SEARCH
All Articles
Home Depot Settles With States Over 2014 Data Breach
The home improvement giant reached a $17.5 million settlement with 46 states and Washington, DC to resolve the investigation into the data breach that compromised the payment information of 40 million customers who used self-checkout terminals at its stores in the United States and Canada.
Interpol Arrests Three in BEC Scam
The Nigeria Police Force, in partnership with Interpol and Group-IB, has arrested three men suspected of being part of a cybercriminal gang that specialized in business-email-compromise scams.
VMware Warns of Critical Zero Day in Workspace One
A critical command injection vulnerability (CVE-2020-4006) with no fix available has been discovered in VMware Workspace One.
Europol Arrests Two for Running Malware Crypter Services
European law enforcement officials have arrested two suspects for allegedly running a pair of crypter services that help malware slip past security software.
Public Exploits Give Attackers a Head Start
The latest research out of Kenna Security and Cyentia Institute compared how quickly defenders could remediate vulnerabilities and how quickly attackers could exploit the vulnerability in the wild.
FBI Guidance Evolves on Ransomware Payments
The FBI has always advised victims not to pay ransomware groups, but its thinking has evolved as attacks have proliferated and worsened.
Congress Passes IoT Security Law
Congress has unanimously passed the bipartisan IoT Cybersecurity Improvement Act, which would set minimum security requirements for developing, patching, and configuring Internet of Things.
Firefox Adds HTTPS-Only Mode
Firefox 83 includes an option to force HTTPS connections to any site that offers them.
Civil Liberties Groups Decry Calls for Encryption Backdoors
A coalition of civil liberties groups from the U.S. and Europe is warning about the potential consequences of backdoors in encryption systems.
Security Leaders Uneasy CISA Chief May be Fired
The Cybersecurity and Infrastructure Security Agency’s role goes beyond national security and securing elections. Any shakeup at CISA’s leadership level would affect the work the agency has been doing with privacy sector organizations.
Google Patches Two More Chrome Zero Days Used by Attackers
Google has fixed two vulnerabilities in Chrome that have been targeted by attackers in recent days.
Deciphering Johnny Mnemonic
Zoe Lindsey, Pete Baker, and Dennis Fisher break down the delightfully goofy and moderately incoherent 1995 film Johnny Mnemonic.
Security Incidents Affect Victims Differently, Even the Mega-Breaches
Cyentia Institute analyzed some of the costliest, most damaging security incidents and found that they impacted organizations differently.
Trickbot Back on the Block
The Trickbot malware operation is back, with a fresh spam campaign delivering malicious Word documents.
Privacy Labels for iOS and Mac Apps Are Coming
Starting Dec. 8, all iOS and Mac apps will be required to print "privacy labels" telling users upfront how the apps use their information, just as food manufacturers are required to print nutritional labels on food to provide nutrition information such as calories and ingredients.