WhatsApp RCE flaw can be exploited by sending malicious MP4 files
Facebook has patched a critical vulnerability (CVE-2019-11931) affecting various versions of its popular WhatsApp Messenger app and is urging users to update as soon as …
Most Americans feel powerless to prevent data collection, online tracking
Most U.S. adults say that the potential risks they face because of data collection by companies (81%) and the government (66%) outweigh the benefits, but most (>80%) feel that …
Hackers helping communities: Leveraging OSINT to find missing persons
People, in general, like helping other people, no matter their degree of connection. And then there are people who go even further: they find a way to help people help people. …
Study on public cloud performance: AWS, GCP, Azure, Alibaba and IBM Cloud
There are notable network performance and connectivity differences between the five major public cloud providers – Amazon Web Services (AWS), Google Cloud Platform (GCP), …
Trusted certificates make phishing websites appear valid
There has been a rampant growth of look-alike domains, which are often used to steal sensitive data from online shoppers. Venafi analyzed suspicious domains targeting 20 major …
Healthcare spikes data breach fever, endpoint threat detections grow 60%
The healthcare industry has been overwhelmingly targeted by Trojan malware during the last year, which increased by 82 percent in Q3 2019 over the previous quarter, according …
Do your infosec habits make you vulnerable to fraud?
A third of Americans have been a victim of information fraud or identity theft. Despite notable data breaches in 2019, when asked if they update or change passwords/PINs after …
Week in review: How to avoid lateral phishing, what’s the right time to red team?
Here’s an overview of some of last week’s most interesting news and articles: Your supplier’s BEC problem is your BEC problem BEC scammers don’t care what business …
GitHub Security Lab aims to make open source software more secure
GitHub, the world’s largest open source code repository and leading software development platform, has launched GitHub Security Lab. “Our team will lead by …
Attack tools and techniques used by major ransomware families
Ransomware tries to slip unnoticed past security controls by abusing trusted and legitimate processes, and then harnesses internal systems to encrypt the maximum number of …
New infosec products of the week: November 15, 2019
Sysdig Secure 3.0 provides enterprises with threat prevention at runtime Sysdig Secure 3.0 includes an incident response and audit tool for Kubernetes, giving enterprises the …
To improve incident response, you need to consider 3rd party solutions
Organizations reported an average 32% reduction in threat responder workload when they deployed a managed SIEM solution, according to CenturyLink and IDG. Improve incident …