, to compromise the company’s networks? Equifax has yet to share more details about how the attack was pulled off, but a report by financial services firm Robert W. Baird & Co….

Malware & Threats

Issued by: Help Net Security

Insurers increasingly concerned about silent cyber exposure

Around half of industry practitioners see the risk of silent cyber exposure – potential cyber-related losses due to silent coverage from insurance policies not specifically designed to cover cyber risk – as growing over the coming year, according to Willis Re. Silent cyber exposure In the Willis Re survey, respondents were asked to assess the…

Network Security

Issued by: Security Week

143 Million Affected in Hack of U.S. Credit Agency

A major American credit reporting agency entrusted to safeguard personal financial information said Thursday hackers looted its system in a colossal breach that could affect nearly half the US population as well as people in Britain and Canada. Equifax said that a hack it learned about on July 29 had the potential to affect 143…