Stolen Foxconn certs used to sign malware used in Kaspersky Lab attack
“After last week’s revelation that their corporate network has been hit by APT actors wielding a newer version of the infamous, Stuxnet-related Duqu attack …
Emojis instead of PIN codes as an alternative for forgetful users
For years now companies have been trying to come up with alternatives to passwords and passcodes that will be easier to remember (for users) and more difficult to guess or …
Rethinking security: Securing activities instead of computers
For many people involved in the infosecurity community, the notion of security is too often tied to the quality of code (resistance to specific classes of bug, for example) …
Stronger data protection rules for Europe
More than 90% of Europeans are concerned about mobile apps collecting their data without their consent. Today, an important step was taken to finalize EU data protection rules …
OPM hack: Vast amounts of extremely sensitive data stolen
The extent of the breach suffered by the US Office of Personnel Management has apparently widened. Reports are coming in that the hackers have not only accessed Social …
Week in review: Windows 10 security, developing honeypots, IoT security holes
Here’s an overview of some of last week’s most interesting news, podcasts and articles:Brain’s reaction to certain words could replace passwordsYou might not …
Malware attacks give criminals 1,425% return on investment
Trustwave released a new report which reveals the top cybercrime, data breach and security threat trends from 2014. They gathered the data from 574 breach investigations the …
Microsoft flags Ask toolbar as unwanted and dangerous
From this month on, all versions of Ask.com’s infamous browser toolbar except the very last will be detected as unwanted software by Microsoft security products and …
New OpenSSL versions squash LogJam bug
The OpenSSL Project has pushed another update for the eponymous open-source cryptographic library. This one plugs several moderate bugs, one low one, and LogJam …
Privacy profession: An equal playing field for men and women?
In the midst of the public debate around the lingering gender gap in salary and professional achievement, the International Association of Privacy Professionals (IAPP) …
FIRST announces CVSS version 3
The Forum of Incident Response and Security Teams (FIRST) has announced the availability of version 3 of the Common Vulnerability Scoring System (CVSS). The new system is the …
Trojanized Sberbank mobile app lurking on third-party stores
“A Trojanized Android version of the Sberbank online banking mobile application is being distributed via third-party online stores and file-sharing sites, warns Russian …
Featured news
Resources
Don't miss
- Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)
- GitPhish: Open-source GitHub device code flow security assessment tool
- Healthcare CISOs must secure more than what’s regulated
- Qantas data breach could affect 6 million customers
- Cybersecurity essentials for the future: From hype to what works