Finally, enterprise-wide encryption strategies increase!
New research by the Ponemon Institute captures how organizations around the world are dealing with compliance, increased threats, and the implementation of encryption to …
Pressures security professionals face have become more personal
While 53% of security professionals report increased pressure in trying to secure their organization, there has been a shift in the source of this stress, according to …
SAP closes critical vulnerability affecting TREX
SAP closed a critical vulnerability for an issue that was exposed for almost two years. The vulnerability (SAP Security Note 2419592) affects TREX, a SAP NetWeaver standalone …
Attackers can steal smartphone users’ PINs by tapping into data collected by mobile sensors
Researchers have demonstrated that a malicious website or app could work out smartphone users’ PINs or passwords based just on the data collected by various motion …
CLDAP reflection attacks generate up to 24 Gbps of traffic
Akamai researchers Jose Arteaga and Wilber Majia have identified a new Connection-less Lightweight Directory Access Protocol (CLDAP) reflection and amplification method. CLDAP …
Ewind Android adware is actually a full-fledged Trojan
Palo Alto Networks researchers have analyzed a string of legitimate-looking Android apps and have discovered that the adware included in them has the potential to do much more …
Mobile payment card cloning: Understanding the risks
Mobile contactless payments have grown exponentially and Host Card Emulation (HCE) – the possibility to emulate payment cards on a mobile device, without dependency on special …
Cybersecurity: To automate or not to automate?
There are seven vital automated IT security applications that will function as the stepping stones necessary to advance cybersecurity in the new world of artificial …
Hacking tools in Vault 7 data dump linked to prolific cyber espionage group
While security researchers and companies go through the collection of hacking tools contained in the data dump that the Shadow Brokers failed to sell, Symantec has tied …
Similarities in partial fingerprints may trick biometric security systems
No two people are believed to have identical fingerprints, but researchers at the New York University Tandon School of Engineering and Michigan State University College of …
How fraudsters stole millions with the help of a legitimate online tool
Identity thieves have managed to steal $30 million from the US Internal Revenue Service by taking advantage of an online tool designed to help students fill out financial aid …
MS Office zero-day is used to infect millions of users with Dridex
The still unpatched MS Office zero-day vulnerability publicized by McAfee and FireEye researchers this weekend is being exploited to deliver the infamous Dridex banking …
Featured news
Resources
Don't miss
- Avoiding vendor lock-in when using managed cloud security services
- The CISO’s dilemma of protecting the enterprise while driving innovation
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)
- Account takeover detection: There’s no single tell
- Man vs. machine: Striking the perfect balance in threat intelligence