SEARCH
All Articles
EFF Says Privacy Loopholes Remain in CCPA
California is expected to begin enforcing its new consumer privacy law starting July 1, but the Electronic Frontier Foundation is concerned about all the loopholes that still remain.
WireGuard VPN Added to Linux Kernel
The WireGuard VPN is now a default part of the Linux 5.6 kernel.
The Short, Unhappy Lives of Five Zero Days
Google's Threat Analysis Group discovered one attacker exploiting five separate zero days in several applications last year, a highly unusual attack pattern.
Attackers Target Home Routers With DNS-Changing Hack
Attackers are compromising home routers and changing the DNS settings to redirect victims to a site serving malware.
Give IT a Break from Software Updates
Microsoft said it will pause non-security Windows updates beginning in May as part of its plan to reduce the update pressure on IT and security teams, as they are busy keeping organizations operational during the COVID-19 pandemic. Other software companies are adjusting their release schedules, recognizing that IT and security teams are currently stretched thin.
APT41 Campaign Targeted Companies in 20 Countries
APT41, an attack group connected to China, has been running a broad campaign using public exploits and flaws to target companies in 20 countries.
California, NY Consumer Privacy Laws Protect Data from Misuse
Organizations collecting and maintaining personal information about California and New York residents should be paying attention as the data security element of New York's SHIELD Act goes into effect and the California Attorney General releases a second set of modifications on regulations on implementing CCPA.
Buffer Overflow in Memcached Fixed
A buffer overflow in the memcached tool has been patched after a public disclosure of the details and proof-of-concept exploit code.
Insurers See Ransomware Claims More Than Double
Ransomware attacks are on the rise, and the in-house breach investigations team at insurance company Beazley Group said there were 131 percent more ransomware attacks against its customers in 2019 than was in 2018. The spike in attacks were most evident in healthcare, professional services, and financial services.
Decipher Podcast: Wade Baker and David Severski
Wade Baker and David Severski of the Cyentia Institute join Dennis Fisher to discuss the findings from their new Information Risk Insights Study into the risk and cost of security breaches across industries.
Unpatched Windows Flaws Under Active Attack
Two new Windows vulnerabilities related to the Adobe Type Manager library are being exploited in targeted attacks.
New Security Tools Added to Google’s Advanced Protection
Google is turning on its Play Protect app scanning feature automatically and changing which apps can be installed on Android devices associated with Advanced Protection Program accounts.
Use Data, Not Magical Thinking
Many security leaders rely on a cost-per-record metric to calculate the costs of a security incident. The latest research from Cyentia Institute using Advisen data shows estimates based on that metric are frequently inaccurate.
For Ransomware, Nighttime is the Right Time
Ransomware attackers tend to deploy their payloads at night and on weekends, when IT resources are scarce and security teams may be less active.
Decipher Podcast: Jo Van Bulck
Jo Van Bulck of KU Leuven joins Dennis Fisher to discuss the new load value injection attacks on processors.