Vulns & Alerts
March 12, 2015 Added by:Brian Prince
Access to the personal email server used by former U.S. Secretary of State Hillary Clinton was not encrypted or authenticated by a digital certificate for the first three months of her term, research from security firm Venafi has found.
March 12, 2015 Added by:Danny Lieberman
A 2011 HIPAA patient privacy violation in Canada, where an imaging technician accessed the medical records of her ex-husband’s girlfriend is illustrative of unauthorized disclosure of patient information by authorized people.
March 10, 2015 Added by:Neohapsis
The old advice to disable the auto-play function in Windows is new again, so take a moment and go to Control Panel – AutoPlay and either change the AutoPlay options to “Take no action,” or disable the feature completely.
March 05, 2015 Added by:Brian Prince
One takedown at a time, security researchers and law enforcement were able to make a dent in financial cyber-crime last year.
EFF Joins Civil Society and Computer Security Experts to Call for Rejection of Flawed Cybersecurity Legislation
March 05, 2015 Added by:Electronic Frontier Foundation
EFF has joined 26 civil society organizations and 22 computer security experts in a letter that calls on the Senate Select Committee on Intelligence to reject the Cybersecurity Information Sharing Act of 2015 (CISA).
March 03, 2015 Added by:Robert Vamosi
To better combat the increasing use of the Dark Web for illegal purposes, DARPA, the U.S. military’s Defense Advanced Research Projects Agency, is building a search engine known as Memex for law enforcement use.
March 03, 2015 Added by:Tripwire Inc
Financial gain or fraud was the primary driver of the 11,698 instances of insider privilege abuse – defined as any unapproved or malicious use of organization resources – in last year’s Verizon Data Breach Investigations Report.
February 26, 2015 Added by:Joe Weiss
I have felt that the insurance companies can be a major player in driving the need to adequately secure control systems.
February 25, 2015 Added by:Cyphort
Cyphort Labs has collected and analyzed a highly advanced piece of malware, which for all intents and purposes seems to be a full blown cyber espionage tool of the kind a nation state would be behind.
February 24, 2015 Added by:Brian Prince
According to the latest edition of Hewlett-Packard's Cyber Risk Report, 44 percent of known breaches in 2014 came from vulnerabilities that were between two and four years old.
February 23, 2015 Added by:Eduard Kovacs
Telegram, the popular cross-platform messaging app said to be built with a focus on speed and security, is plagued by some serious vulnerabilities that can be exploited to gain access to users’ messages, researchers reported on Monday.
February 18, 2015 Added by:Eduard Kovacs
According to Hector Marco, a Spain-based security researcher, an attacker can remotely launch a denial-of-service (DoS) attack against a user by sending them a specially crafted email.
February 16, 2015 Added by:Eduard Kovacs
A new report published by Alcatel-Lucent’s Motive Security Labs estimates that 16 million mobile devices were infected with malware in 2014.
February 11, 2015 Added by:Patrick Oliver Graf
Two years ago almost to the day, months before cyberattacks entered the world’s collective consciousness, the European Union took the bold step of publishing an ambitious cybersecurity strategy. The strategy aims to outline the best path forward for identifying and responding to emerging digital threats.
Anthem Breach: How Hackers Stole Credentials and Why Two-Factor Authentication May Help Prevent Future Phishing Scams
February 09, 2015 Added by:Thu Pham
If the Anthem attack was carried out as the result of using a single password, their access security wasn’t up to industry standards. Two-factor authentication may have thwarted attacks by requiring the use of a personal device to verify the identity of a system administrator or other technical employee with access to their database of millions of sensitive records.
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015