You are here

Subscribe to Feed
The central voice for Linux and Open Source security news.
Përditësimi: 1 javë 3 ditë më parë

What is the New York Cybersecurity Regulation? What you need to do to comply

Enj, 07/06/2018 - 10:43pd In March 2017, the New York State Department of Financial Services (DFS) implemented 23 NYCRR 500, generally referred to as the New York Cybersecurity Regulation. Its aim is to encourage financial services firms doing business in the state to minimize their security risks. Although many experts see the regulation as flawed, 23 NYCRR 500 is expected to set a precedent for cybersecurity laws and regulations in other states.

#Infosec18: Nation State Hacking is Biggest Change in Cyber-Threat Landscape

Enj, 07/06/2018 - 10:38pd The former director general of GCHQ Robert Hannigan took to the keynote stage at Infosecurity Europe 2018 to discuss the evolving cyber-threat landscape, describing how - whilst changes in sophistication of lone actors and cyber-criminals are increasing the challenges of keeping data secure - it is the rise of nation state attacks that is "possibly the biggest change in the last couple of years."

MyHeritage Alerts Users to Data Breach

Mër, 06/06/2018 - 12:11md MyHeritage, a platform designed to investigate family history, learned of a data breach on June 4, 2018. It reports the incident affected email addresses and hashed passwords of nearly 92.3 million users who signed up for the site before and including Oct. 26, 2017, the date of the incident.

Open-source security: Zip Slip critical flaw hits thousands of projects. Update now

Mër, 06/06/2018 - 12:09md Security firm Snyk has disclosed a widespread and critical flaw in multiple archive file-extraction libraries found in thousands of open-source web application projects from HP, Amazon, Apache, Oracle, LinkedIn, Twitter and others.

#Infosec18: Regulation is Top Driver of Cybersecurity, Now & in the Future

Mar, 05/06/2018 - 11:06pd Infosecurity has released the findings of a recent survey of senior industry professionals to determine the key trends that are currently driving cybersecurity spending and behaviors, and what factors will drive it in the next five years.

Phishing Scams Target FIFA World Cup Attendees

Mar, 05/06/2018 - 11:00pd Major sporting events attract fans and cybercriminals alike. Earlier this year, attackers targeted the 2018 Winter Olympics in Pyeongchang; now their sights are on the 2018 FIFA World Cup. Soccer-related spam is ramping up ahead of the event, which begins in less than two weeks.

North Korean hacking group Covellite abandons US targets

Hën, 04/06/2018 - 2:40md Cyberattackers linked to North Korea have appeared to have withdrawn from attacks on the US industrial sector.

Security fail? One in three companies think paying hackers is worth the risk

Hën, 04/06/2018 - 2:37md A third of organisations would consider paying a ransom to hackers instead of investing more in security a survey has claimed.

Customer Data Flies Away with Ticketfly Hacker

Dje, 03/06/2018 - 11:02pd Ticket distribution service Ticketfly was hacked by a culprit who took responsibility for defacing the company's homepage with a message citing poor security as the reason for not apologizing.

5 Tips for Protecting SOHO Routers Against the VPNFilter Malware

Dje, 03/06/2018 - 10:32pd News of how the Russians are alleged to have infected more than 500,000 home routers worldwide via the VPNFilter malware broke last week, leaving home users and security managers scratching their heads about how to best to lock themselves down.

Cybercrime Is Skyrocketing as the World Goes Digital

Sht, 02/06/2018 - 10:46pd If cybercrime were a country, it would have the 13th highest GDP in the world.

Fitness app PumpUp left users' personal data exposed on server

Sht, 02/06/2018 - 10:39pd While it's not at the catastrophic level of MyFitnessPal's 150 million-user data breach , the company behind the workout app PumpUp left information for 6 million of its members exposed. The Amazon cloud-hosted back-end server holding the data didn't have a password set up for an uncertain lenght of time, enabling anyone to observe sign-ins and exchanged messages.