Facebook users will be notified when their credentials are used for third-party app logins
Facebook will (finally!) explicitly tell users who use Facebook Login to log into third-party apps what information those apps are harvesting from their FB account. At the …
Embedding security, the right way
As organizations proceed to move their processes from the physical world into the digital, their risk profile changes, too – and this is not a time to take risks. By not …
Emotet remains the dark market leader for delivery-as-a-service
The vast majority of nationally sponsored cybersecurity incidents take the form of espionage through data exfiltration, with frequent employment of remote access tool Plug-X, …
Six trends attracting the attention of enterprise technology leaders
Organizations around the world will accelerate enterprise technology investment in 2020, leveraging digital improvements to make them more competitive, improve connections …
Global security services industry to experience spend growth of more than $80 billion
The global security services industry is poised to experience spend growth of more than $80 billion between 2019-2024 at a CAGR of over 8% during the forecast period, …
High-risk Google account owners can now use their iPhone as a security key
Google users who opt for the Advanced Protection Program (APP) to secure their accounts are now able to use their iPhone as a security key. About Google’s Advanced Protection …
Kubernetes bug bounty program open to anyone, rewards up to $10,000
The Cloud Native Computing Foundation is inviting bug hunters to search for and report vulnerabilities affecting Kubernetes. Offered bug bounties range between $100 to …
Companies increasingly reporting attacks attributed to foreign governments
More than one in four security managers attribute attacks against their organization to cyberwarfare or nation-state activity, according to Radware. Nation-state intrusions …
Cyber attackers turn to business disruption as primary attack objective
Over the course of 2019, 36% of the incidents that CrowdStrike investigated were most often caused by ransomware, destructive malware or denial of service attacks, revealing …
Budgetary, policy, workforce issues influencing DOD and intelligence community IT priorities
Information Technology spending by Department of Defense (DOD) and Intelligence Community (IC) agencies will continue to grow as they work to keep pace with the evolution of …
January 2020 Patch Tuesday: Microsoft nukes Windows crypto flaw flagged by the NSA
As forecasted, January 2020 Patch Tuesday releases by Microsoft and Adobe are pretty light: the “star of the show” is CVE-2020-0601, a Windows flaw flagged by the …
Security pitfalls to avoid when programming using an API
OWASP’s API Security Project has released the first edition of its top 10 list of API security risks. The most common and perilous API security risks API abuse is an …
Featured news
Resources
Don't miss
- Black Friday 2025 cybersecurity deals to explore
- Quantum encryption is pushing satellite hardware to its limits
- cnspec: Open-source, cloud-native security and policy project
- The privacy tension driving the medical data shift nobody wants to talk about
- Salesforce Gainsight compromise: Early findings and customer guidance