New password recovery scam hitting Gmail, Outlook and Yahoo Mail users
A simple yet ingenious scam is being used by scammers to compromise accounts of Gmail, Outlook and Yahoo Mail users, Symantec researcher Slawomir Grzonkowski warns.“To …
Open source security projects get $452,000 from the Linux Foundation
The Core Infrastructure Initiative (CII), a project managed by The Linux Foundation that enables technology companies, industry stakeholders and esteemed developers to …
Many popular Android apps fail to encrypt login credentials
Using encryption to protect mobile traffic and especially the exchange of credentials between the user and company servers should be a must in this day and age. Unfortunately, …
Week in review: Rethinking security, LastPass breach, and stronger data protection rules for Europe
Here’s an overview of some of last week’s most interesting news, podcasts and articles:How data-centric security worksIn this podcast recorded at Infosecurity …
Linux container security and certification concerns remain
While container adoption is likely to surge in the next few years, concerns around security, certification and adequate skills remain, according to Red Hat.A survey of more …
How engaged is the average board when it comes to security?
Tripwire evaluated the attitudes of executives as they relate to cybersecurity risk decision-making and communication between IT security professionals, executive teams and …
New Drupal versions fix admin account hijack flaw
New versions of popular open source content management system Drupal are out, and fix a series of vulnerabilities, including a critical one that can result in an attacker …
Static encryption keys affect SAP security
Yesterday, Dmitry Chastukhin, Director of Professional Services at ERPScan, presented a report on the latest SAP security trends at the Black Hat Sessions conference in the …
EFF delves into privacy practices of Apple, Google, Twitter, and others
Our digital lives are leaving data trails through social networking sites, email providers, Internet service providers, and mobile apps. But which companies fight the hardest …
Microsoft’s anti-surveillance website was hacked
Digital Constitution – a dedicated website Microsoft set up to keep users informed of its efforts to counter US government’s attempts to access customer emails the …
Why LinkedIn chose to keep its bug bounty program private
Bug bounty programs have become de rigueur for tech and Internet companies that want to improve the security of their products by (partly) outsourcing bug discovery. But while …
Reddit announces switch to HTTPS-only
With a short note posted on the site’s developers subreddit, reddit – the so-called “front page of the internet” – has announced that starting with …
Featured news
Sponsored
Don't miss
- Critical 1Password flaws may allow hackers to snatch your passwords (CVE-2024-42219, CVE-2024-42218)
- “0.0.0.0-Day” vulnerability affects Chrome, Safari and Firefox
- NIS2: A catalyst for cybersecurity innovation or just another box-ticking exercise?
- Microsoft 365 anti-phishing alert “erased” with one simple trick
- “Perfect” Windows downgrade attack turns fixed vulnerabilities into zero-days