PSD2 SCA requirements will be implemented soon, are you ready?
As the second Payment Services Directive continues its rollout, regulations making it obligatory for organisations to implement strong customer authentication (SCA) in online …
Microsoft ADFS flaw allows attackers to bypass MFA safeguards
A vulnerability (CVE-2018-8340) in Microsoft Active Directory Federation Services (ADFS) allows a second authentication factor for one account to be used for all other …
Turning off Location History doesn’t prevent Google from knowing your location
If you believe that by turning off Location History on your Android device or iPhone means that Google won’t be able to know your location, think again: Princeton …
Hack the Marine Corps bug bounty program kicks off
The U.S. Department of Defense (DoD) and HackerOne launched the Department’s sixth bug bounty program, Hack the Marine Corps. The bug bounty challenge will focus on Marine …
Connecting the dots to North Korea as a threat adversary
Reports of malware campaigns invariably focus on two critical conclusions: attribution and who was the intended target of the attack. It is challenging to draw swift …
Three A’s of SaaS adoption, and why every company goes through them
I’ve noticed that as more and more companies turn to SaaS applications to power their business, they all experience the same journey along the way, more or less. Everyone goes …
10,644 vulnerabilities disclosed in the first half of 2018
There have been 10,644 vulnerabilities disclosed through June 30th, according to Risk Based Security’s 2018 Mid Year VulnDB QuickView report. This is the highest number …
Five key security tips to avoid an IoT hack
Recently, Russian PIR Bank lost $1,000,000 because of a compromised router that allowed hackers to gain entry into their local network. Why did it happen and how companies can …
Election systems should be considered critical infrastructure
93 percent of security professionals are concerned about cyber-attacks targeting election infrastructure and data, and 81 percent believe cyber criminals will target election …
Vulnerabilities in smart card drivers open systems to attackers
Security researcher Eric Sesterhenn of X41 D-SEC GmbH has unearthed a number of vulnerabilities in several smart card drivers, some of which can allow attackers to log into …
Critical vulnerability in Oracle Database, patch without delay!
Oracle is urging users to patch their Oracle Database installations to plug a critical security issue that can result in complete compromise of the Oracle Database and shell …
Criminals can compromise company networks by sending malicious faxes
Check Point has revealed details about the two critical remote code execution vulnerabilities (CVE-2018-5924, CVE-2018-5925) it discovered in the communication protocols used …
Featured news
Resources
Don't miss
- 8Base ransomware group leaders arrested, leak site seized
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200)
- Arvest Bank CISO on building a strong cybersecurity culture in banking
- Review: Inside Cyber Warfare, 3rd Edition
- How to detect and disable Apple AirTags that might be tracking you