Week in review: The inconvenient truth about API security, and the perfect exfiltration technique
Here’s an overview of some of last week’s most interesting news and articles: Uninstall QuickTime for Windows today! Trend Micro’s Zero Day Initiative has released …
Short URLs plus cloud services equal bad security
Short URLs are great when they lead to public websites, and documents and files that aren’t meant to remain private, but you should think twice about using them to lead …
VMware plugs critical information-leaking hole
VMware has plugged a critical security issue in the VMware Client Integration Plugin, which could allow for a Man in the Middle attack or web session hijacking in case the …
Microsoft sues US govt for right to tell users when their data is accessed by feds
Microsoft has filed a new lawsuit against the US government, asking the court to permit them to alert their users when their online accounts and the data in them has been …
Uninstall QuickTime for Windows today!
The time has come to deinstall QuickTime from your Windows machine. Trend Micro’s Zero Day Initiative has just released advisories (ZDI-16-241 and ZDI-16-242) detailing …
The rise of threat hunting
85 percent of enterprises have already adopted some form of threat hunting to aggressively track and eliminate cyber adversaries as early as possible. This proactive model …
EU approves new data protection rules
Members of the European Parliament have given their final approval for the new General Data Protection Regulation (GDPR). Parliament’s vote ends more than four years of work …
Trust is the key to cloud adoption
Intel Security released a global report advocating the need for technology vendors to help businesses, governments and consumers understand the implications surrounding …
Blackhole exploit kit author sentenced
Dmitry Fedotov, aka “Paunch”, the creator of the infamous Blackhole and Cool exploit kits, has been sentenced to spend 7 years in prison, Russian news agency TASS …
Why few US consumers penalize hacked companies?
About a quarter of American adults reported that they were notified about their personal information being part of a data breach in the previous year, but only 11 percent of …
Cisco UCS servers can be hijacked with malicious HTTP request
A data center server platform running Cisco’s Unified Computing System (UCS) Central Software can be compromised by unauthenticated, remote attackers with a single, …
EU privacy watchdogs not satisfied with the EU-US Privacy Shield
The Article 29 Working Party – an advisory body composed of representatives of the data protection authority of each EU Member State, the European Data Protection …