How lucrative is web-based cryptojacking?
1 out of 500 of the one million most visited websites according to Alexa contains a web-based cryptominer that starts mining as soon as the website has been opened in the …
New infosec products of the week: August 31, 2018
Moogsoft announces Observe expanding its AIOps platform capabilities Moogsoft Observe ingests time-series and metrics data in real-time and applies AI to detect incidents at …
Wireshark can be crashed via malicious packet trace files
The Wireshark team has plugged three serious vulnerabilities that could allow an unauthenticated, remote attacker to crash vulnerable installations. According to Cisco …
EU telecoms suffered 169 major security incidents in 2017
ENISA, EU’s agency for network and information security, has released a report on major telecom security incidents that occurred in the EU in 2017. About the report …
The anatomy of fake news: Rise of the bots
Spreading misinformation has become a mainstream topic to the extent that even the term ‘Twitter bot’ is a well-recognised term establishing itself into the modern lexicon. …
80% of enterprises struggle to protect machine identities
Ninety-six percent of companies believe that effective protection of machine and human identities are equally important to the long-term security and viability of their …
Yahoo woos advertisers with email scanning for targeted ad delivery
While most tech companies that offer free email services are moving away from email scanning as a source of information for advertisers to target users more efficiently, Oath …
Air Canada confirms mobile app data breach, passport numbers were accessed
Air Canada has suffered a data breach and is forcing a password reset on all 1.7 million users of its mobile app, though apparently only 20,000 of the mobile app accounts were …
Why pushback on the CCPA is wrong
Since GDPR was implemented on May 25th, 2018 one big question has been lurking in the U.S.: When will the U.S. Federal Government follow suit? With the spate of breaches over …
Healthcare CISOs: Manage infosec risks and safeguard patient safety
Prominent CISOs from leading health systems and providers throughout the country have come together to establish the Provider Third Party Risk Management Council to develop, …
Old “Misfortune Cookie” flaw opens medical gateway and devices to attack
A vulnerability in Qualcomm Life Capsule Datacaptor Terminal Server (DTS) can be easily exploited to allow attackers to execute unauthorized code to obtain administrator-level …
WhatsApp warns that Google Drive backups are not encrypted
Facebook-owned WhatsApp has recently announced that, starting on November 12, 2018, Android users will be able to store their WhatsApp backups on Google Drive without the …