Week in review: Top GDPR compliance risks, DDE attack mitigations, Node.js security
Here’s an overview of some of last week’s most interesting news and articles: Infosec expert viewpoint: Vulnerability patching Vulnerability patching is one of the …
Vault 8: WikiLeaks starts releasing source code of alleged CIA cyber weapons
WikiLeaks is starting a new series of leaks, dubbed Vault 8, containing source code and materials allegedly stolen from the CIA. The Vault 8 leaks will ostensibly cover …
Data exfiltration tool PTP-RAT encodes data in pixel colour values
How to exfiltrate data from a machine that doesn’t have file transfer capabilities or whose Remote Desktop Protocol (RDP) connection has been locked down, making it …
Phishing is a greater threat to users than keyloggers and third-party breaches
When it comes to loosing access to their accounts, phishing is a greater threat to users than keyloggers and third-party breaches, researchers have found. How many valid …
New infosec products of the week: November 10, 2017
Login to Office 365 with your face Nexus Group is the first authentication app supplier to show off logging in with iPhone X Face ID to digital resources on a computer. The …
Eavesdropper vulnerability exposes sensitive corporate communications data
Appthority published research on its discovery of the Eavesdropper vulnerability, caused by developers carelessly hard coding their credentials in mobile applications that use …
Node.js security: Are developers confident in the quality of their code?
A NodeSource and Sqreen joint developer survey of nearly 300 CTOs, CIOs and developers revealed that, while the developer community fully understands the risks of operating in …
Digital business is turning CIOs into leaders
For 82 percent of EMEA CIOs digital business has led to a greater capacity for change and a more open mindset in their IT organization, according to Gartner‘s annual …
Microsoft offers mitigation advice for DDE attacks scenarios
Microsoft has published a security advisorty containing DDE attack mitigation instructions for both users and admins. What’s a DDE attack? For a while now, attackers …
Chrome to start blocking unwanted redirects
“1 out of every 5 feedback reports from Chrome users on desktop mention encountering some type of unwanted content, and we take this feedback seriously when considering …
Extortion-based cyber attacks: The next evolution in profit-motivated attack strategies
Today, data breaches have impacted just about every industry possible. From entertainment to the restaurant industry, no sector or organization appears to be safe, and it has …
Connected technologies will accelerate security threats to healthcare industry
Life sciences and healthcare companies will follow the lead of other industries and integrate connected technologies including Internet of Things (IoT) and intelligent …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments