-
Malware Redirects 15,000 Sites in Malicious SEO Campaign
PRIVACY PRIVACY Campaign designed to improve search engine rankings of spammy sites Read More
-
PCI DSS 4.0 is coming: how to prepare for the looming changes to credit card payment rules
PRIVACY PRIVACY For enterprises that handle credit card data, which means just about every consumer-facing company, payment processing is a mission-critical system that requires the highest levels of security. The volume of transactions conducted with general purpose credit cards (American Express, Discover, Mastercard, Visa, UnionPay in China, and JCB in Japan) totaled $581 billion in…
-
Couple Get 40 Years for Navy Espionage Plot
PRIVACY PRIVACY Duo tried to sell secrets of nuclear propulsion Read More
-
Smashing Security podcast #297: Mastodon 101, and the Hushpuppi saga
PRIVACY PRIVACY Graham offers some security and privacy advice for those exodusing Twitter to Mastodon, and Carole slams the door shut on a notorious scammer with a huge Instagram following. All this and more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.…
-
Okta streamlines IAM portfolio with consumer identity management cloud
PRIVACY PRIVACY Potential access management customers got a new option from Okta Wednesday, as the identity and access management (IAM) provider announced a newly streamlined Consumer Identity Cloud system designed to simplify the deployment and use of its various products. Okta said that the new cloud program is split into two main components—those aimed at…
-
Researchers show techniques for malware persistence on F5 and Citrix load balancers
PRIVACY PRIVACY Over the past several years, hackers have targeted public-facing network devices such as routers, VPN concentrators, and load balancers to gain a foothold into corporate networks. While finding remote code execution vulnerabilities in such devices is not uncommon, incidents where attackers were able to deploy malware on them that can survive restarts or…
-
High-Risk Vulnerability Found in ABB’s Flow Computers
PRIVACY PRIVACY Attackers could exploit it by sending a specially crafted message to an affected system node Read More
-
GitHub releases new SDLC security features including private vulnerability reporting
PRIVACY PRIVACY GitHub has announced new security features across its platform to help protect the software development lifecycle (SDLC). These include private vulnerability reporting, CodeQL vulnerability scanning support for the Ruby programming language, and two new security overview options. The world’s leading development platform said these updates make securing the SDLC end-to-end easier and more…
-
Malicious Package on PyPI Hides Behind Image Files, Spreads Via GitHub
PRIVACY PRIVACY The findings indicate that PyPI malicious packages and their obfuscation techniques are evolving Read More
-
Having refused to pay ransom, health insurer Medibank sees customer data posted online by hackers
PRIVACY PRIVACY A ransomware gang has begun to publish data on the dark web stolen from Australia’s largest health insurer Medibank. Curiously, the hackers have released details of insured customers, sorted into two files bearing the label “naughty-list” and “good-list.” Read more in my article on the Hot for Security blog. Read More