Why it’s Time to Switch from Facebook Login to a Password Manager
Social media sites are increasingly the focus of our digital lives. Not only do we share, interact and post on platforms like Facebook —we also use these sites to quickly log into our favorite apps and websites. But what happens when these social media gatekeepers are hacked? Awhile back, Facebook suffered a major attack when…
Attackers Use Google Cloud to Target US, UK Banks
A malicious email campaign has been found abusing a Google Cloud Storage service to host a payload sent to employees of financial services organizations, Menlo Labs researchers report. The threat appears to have been active in the US and UK since August 2018. Victims receive emails containing links to archive files; researchers say all instances…
Out-of-office security
The Christmas and New Year holidays are generally regarded as a very nice time of the year. Workers depart the office, giving information security experts a chance to put their feet up. Before you take your well-deserved rest, however, make sure to take measures to protect corporate information on employees’ personal gadgets. Sensitive information on…
How to Optimize Security Spending While Reducing Risk
Globally, organizations have spent millions on security solutions; however, these purchasing decisions often are not based on fact or data — just hunches, expenditures, and market trends. Senior executives struggle to have complete visibility into their own company’s security posture as well as the current threat environment. There is a lack of comprehensive, near-real-time information…
Facebook Data Deals Extend to Microsoft, Amazon, Netflix
If you shared data with Facebook over the past few years, there’s a high chance Facebook handed it to Microsoft, Amazon, Spotify, or any of the other 150 companies that benefited from extensive data-sharing deals with the social media giant, The New York Times reports. Internal Facebook records provide a more detailed look at data-sharing…
Vulnerabilities in high-performance computer chips could lead to failures in modern electronics
A Washington State University research team has uncovered significant and previously unknown vulnerabilities in high-performance computer chips that could lead to failures in modern electronics. The researchers found they could damage the on-chip communications system and shorten the lifetime of the whole computer chip significantly by deliberately adding malicious workload. Led by Partha Pande, assistant…
Adobe Patches 87 Vulnerabilities in Acrobat Software
The vulnerabilities impact the Windows and macOS versions of Acrobat and Acrobat Reader DC (Continuous and Classic 2015 tracks), and Acrobat and Acrobat Reader 2017 products. The list of security holes includes various types of critical bugs that can lead to arbitrary code execution, including buffer errors, untrusted pointer dereference, use-after-free, and heap overflow. The…
6 Cloud Security Predictions for 2019
In 2018, more organizations adopted cloud computing, and at a rapidly growing pace. The main drivers for cloud were high efficiency, easier and faster deployments, and, of course, scalability. But from a security perspective, the speedy adoption of cloud computing is forcing security professionals to learn about new challenges, cloud-specific risks, and relevant mitigations as…
New Google+ Breach Will Lead to Early Service Shutdown
As vulnerabilities go, it was the best sort: found by internal testing before it led to a security breach. Nevertheless, the latest Google+ software vulnerability was enough to push forward shutting down the service: Google now says it will be shuttered by April 2019 rather than the originally planned August 2019. According to Google, the…
Not all data collection is evil: Don’t let privacy scandals stall cybersecurity
Facebook continues to be criticized for its data collection practices. The media is hammering Google over how it handles data. JPMorgan Chase & Company was vilified for using Palantir software to allegedly invade the privacy of employees. This past June marked the five-year anniversary of The Guardian’s first story about NSA mass surveillance operations. These…