11.5 C
London
Sunday, October 22, 2017

Reuters: Microsoft’s 2013 Breach Hit Bug Repository, Insiders Say

Five anonymous former Microsoft employees tell Reuters that Microsoft's database of internally discovered vulnerabilities was compromised in 2013, but Microsoft will not confirm it occurred.

ATM Machine Malware Sold on Dark Web

Cybercriminals are advertising ATM malware that's designed to exploit hardware and software vulnerabilities on the cash-dispensing machines.

Factorization Bug Exposes Millions Of Crypto Keys To ‘ROCA’ Exploit

Products from Lenovo, HPE, Google, Microsoft, and others impacted by flaw in Infineon chipset.

Google Bolsters Security for Select Groups

Business leaders, political campaign teams, journalists, and other high-risk groups will receive advanced email and account protection.

InfoSec Pros Among Worst Offenders of Employer Snooping

A majority of IT security professionals admit to trolling through company information unrelated to their work -- even sensitive material.

Why Security Leaders Can’t Afford to Be Just ‘Left-Brained’

The left side of the brain is logical and linear; the right side, creative. You have to use both sides of the brain to connect to your audience in your business.

Secure Wifi Hijacked by KRACK Vulns in WPA2

All modern WiFi access points and devices that have implemented the protocol vulnerable to attacks that allow decryption, traffic hijacking other attacks.
Second, unrelated crypto vulnerability also found in RSA code library in TPM chips.

US Supreme Court to Hear Microsoft-DOJ Email Case

High court to rule on email privacy case, pitting Redmond giant against DOJ over access to its foreign-based email servers.

DHS to Require All Fed Agencies to Use DMARC, HTTPS, and...

The move follows a DHS review of federal government agencies' steps to secure email and deploy authentication technologies.

New Cybercrime Campaign a ‘Clear and Imminent’ Threat to Banks Worldwide

Hundreds of millions of dollars stolen from banks via an sophisticated attack that blended cyber and physical elements.

Adobe Patches Flash ZeroDay Used To Plant Surveillance Software

Second time in four weeks FINSPY "lawful intercept" tool and a zero-day found together.

GDPR Compliance: 5 Early Steps to Get Laggards Going

If you're just getting on the EU General Data Protection Regulation bandwagon, here's where you should begin.