PCI DSS 3.1 released
The PCI Security Standards Council (PCI SSC) published PCI Data Security Standard (PCI DSS) Version 3.1 and supporting guidance. The revision includes minor updates and …
Attorney claims cops planted spying malware on drive containing evidence
Police force using malware in investigation is not an unheard-of situation but, according to an affidavit filed in a whistle-blower case against the Fort Smith Police …
How can defenders gain advantage in the 0day market?
According to MIT, Harvard, and HackerOne researchers, the answer is not throwing more money at bug hunters, but incentivize them to find the the same vulnerabilities that the …
Google blocks Java plugin in new Chrome by default
Google has released Chrome 42 to the stable channel, and among the changes announced is one that will automatically block Oracle’s Java plugin and other plugins that use …
Adobe fixes Flash Player zero-day exploited in the wild
Adobe released a new version of Flash Player (17.0.0.169) for Windows and Macintosh, and for Linux (11.2.202.457). These security updates fix a host of critical …
Microsoft releases 11 security bulletins
Administrators and security teams are in for a busy day tackling 11 Microsoft security bulletins, Adobe updates and Oracle has pre-announced that their quarterly update …
New trend in cybercriminal activity: APT wars
Kaspersky Lab has recorded a rare and unusual example of one cybercriminal attacking another. In 2014, Hellsing, a small and technically unremarkable cyberespionage group …
Lack of skilled infosec pros creates high-risk environments
82 percent of organizations expect to be attacked in 2015, but they are relying on a talent pool they view as largely unqualified and unable to handle complex threats or …
Key trends for risk-prone behavior in the workforce
Businesses are ill prepared for the high-risk, high-growth mindset of the GenMobile workforce, creating alarming disparity around security practices in the corporate world. …
Compromised credentials haunt cloud app usage
Netskope found that more than seven out of ten uploads from users with compromised accounts are to apps with a “poor” rating in the Netskope Cloud Confidence …
Misconfigured DNS servers may leak domain info, warns US-CERT
US-CERT is urging administrators of Domain Name System servers to check whether their machines are misconfigured to respond to global Asynchronous Transfer Full Range (AXFR) …
Former lottery infosec head accused of hacking computers to buy winning ticket
The former head of information security at the Multi-State Lottery Association (MUSL), who was arrested in January 2015, stands accused of having tampered with the computer …
Featured news
Sponsored
Don't miss
- Scout Suite: Open-source cloud security auditing tool
- Steps to improve quality engineering and system robustness
- Critical 1Password flaws may allow hackers to snatch your passwords (CVE-2024-42219, CVE-2024-42218)
- “0.0.0.0-Day” vulnerability affects Chrome, Safari and Firefox
- NIS2: A catalyst for cybersecurity innovation or just another box-ticking exercise?