How US, UK SMBs keep company passwords safe
AVG’s Business division has asked 381 of their small-to-medium business customers in the US and UK sixteen questions about their password-protection policies and …
GhostMail stops providing secure comms to individual users
Encrypted email, chat and storage service GhostMail will no longer provide its services to individual users. Instead, it will concentrate on the enterprise market. In an email …
Data of 200 million Yahoo users offered for sale
Data of some 200 million Yahoo users has been offered for sale on the TheRealDeal dark web market by “peace_of_mind” (aka “Peace”). Even though Yahoo is yet to confirm whether …
UK banks ramp up account security with voice recognition tech
British banking and financial services multinational Barclays has announced that it is introducing voice recognition technology for all personal banking customers, so that …
Managed threat hunting service evicts adversaries from enterprise networks
Accenture and Endgame have created a threat hunting service for clients, and will be demonstrating how it works at Black Hat USA 2016. The service is based on Endgame’s …
36000 SAP systems exposed online, most open to attacks
ERPScan released the first comprehensive SAP Cybersecurity Threat Report, which covers three main angles: Product Security, Implementation Security, and Security Awareness. …
ThreadFix: Software vulnerability aggregation and management system
ThreadFix is a software vulnerability aggregation and management system that helps organizations aggregate vulnerability data, generate virtual patches, and interact with …
Armor Anywhere: Managed security for any cloud
As growing businesses increasingly rely on public, private and hybrid cloud platforms in addition to internal infrastructures, at Armor is launching Armor Anywhere to keep …
Kaspersky Safe Browser iOS app sports MITM SSL certificate bug
Security researcher David Coomber has unearthed a vulnerability (CVE-2016-6231) in the Kaspersky Safe Browser iOS app that effectively contradicts its name. As it turns out, …
QRLJacking: A new attack vector for hijacking online accounts
We all know that scanning random QR codes is a risky proposition, but a newly detailed social engineering attack vector dubbed QRLJacking adds another risk layer to their use. …
Interpol arrests Nigerian scam mastermind who stole $60 million
The head of an international criminal network behind thousands of online frauds has been arrested in a joint operation by INTERPOL and the Nigerian Economic and Financial …
Innovative techniques allow malvertising campaigns to run for years
A threat actor dubbed AdGholas has been mounting successful malvertising campaigns by using innovative targeting and obfuscation techniques, and has been infecting thousands …
Featured news
Resources
Don't miss
- Why we must go beyond tooling and CVEs to illuminate security blind spots
- Making security and development co-owners of DevSecOps
- Review: Passwork 7.0, self-hosted password manager for business
- What a mature OT security program looks like in practice
- Machine unlearning gets a practical privacy upgrade