data

Network Security

Issued by: Help Net Security

Amazon Web Services (AWS) has made available three new S3 (Simple Storage Service) security and access control features: Object Ownership Bucket Owner Condition Copy API via Access Points Object Ownership Object Ownership is a permission that can be set when creating a new object within an S3 bucket, to enforce the transfer of new object…

Network Security

Issued by: Help Net Security

A Case Western Reserve University computer and data sciences researcher is working to shore up privacy protections for people whose genomic information is stored in a vast global collection of vital, personal data. Erman Ayday pursued novel methods for identifying and analyzing privacy vulnerabilities in the genomic data sharing network known commonly as “the Beacons.”…

Vulnerabilities

Issued by: CSO

8 top open source intelligence tools

OSINT, or open source intelligence, is the practice of collecting information from published or otherwise publicly available sources. OSINT operations, whether practiced by IT security pros, malicious hackers, or state-sanctioned intelligence operatives, use advanced techniques to search through the vast haystack of visible data to find the needles they’re looking for to achieve their goals—and…

Network Security

Issued by: Help Net Security

Recommendations to enhance subscriber privacy in 5G

There are clear benefits of 5G SIM capabilities to protect the most prominent personal data involved in mobile communications, according to the Trusted Connectivity Alliance. Addressing privacy risks The IMSI, known as a Subscription Permanent Identifier (SUPI) in 5G, is the unique identifier allocated to an individual SIM by an MNO. Despite representing highly personal…

Vulnerabilities

Issued by: Security Week

The most important of these is a cross-site scripting (XSS) flaw in the Knowledge Management component of NetWeaver. Tracked as CVE-2020-6284 and featuring Hot News priority, the issue has a CVSS score of 9. A default component of all SAP Enterprise Portal installations, Knowledge Management allows users to manage data sources in multiple formats, to…

Application Security

Issued by: Help Net Security

One of your employees needs access to part of your customer database so he can fulfill an urgent reporting request. You’re busy and this employee is trustworthy, so you grant him administrative status. Simple solution, right? You’ll revoke it later when you’re done with the other 600 critical things you’re working on right now. Right?…

Malware & Threats

Issued by: Help Net Security

Credit card details, online banking logins, and social media credentials are available on the dark web at worryingly low prices, according to Privacy Affairs. Online banking logins cost an average of $35 Full credit card details including associated data cost $12-20 A full range of documents and account details allowing identity theft can be obtained…

Network Security

Issued by: Help Net Security

Not all IT budgets are being cut, some are increasing

At a high level—and contrary to conventional wisdom – not all IT budgets are being cut. Even with the economic challenges that COVID-19 has posed for businesses, almost 38 percent of enterprises are keeping their IT budgets unchanged (flat) or actually increasing them. Yellowbrick Data received responses from more than 1,000 enterprise IT managers and…