The future of Identity Management: Passwords and the cloud
Compromised credentials are still the cause of almost a quarter of all data breaches, according to the Cloud Security Alliance. With a surge in cybercrime, it’s no wonder that …
65 million Tumblr users’ email addresses, passwords sold on dark web
Email addresses and hashed and salted passwords of 65 million Tumblr users are being sold online by “peace_of_mind,” aka “Peace”, the individual that …
Global profiles of the typical fraudster
Technology is an important tool to help companies fight fraud, but many are not succeeding in using data analytics as a primary tool for fraud detection. Meanwhile, fraudsters …
Check Point finds dangerous vulnerabilities in LG mobile devices
Check Point found two vulnerabilities which can be used to elevate privileges on LG mobile devices to attack them remotely. These vulnerabilities are unique to LG devices, …
Hacker imprisoned for stealing Bitcoin, selling botnet on Darkode
A Louisiana man was sentenced to 12 months and one day in prison for using a computer to steal money, hacking computers to obtain passwords, and attempting to sell information …
Payment Application Data Security Standard 3.2 released
The PCI Security Standards Council (PCI SSC) published a new version of its data security standard for payment software, the Payment Application Data Security Standard …
Five tips to avoid getting hit by ransomware
Ransomware has emerged as the predominant online security threat to home users and small businesses. Delivered through spam or phishing emails that trick users into clicking …
SANS maps SAP cybersecurity to the CIS Critical Security Controls list
The CIS Critical Security Controls are a set of internationally recognized standards outlining the most important cyber hygiene actions that every organization should …
Growing advanced threats will augment the IT security market through 2020
Research analysts are forecasting positive growth for many segments of the global IT security market over the next four years as several markets including BYOD security, …
Week in review: API security, keyloggers disguised as USB device chargers, online tracking
Here’s an overview of some of last week’s most interesting news and articles: Faulty TLS implementation opens VISA sites, users to attack A group of researchers …
ICS-CERT warns about vulnerable SCADA system that can’t be updated
A web-based SCADA system deployed mainly in the US energy sector sports vulnerabilities that may allow attackers to perform configuration changes and administrative operations …
Faulty TLS implementation opens VISA sites, users to attack
A group of researchers has discovered 184 HTTPS servers that are wide open to attackers looking to inject seemingly valid content into encrypted sessions. Some of these …
Featured news
Resources
Don't miss
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364)
- OSPS Baseline: Practical security best practices for open source software projects
- Understanding the AI Act and its compliance challenges
- The art of balancing data security with business goals
- Debunking 5 myths about network automation