Microsoft users can ditch password-based logins for phone sign-in 2FA
Microsoft added a new feature to its authenticator app, allowing users to sign into their Microsoft account without having to enter their password. “With phone sign-in, …
Organizations are not effectively dealing with open source security threats
Black Duck conducts hundreds of open source code audits annually, primarily related to Merger & Acquisition transactions. Its Center for Open Source Research & …
How secure are banks and financial services firms?
Many senior bank executives are confident about their cybersecurity strategy, yet a lack of comprehensive, practical testing is leaving gaps in their defense. Accenture …
Oracle fixes Solaris 10 flaw targeted by leaked NSA exploit
Oracle has pushed out a record-breaking 299 fixes for vulnerabilities in its many, many products, and among them is a Solaris 10 bug whose existence has been revealed through …
Hajime IoT worm infects devices to head off Mirai
Mirai is the name of the worm that has taken control of many IoT devices around the world and used them to mount DDoS attacks, the most high-profile of which was directed …
InterContinental confirms card data breach at over 1,000 locations
InterContinental Hotels Group (IHG) has reported last week that a huge number of their hotels in the US and Puerto Rico have been compromised with payment card …
Cyber risk issues resonating in boardrooms
The Cyentia Institute used in-depth surveys and interviews with corporate board members and CISOs to identify specific cyber risk issues resonating in boardrooms. More talk of …
Cryptographic security risks are amplified in DevOps settings
Cryptographic security risks are amplified in DevOps settings, where compromises in development or test environments can spread to production systems and applications, …
Shadow Brokers data dump reveals yet another NSA-Stuxnet link
When the Shadow Brokers dumped on Friday another batch of data allegedly stolen from the Equation Group, which has been linked to the NSA, security researchers dove right in. …
BankBot Trojan found lurking on Google Play
As predicted earlier this year, the leaking of the source code and instructions for creating a potent Android banking Trojan has resulted in a surge of malware based on it. …
One in five UK businesses suffered a cyber attack in the past year
One in five businesses have fallen victim to cyber attacks in the past year, according to the British Chambers of Commerce (BCC). The survey of more than 1,200 businesses …
Fake LinkedIn emails phishing job seekers
Fake LinkedIn emails are hitting inboxes, trying to get recipients to hand over their CVs. The scammers are trying to impersonate the popular employment-oriented social …
Featured news
Resources
Don't miss
- Why we must go beyond tooling and CVEs to illuminate security blind spots
- Making security and development co-owners of DevSecOps
- Review: Passwork 7.0, self-hosted password manager for business
- What a mature OT security program looks like in practice
- Machine unlearning gets a practical privacy upgrade