Security news that informs and inspires

All Articles

658 articles:

Mozilla Testing Firefox Private Network

A new Firefox Private Network extension provides protection on public networks.

Privacy, Mozilla

Exim Bug Allows Root Privileges

A flaw in the Exim MTA software can be exploited remotely to gain root privileges.

Vulnerability

Decipher Podcast: Tanya Sam

Tanya Sam of TechSquare Labs joins Dennis Fisher to discuss her path to the Atlanta startup scene and what she's learned along the way.

Podcast

Money for Nothing: Ransomware Plagues Local Governments

Ransomware infections have crippled local governments in several states recently, a trend that shows no signs of abating.

Ransomware

Firefox Now Blocks Third-Party Cookies by Default

Mozilla has added Enhanced Tracking Protection to Firefox to block tracking cookies in the browser by default.

Privacy, Mozilla

Modified Orcus and Revenge RATs Infesting Networks

Researchers have found modified versions of the Orcus and Revenge RATs being delivered through effective phishing campaigns.

Malware

Long-Running Attack Campaign Targeted iPhones

Researchers from Google Project Zero uncovered a multiyear campaign that targeted iPhones with sophisticated exploit chains delivered through hacked websites.

Apple, Ios

Disinformation Attacks Aren’t Just Against Elections

While disinformation is getting a lot of attention in security circles, the discussion primarily tends to be in the context of election security. However, hacking social media accounts, or creating fake accounts, to post false messages about a company is absolutely a disinformation campaign.

Disinformation, Twitter

Imperva Discloses Data Breach, Theft of Customer API Keys

Security firm Imperva says that API keys and SSL certificates for some of its Cloud WAF customers were exposed in a data breach.

Data Breaches

Encryption Experts Asked G7 to Set the Right Example

Encryption experts from around the world collaborated on an open letter to G7 leaders prior to the summit to not undermine encryption. The fact that the G7 leaders didn't release a statement supporting lawful access for law enforcement and intelligence agencies the way the G7 ministers did back in April is a victory of sorts.

Encryption

Attackers Targeting Vulnerability in Pulse Secure VPN

The CVE-2019-11510 vulnerability in Pulse Secure VPN is drawing considerable attention from attackers now that an exploit is publicly available.

VPN

Data Shows IoT Security is Moving Backward

An extensive study by the Cyber Independent Testing Lab of IoT device firmware shows many vendors removing hardening technologies over time.

IoT Security

Georgia Supreme Court Considers When Data Breach Victims Can Sue

The Georgia Supreme Court is being asked to decide whether data breach victims have to wait for actual fraud or theft to happen before they can sue to recover the costs spent protecting themselves after a data breach.

Data Breaches, Legal, Government

Google and Mozilla Block Kazakhstan HTTPS Interception

A month after the Kazakh government began performing HTTPS interception on some of its citizens, Google and Mozilla have blocked that effort by dropping trust for the government's root certificate.

HTTPS, Google

Nation-State Attacks Target Medical Research

It’s not just individual healthcare records or personal information. Espionage groups with Chinese ties are targeting cutting-edge medical research, especially cancer research, FireEye said.

Medical Data, Data Breaches, Medical Identity Theft