Increased Focus on iOS Hacking Leads to Drop in Exploit Prices
Exploit acquisition company Zerodium announced last week that it would no longer be buying certain types of iOS exploits for the next 2-3 months due to surplus. It also announced that prices for iOS exploit chains that require some user interaction and don’t provide persistence will likely drop in the near future. Furthermore, Zerodium’s CEO…
Security and the rapidly growing importance of mobile apps
Organizations are under more pressure than ever before to rapidly produce both new apps and updates to existing apps, not only because it’s essentially the only way they can interact with their customers, but also because there will be a flood of new users who previously relied on physical locations to conduct their business. Continuous…
Security threats associated with shadow IT
As cyber threats and remote working challenges linked to COVID-19 continue to rise, IT teams are increasingly pressured to keep organizations’ security posture intact. When it comes to remote working, one of the major issues facing enterprises is shadow IT. End users eager to adopt the newest cloud applications to support their remote work are…
COVID-19 online fraud trends: Industries, schemes and targets
The telecommunications, retail and financial services industries have been increasingly impacted by COVID-19 online fraud, according to TransUnion. From a consumer perspective, Millennials have been most targeted by fraudsters using COVID-19 scams. Overall, the percent of suspected fraudulent digital transactions rose 5% from March 11 to April 28 when compared to Jan. 1 to March…
New software enables existing sensors to detect ransomware
Engineers from SMU’s Darwin Deason Institute for Cybersecurity have developed software to detect ransomware attacks before attackers can inflict catastrophic damage. Ransomware is crippling cities and businesses all over the world, and the number of ransomware attacks have increased since the start of the coronavirus pandemic. Attackers are also threatening to publicly release sensitive data…
Flaw in WordPress Plugin Grants Access to Google Search Console
The plugin, Site Kit by Google, was designed to provide site admins with information on how people find and use their websites, providing insights from critical Google tools, straight to the WordPress dashboard. The plugin has over 400,000 active installations. The recently identified security flaw, which has already been patched by Google, is rated critical…
How to implement least privilege in the cloud
According to a recent survey of 241 industry experts conducted by the Cloud Security Alliance (CSA), misconfiguration of cloud resources is a leading cause of data breaches. The primary reason for this risk? Managing identities and their privileges in the cloud is extremely challenging because the scale is so large. It extends beyond just human…
Global remote work transitions fail to consider security gaps
Security measures and password best practices have not taken priority in many regions during the shift to remote work due to the COVID-19 pandemic, according to a survey by OneLogin. Nearly 1 in 5 (17.4%) global respondents have shared their work device password with either their spouse or child, potentially exposing corporate data. External threats…
Total number of publicly reported breaches in Q1 2020 down 42% compared to last year
The total number of publicly reported breaches in Q1 2020 has decreased by 42% compared to the same period last year, Risk Based Security reveals. Publicly reported breaches in Q1 2020 drop dramatically compared to 2019 Despite this, the number of records exposed for this quarter skyrocketed to 8.4 billion – a 273% increase compared…
Home workplaces introduce new risks, poor password hygiene
Entrust Datacard released the findings of its survey which highlights the critical need to address data security challenges for employees working from home as a result of the pandemic based on responses from 1,000 US full-time professionals. As social distancing mandates took effect in March 2020, employers found themselves in a massive remote work experiment,…