Security

0 Comments
Free VPN software provider BeanVPN has reportedly left almost 20GB of connection logs accessible to the public, according to an investigation by Cybernews. The cache of 18.5GB connection logs allegedly contained more than 25 million records, which included user device and Play Service IDs, connection timestamps, IP addresses and more. Cybernews said it found the
0 Comments
A new report by Telstra Purple’s security forum ClubCISO suggested material security has significantly improved over the last year, driven by a positive shift in organizational influence by chief information security officers (CISOs). The survey analyzed the answers of more than 100 information security executives from private and public organizations worldwide. The majority (54%) said that “no material
0 Comments
Apple CEO Tim Cook wrote a letter to the US Senate last week to call for stronger privacy legislation at the federal level. The letter, which was first obtained by MacRumors, comes after the release of a draft of the “American Data Privacy and Protection Act” (ADPPA) bipartisan bill. The drafted legislation examines and discusses several facets of
0 Comments
There has been much activity in recent years around the use of blockchain to provide more integrity and privacy to transactions, but there are some privacy issues organizations need to know about. In a session at the RSA Conference 2022, Jim Amsler, director governance, risk and compliance, at BDO and Greg Schu, partner, national compliance lead,
0 Comments
A new advanced persistent threat (APT) actor dubbed Aoqin Dragon and reportedly based in China, has been linked to several hacking attacks against government, education and telecom entities mainly in Southeast Asia and Australia since 2013. The news comes from threat researchers Sentinel Labs, who published a blog post on Thursday describing the decade-long events. “We assess
0 Comments
Threat modeling is an approach that can potentially be overly complicated, but it doesn’t have to be that way, according to Alyssa Miller, business information security officer (BISO) at S&P Global Rating, in a session at the RSA Conference 2022, Miller also explained an approach for plain language threat modeling that can help accelerate DevSecOps efforts.
0 Comments
Bryan Palmer, CEO of Trellix, delivering his keynote at RSA Conference The cybersecurity industry must capitalize on the exodus of technologists leaving their roles in social media companies seeking soulful work by welcoming and converting them. This was the sentiment of Bryan Palmer, CEO of Trellix, as he delivered his keynote on 07 June 2022
0 Comments
Cyber-threat intelligence firm Checkpoint Research (CPR) spotted a critical vulnerability in the Unisoc Tiger T700 chips that power the Motorola Moto G20, E30 and E40 smartphones. The components, which replaced MediaTek’s chips in the aforementioned devices due to global shortages, have been marked as threat vectors due to a stack overflow vulnerability. More specifically, due to
0 Comments
Global healthcare organizations (HCOs) experienced a 94% year-on-year surge in ransomware attacks last year, with almost twice as many electing to pay their extorters, according to new data from Sophos. The security vendor commissioned Vanson Bourne to compile its report, The State of Ransomware in Healthcare 2022, from interviews with 381 IT pros in 31
0 Comments
Connecticut Governor Ned Lamont officially signed into law the Public Act No. 22-15, titled ‘An Act Concerning Personal Data Privacy and Online Monitoring’ on May 10. Commonly referred to as the Connecticut Privacy Act (CTPA), the new legislation provides consumers with enhanced privacy rights, including the right of access, rectification and deletion of data. It also provides the
0 Comments
by Paul Ducklin Software development and colloboration toolkit behemoth Atlassian is warning of a dangerous zero-day in its collaboration software. There’s no alert about the bug visible on the company’s main web page, which features the company’s best-known tools JIRA (an IT ticketing system) and Trello (a discussion board), but you’ll find Confluence Security Advisory
0 Comments
The latest phase of the UK government-backed Digital Security by Design (DSbD) program will see 10 companies experimenting with prototype cybersecurity technology designed to radically strengthen computers’ underlying hardware. The technology, developed by semiconductor and software design company Arm in collaboration with researchers from the University of Cambridge, is known as Capability Hardware Enhanced RISC Instructions (CHERI). This
0 Comments
Europol’s European Cybercrime Centre (EC3) announced the execution of an international law enforcement operation that involved 11 countries and resulted in the takedown of the so-called “FluBot” Spyware. The technical achievement reportedly followed an investigation involving law enforcement authorities of Australia, Belgium, Finland, Hungary, Ireland, Spain, Sweden, Switzerland, the Netherlands, and the United States and
0 Comments
Anonymous-affiliated collective Spid3r claims to have attacked Belarus’ government websites in retaliation for the country’s alleged support of Russia’s invasion of Ukraine. The group made the announcement on Twitter, publishing screenshots of various websites connected with the Belarus state being down, including the Ministry of Communications, the Ministry of Justice and the Ministry of Economy. In