Data Protection

Cloud Security

Issued by: Security Week

Amazon Adds New Encryption, Security Features to S3

Amazon announced this week that it has added five new security and encryption features to its Simple Storage Service (S3), including one that alerts users of publicly accessible buckets. Improperly configured S3 buckets can expose an organization’s sensitive files, as demonstrated by several recent incidents involving companies such as Viacom, Verizon, Accenture, Booz Allen Hamilton,…

Network Security

Issued by: Help Net Security

The clock is ticking on GDPR: Is your business ready?

Despite having almost two years to prepare for the General Data Protection Regulation (GDPR), there are companies across the globe that have done little, if anything, to avoid the hefty fines for non-compliance, despite being directly affected by the new law. In fact, businesses that fail to comply with the new standards for data collection and…

Malware & Threats

Issued by: Security Week

Kaspersky May Have Found How Russian Hackers Stole NSA Data

Security firm Kaspersky Lab has shared preliminary results from its investigation following media reports that Russian hackers used its software to steal sensitive NSA data from a contractor’s computer back in 2015. The Wall Street Journal reported earlier this month that a threat group working for the Russian government stole information on how the U.S….

Network Security

Issued by: Security Intelligence

In Its Fifth Year, European Cyber Security Month Shows Why Security Is a Shared Responsibility

October is European Cyber Security Month (ECSM). This marks the fifth anniversary of the initiative and builds on the activities started in previous years. The concept of a cybersecurity awareness month began in the U.S. 14 years ago with the aim of promoting cybersecurity for all computer users, from consumers to governments. Over time, many jurisdictions around the…

Network Security

Issued by: Security Week

Security Pros Admit Snooping on Corporate Network: Survey

IT security professionals, particularly executives, often access information that is not relevant to their day-to-day work, according to a new One Identity study focusing on “snooping” on the corporate network. Dimensional Research polled more than 900 IT security professionals on behalf of One Identity. The respondents were from various types of companies in the United…

Malware & Threats

Issued by: Security Week

Tech Giants Warn of Crypto Flaw in Infineon Chips

Microsoft, Google, HP, Lenovo and Fujitsu have warned customers of a potentially serious crypto-related vulnerability affecting some chips made by German semiconductor manufacturer Infineon Technologies. TPM vulnerability allows attackers to obtain private RSA keys The flaw, tracked as CVE-2017-15361, is related to the Trusted Platform Module (TPM), an international standard designed for protecting crypto processes…

Network Security

Issued by: Kaspersky Blog

What Mr. Robot can teach us all about security

Mr. Robot has won the hearts and captured the minds of a lot of people around the globe by showing a captivating view of the information security world — and how vulnerable we all are to cyberattacks. When you see how main character Elliot and the hacker group fsociety hack whole corporations, never mind just…

Application Security

Issued by: Security Week

macOS High Sierra Update Patches Keychain Access Flaw

An update released on Thursday by Apple for its macOS High Sierra operating system patches two vulnerabilities, including one that allows malicious applications to steal passwords from the Keychain. The Keychain flaw, tracked as CVE-2017-7150, was disclosed last week by Patrick Wardle, director of research at Synack. Apple has now addressed the issue with the release of High…

Application Security

Issued by: Help Net Security

The privacy implications of email tracking

Emails are a widely used means for third parties to tie your email address to your activities across the web, Princeton University researchers have discovered. The extent of email tracking Email tracking was originally aimed at allowing senders to know whether the recipient has read the sent email. Unfortunately, many third parties also receive this…