CISO at U.S. Bank offers tips for secure online purchasing
The thrill and chaos of holiday shopping has started, and unfortunately with that comes the inherent risk of fraud. With an increased threat of digital fraud, what can …
How UK businesses plan to tackle security threats in 2016
81% UK IT decision makers experienced some sort of data or cyber security breach in their organisation in 2015, according to training company QA. 66 per cent said that the …
Week in review: Dell computers shipped with root CA cert and private key, analytics services tracking users via Chrome extensions
Here’s an overview of some of last week’s most interesting news and articles:Four ways an attacker can infiltrate an organization by diverting security …
More than 900 embedded devices share hard-coded certs, SSH host keys
Embedded devices of some 50 manufacturers has been found sharing the same hard-coded X.509 certificates (for HTTPS) and SSH host keys, a fact that can be exploited by a …
Linux crypto ransomware continues to wreak havoc, but there’s some good news
Trojan Encoder crypto ransomware family, whose main target are web servers running on Linux, is obviously making quite a splash. Dr. Web, the security company that first …
GPS faker software broadcasts spam across thousands of fake profiles
Different from traditional email spam, social spam can reach a large audience by nature of the platform and can appear trustworthy since it is coming from people in your …
IBM cloud tool enables privacy-preserving user authentication
Identity Mixer, a new tool to protect a consumer’s personally identifiable information, is now generally available on IBM Cloud. The tool is built on years of cryptography …
MagSpoof: A device that spoofs credit cards, disables chip-and-PIN protection
Hacker and security researcher Samy Kamkar, who’s noted for being the author of the first Web 2.0 worm, creating zombie cookies, and USBdriveby, has now come out with a …
Amazon resets customers’ potentially compromised passwords
Has Amazon suffered a breach? We won’t know for sure until the company offers more information.So far, we known only what users affected by the data theft/leak incident …
Another root CA cert with key found on Dell’s machines
The main piece of news on Monday was that Dell’s desktop PCs and laptops shipped since August 2015 contain a root CA certificate (eDellRoot) complete with the private …
IoT attacks and evasion techniques will characterize threats in 2016
As in years past, the Internet of Things and cloud play heavily in the predictions but new malicious tactics and strategies will create unique challenges for vendors and …
ModPOS: The most sophisticated POS malware to date
Elements of ModPOS date back as far as early 2012. It targeted US retailers in late 2013 and throughout 2014, and is expected to continue to do so in the future. According to …
Featured news
Resources
Don't miss
- Data-stealing VS Code extensions removed from official Marketplace
- Flawed WordPress theme may allow admin account takeover on 22,000+ sites (CVE-2025-4322)
- What good threat intelligence looks like in practice
- AutoPatchBench: Meta’s new way to test AI bug fixing tools
- Third-party cyber risks and what you can do