Fake Twitter verification profiles trick victims into sharing personal, payment card info
A little over 18,000 Twitter users looking for a way to get their accounts verified have been duped by a single fake account promising to provide the service into visiting a …
US OPM takes vulnerable background investigation portal offline
The US Office of Personnel Management announced on Monday that it has temporarily suspended the E-QIP (Electronic Questionnaires for Investigations Processing) system, a …
Popular VPNs leak data, don’t offer promised privacy and anonymity
Virtual Private Network (VPN) services can be used for circumventing Internet censorship and accessing blocked content, but researchers warn that you shouldn’t believe …
Researcher proves how easy it is to pull off homographic phishing attacks
Security consultant Paul Moore has managed to register a domain that, at first glance, looks like that of UK-based Lloyds Bank, and get a valid TLS certificate for it from …
Worldwide IT spending to decline 5.5 percent in 2015
Worldwide IT spending is on pace to total $3.5 trillion in 2015, a 5.5 percent decline from 2014, according to the latest forecast by Gartner, Inc. Analysts attribute the …
NIST revises security publication on random number generation
In response to public concerns about cryptographic security, the National Institute of Standards and Technology (NIST) has formally revised its recommended methods for …
Security concerns continue to dog the cloud industry
Executives at major North American companies believe conventional network security solutions aren’t enough to protect their cloud computing environments, especially when it …
Major Xen update fixes over 20 vulns, including guest/host escape flaw
The newest version (v4.5.1) of popular hypervisor Xen has been released last week, and includes a bucketload of improvements and bug-fixes, including nearly 20 security …
Hackers are exploiting Magento flaw to steal payment card info
Attackers are exploiting a vulnerability in eBay’s Magento platform to steal users’ billing information (including payment card info), warns Sucuri …
4 in 10 midsize businesses have experienced a data breach
Most midsize business leaders view a data breach among their top risks and a majority consider IT security ‘very important’ when selecting a supplier. They have good reason to …
Week in review: TLS security, malicious Tor exit nodes, how to find a free, secure proxy service
Here’s an overview of some of last week’s most interesting news, podcasts, reviews and articles:Penetration Testing With Raspberry PiRaspberry Pi is a small and …
Why a low-level threat can open the door for serious infections
“A device hi-jacked for the purpose of conducting click-fraud can become a conduit for more serious malware such as ransomware. A Damballa study cited an example of how …
Featured news
Resources
Don't miss
- Cybercriminals exploit RMM tools to steal real-world cargo
- Former ransomware negotiators allegedly targeted US firms with ALPHV/BlackCat ransomware
- How nations build and defend their cyberspace capabilities
- Uncovering the risks of unmanaged identities
- Deepfakes, fraud, and the fight for trust online