-
Smashing Security podcast #300: Interplanetary file systems, iSpoof, and don’t delete Twitter
PRIVACY PRIVACY Why deleting your Twitter account may be a very bad idea, how the police unravelled the iSpoof fraud gang, and a trip into outer space (or at least interplanetary file systems). All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham…
-
Fortanix unveils AWS integration for centralized key management
PRIVACY PRIVACY Cloud security vendor Fortanix has updated its Data Security Manager to incorporate support for AWS’ external encryption key store system, adding another major public cloud vendor to the list of those supported for the company’s key management system. With this week’s update, Fortanix, which already supports this type of cloud key management system…
-
Fake Security App Found Abuses Japanese Payment System
PRIVACY PRIVACY Authored by SangRyol Ryu and Yukihiro Okutomi McAfee’s Mobile Research team recently analyzed new malware targeting mobile payment users in Japan. The malware which was distributed on the Google Play store pretends to be a legitimate mobile security app, but it is in fact a payment fraud malware stealing passwords and abusing reverse…
-
AWS’ Inspector offers vulnerability management for Lambda serverless functions
PRIVACY PRIVACY Amazon Web Services has announced AWS Lambda serverless function support for its automated vulnerability management service, Amazon Inspector, and a new automated sensitive data discovery capability in its machine learning security and privacy service, Amazon Macie. Both announcements were made during the AWS Re:Invent 2022 conference in Las Vegas this week. They follow…
-
Majority of US Defense Contractors Not Meeting Basic Cybersecurity Requirements
PRIVACY PRIVACY 87% of DoD contractors are failing to meet the basic level of compliance ahead of CMMC coming into force next year Read More
-
Australian Parliament Passes Privacy Penalty Bill
PRIVACY PRIVACY The higher penalties and extended powers will become effective after the bill receives royal assent Read More
-
China-Based Hackers Target Southeast Asia With USB-Based Malware
PRIVACY PRIVACY UNC4191 operations have affected several entities in Southeast Asia but also in the US, Europe and Asia Pacific Japan Read More
-
Twitter isn’t going to stop people posting COVID-19 misinformation anymore
PRIVACY PRIVACY As of September 2022, Twitter had challenged 11.72 million accounts, suspended 11,230 accounts, and removed over 97,674 pieces of misleading content related to COVID-19 worldwide. Today? It’s not doing anything. As an update on the company’s COVID-19 misinformation report webpage notes: Effective November 23, 2022, Twitter is no longer enforcing the COVID-19 misleading…
-
Zero-Day Flaw Discovered in Quarkus Java Framework
PRIVACY PRIVACY The flaw has a CVSS v3 base score rating of 9.8 and can be found in the Dev UI Config Editor Read More
-
AWS launches new cybersecurity service Amazon Security Lake
PRIVACY PRIVACY Amazon Web Services (AWS) has launched a new cybersecurity service, Amazon Security Lake, which automatically centralizes security data from cloud and on-premises sources into a purpose-built data lake in a customer’s AWS account, the company said in a statement. “Customers must be able to quickly detect and respond to security risks so they…