Attackers Already Exploiting BIG-IP Vulnerability
A critical vulnerability in F5 Networks’ BIG-IP networking gear is under active attack, just days after the company first announced the flaw.
SEARCH
Evil Corp Deploys New WastedLocker Ransomware
The Evil Corp group responsible for the Dridex malware is using a new ransomware called WastedLocker that targets cloud...
Palo Alto Fixes Critical Authentication Bypass Flaw
Palo Alto Networks has patched a critical flaw in many of its products that support SAML-based authentication for SSO.
Password Spraying Leads to Compromise of Cloud Identities
The Holmium threat group has been using password spraying attacks against Office 365 to gain access to corporate networks.
Bills Would Ban Federal Use of Facial Recognition
Legislation introduced in both the House and Senate would ban the use of facial recognition systems by federal entities.
Facebook Changes Developer Rules After Apps Improperly Got User Data
On the heels of yet another privacy incident where Facebook app developers received user data when they shouldn’t be, the...
New Bill Takes Direct Aim at Encrypted Devices and Services
The Lawful Access to Encrypted Data Act introduced this week would require device makers and service providers to create...
UCSF Pays Portion of $1.14M Ransom to Regain Medical School Data
The University of California San Francisco paid some of the $1.14 million ransom to regain access to data encrypted by...
Citrix Patches 11 Vulnerabilities in Several Products
Citrix has fixed 11 vulnerabilities in its ADC, Gateway, and SD-WAN appliances, some which could allow authenticated access to...
Dennis Has Some Questions About…2FA
Two-factor authentication is a vital part of many corporate security strategies, and is now offered by lots of consumer apps,...
Attacks Based on Credential Theft On The Rise, DBIR Says
In the 13th Data Breach Investigations Report, Verizon researchers found that attackers are relying less on malware and more on...
GoDaddy Reports Breach of Customer Hosting Accounts
An attacker was able to access an undisclosed number of GoDaddy customers' hosting accounts using SSH connections.
Banner Health Settles Data Breach Lawsuit
A judge has approved the deal settling all claims related to Banner Health’s 2016 data breach, which includes stipulations for...
