Week in review: Facebook data breach fallout, BEC-as-a-Service, true password behaviors
Here’s an overview of some of last week’s most interesting news and articles: APTs are targeting IT service providers Managed service providers (MSPs) and cloud …
New IoT legislation bans shared default passwords
In an attempt to make it harder for bots to take over the myriad of connected devices sold in California, the state legislators have pushed through and California Governor …
Safe IT/OT integration with unidirectional security gateways
The reason SCADA security is so controversial stems primarily from the intense consequences that come from a compromise in this area. In this podcast, Andrew Ginter, VP of …
New infosec products of the week: October 5, 2018
Detect, investigate and act on all threats with Splunk Security solutions Splunk’s expanded suite of security solutions helps security analysts monitor, visualize, detect, …
Heading into October Patch Tuesday on the heels of big announcements from Microsoft
October is here and Patch Tuesday is next week, followed quickly by Halloween. Don’t be scared (unless you are a Facebook user)! The winds of change are blowing this fall …
BEC-as-a-Service: Hacked accounts available from $150
Digital Shadows has announced the findings of new research revealing the diversity of methods used to infiltrate company emails. The FBI has estimated that scams resulting …
Most enterprises highly vulnerable to security events caused by cloud misconfiguration
Fugue released the results of its Cloud Infrastructure Misconfiguration Report. The survey of more than 300 IT professionals revealed that most enterprises are highly …
Identity fraudsters are getting better and better at what they do
Socure, a provider of predictive analytics for digital identity verification, found that fraudsters have virtually eliminated reliable indicators for detecting fake identities …
Can we trust digital forensic evidence?
Research carried out at the University of York has suggested that more work is needed to show that digital forensic methods are robust enough to stand-up to interrogation in a …
China allegedly infiltrated US companies through implanted hardware backdoors
Many US companies, including Amazon and Apple, have been the victims of a clever supply chain attack that resulted in compromised hardware (servers) being installed at some of …
Jigsaw releases Intra, an Android app that encrypts DNS queries to thwart online censorship
Alphabet subsidiary and tech incubator Jigsaw, which concentrates on creating solutions for “the toughest geopolitical challenges,” has released Intra, an Android …
APTs are targeting IT service providers
Managed service providers (MSPs) and cloud service providers (CSPs) are under attack by advanced persistent threat (APT) groups, the U.S. Department of Homeland Security …
Featured news
Resources
Don't miss
- European police busts Ukraine scam call centers
- SoundCloud breached, hit by DoS attacks
- The messy data trails of telehealth are becoming a security nightmare
- What Cloudflare’s 2025 internet review says about attacks, outages, and traffic shifts
- Update your Apple devices to fix actively exploited vulnerabilities! (CVE-2025-14174, CVE-2025-43529)