Average DDoS attack volumes grew by 194% in 12 months

The volume and complexity of DDoS attacks continued to grow in Europe during the final quarter of 2018, according to Link11. While Link11’s Security Operations Center (LSOC) registered 13,910 attacks in Q4 (12.7% down compared to Q3), the average attack volume grew by 8.7% to 5Gbps, and 59% of attacks used multiple attack vectors. Key…

Apple Patches FaceTime Spying Vulnerability

Apple described the flaw, tracked as CVE-2019-6223, as a logic issue in the handling of Group FaceTime calls. The company says the problem has been addressed with “improved state management.” The bug allowed an attacker to spy on FaceTime users by calling the targeted user and adding the attacker’s own number to a group chat….

4 Payment Security Trends for 2019

Visa’s chief risk officer anticipates some positive changes ahead. Change that leads to improvement is usually good, in my opinion, and in my role at Visa, I anticipate some healthy changes ahead for the payment industry. Of course, no one can perfectly predict what is to come, but here is my take on four notable…

Consumers Care About Security – Sometimes

Consumer concern about cybersecurity and privacy is very real but not evenly distributed, a new report shows: while passwords and financial information are worrying for everyone, concern about other information varies widely depending on the individual’s age, gender, and national origin. The RSA Data Privacy & Security Survey 2019 of more than 6,000 adults contains…

What do successful pentesting attacks have in common?

In external penetration testing undertaken for corporate clients in industrial, financial, and transport verticals in 2018, Positive Technologies found that, at the vast majority of companies, there were multiple vectors in which an attacker could reach the internal network. Full control of infrastructure was obtained on all tested systems in internal pentesting. In addition, the…

Mitigating the Security Risks of Cloud-Native Applications

Containers represent the most significant computing advancements for enterprise IT since VMware introduced its first virtualization product, Workstation 1.0, in 1999. They enable organizations to build, ship, and run applications faster than ever, fueling the rise of the DevOps movement. It’s important for CISOs to realize that while containers can create more secure application development…

Cybercriminals Exploit Gmail Feature to Scale Up Attacks

Some cybercriminals are taking advantage of a long-standing feature in Google Gmail designed to enhance account security, to create multiple fraudulent accounts on various websites quickly and at scale, security vendor Agari said this week. The feature, which some have warned about previously, basically ensures that all dotted variations of a Gmail address belong to…

Four differences between the GDPR and the CCPA

By passing the California Consumer Privacy Act (CCPA), which goes into effect on January 1, 2020, the Golden State is taking a major step in the protection of consumer data. The new law gives consumers insight into and control of their personal information collected online. This follows a growing number of privacy concerns around corporate…