Script injection vulnerability discovered in Salesforce
Elastica discovered an injection vulnerability in Salesforce which opened the door for attackers to use a trusted Salesforce application as a platform to conduct phishing …
Dropbox adds support for FIDO U2F secure authentication
Cloud storage giant Dropbox announced to its 400 million users that it supports FIDO U2F for strong two-factor authentication.Dropbox users can now protect their files with …
Addressing IoT risks with a trust framework
The Online Trust Alliance (OTA) released its Internet of Things Trust Framework, the first global, multi-stakeholder effort to address IoT risks comprehensively.The framework …
Impact and scope of fraud that crosses multiple industries
84 percent of fraud mitigation professionals interviewed by LexisNexis Risk Solutions see fraud that crosses multiple industries in their investigations.Multi-industry fraud …
Researchers hack Corvette via SMS to plugged-in tracking dongle
A team of researchers from the University of California, San Diego, have managed to hack a Corvette via specially crafted SMS messages sent to a tracking dongle (i.e. a …
Attackers actively exploiting Windows bug via malicious USB devices
In this month’s Patch Tuesday, Microsoft has released 14 bulletins and patches addressing a bucketload of vulnerabilities in a number of its products, including its new …
Insider trading ring hacked into newswire services, raked in $100M based on stolen info
The US Securities and Exchange Commission announced civil fraud charges against 32 defendants for taking part in a scheme to profit from stolen nonpublic information about …
OpenSSH 7.0 deprecates weak, legacy and unsafe cryptography
OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks. Additionally, it provides secure tunneling …
Scammers exploit mobile ads for easy profit
Pop-up ads targeting mobile device users are, arguably, one of the most annoying things in existence. But did you know that they could also make you inadvertently spend small …
Looks like mobile device security is on nobody’s mind
Despite recent high-profile data theft attacks, much of the American workforce has not taken action to protect information on their personal and corporate-issued devices. …
Firefox 40: New features and critical security updates
Mozilla released Firefox 40. The update includes four critical, seven high and two moderate security updates. The new release now issues a warning if you visit a page known to …
Kali Linux 2.0 released: New 4.0 kernel, improved hardware and wireless driver coverage
Kali Linux, the open source penetration testing platform, has reached version 2.0.Kali Linux 2.0 comes with a 4.0 kernel, now based on Debian Jessie. It features improved …