Weak DevOps cryptographic policies increase financial services cyber risk
Cryptographic security risks are amplified in DevOps settings, where compromises in development or test environments can spread to production systems and applications. This is …
OneLogin suffers data breach, again
OneLogin, a popular single sign-on service that allows users to access thousands of popular cloud-based apps with just one password, has suffered what seems to be a serious …
Fireball malware infected 250 million computers worldwide
Check Point researchers discovered a high volume Chinese threat operation which has infected over 250 million computers worldwide. The installed malware, named Fireball, takes …
Intelligence data, security credentials found exposed in the Amazon cloud
A data cache containing highly sensitive US military data has inadvertently been exposed online, UpGuard cyber risk analyst Chris Vickery has discovered last week. After …
Hackers hosted tools on a Stanford University website for months
Compromising legitimate websites and the web servers that store and deliver them is a time-honoured tactic of opportunistic hackers, and a failure to keep them out can result …
Ready or not, IoT third party risks are here
A new survey conducted by The Ponemon Institute uncovered a high rate of concern among organizations about the security of IoT, yet a gap in understanding of how to mitigate …
Rising volume of attacks overpowers security teams
New research from IDC that shows organizations are constantly under attack and struggling to keep up. The research finds most organizations run time-consuming security …
Half of US firms don’t have cybersecurity insurance
A full 50 percent of US firms do not have cybersecurity insurance, despite the fact that 61 percent of US firms expect the volume of cyber breaches to increase in the next …
Vulnerability affecting 1,000+ apps is exposing terabytes of data
A newly discovered backend data exposure vulnerability, dubbed HospitalGown, highlights the connection between mobile apps and insecure backend databases. Appthority …
Hackers blackmail patients of cosmetic surgery clinic
Hackers have been trying to blackmail patients of a Lithuanian plastic surgery clinic, by threatening to publish their nude “before and after” photos online. The …
Cisco and IBM Security announce services and threat intelligence collaboration
In a new agreement, Cisco and IBM Security will work closer together across products, services and threat intelligence for the benefit of customers. Cisco security solutions …
Attacks within the Dark Web
For six months, Trend Micro researchers operated a honeypot setup simulating several underground services on the Dark Web. The goal of their research was to see if those …
Featured news
Resources
Don't miss
- What a future without CVEs means for cyber defense
- What it really takes to build a resilient cyber program
- How cybercriminals exploit psychological triggers in social engineering attacks
- Key tips to stay safe from deepfake and AI threats
- UK retailers under cyber attack: Co-op member data compromised