-
Employee Info Among 13 Million Records Leaked by Fox News
PRIVACY PRIVACY Researchers discover database exposed through misconfiguration Read More
-
US Action Disrupts Russian Botnet Cyclops Blink
PRIVACY PRIVACY Coordinated effort removes malware from C&C devices Read More
-
Smashing Security podcast #269: Trezor Deep Throat, a CCTV stalker, and Amazon’s list of banned words
PRIVACY PRIVACY There’s monkey business involving cryptocurrency thieves and MailChimp, a stalker exploits his ex-partner’s CCTV cameras, and what are the naughty words Amazon doesn’t want its staff using? All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault,…
-
Attackers create malware for serverless computing platforms like AWS Lambda
PRIVACY PRIVACY Malware authors are keeping with the times and when it comes to server-oriented malware. Specifically, attackers will adopt the same technologies their target organizations are using. Security researchers have recently come across a cryptocurrency miner that was designed to run inside AWS Lambda, a so-called serverless computing platform designed to execute user-supplied application…
-
New cryptomining malware targets AWS Lambda
PRIVACY PRIVACY Malware authors are keeping with the times and when it comes to server-oriented malware. Specifically, attackers will adopt the same technologies their target organizations are using. Security researchers have recently come across a cryptocurrency miner that was designed to run inside AWS Lambda, a so-called serverless computing platform designed to execute user-supplied application…
-
Control IT and SaaS complexity with Axonius
PRIVACY PRIVACY Graham Cluley Security News is sponsored this week by the folks at Axonius. Thanks to the great team there for their support! From new device types to the shift to hybrid work, the introduction of cloud infrastructure, and the rapid increase in SaaS adoption, complexity is increasing rapidly in IT and security environments.…
-
The Original APT: Advanced Persistent Teenagers
PRIVACY PRIVACY Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware infection to a full blown data breach. But few organizations have a playbook for responding to the kinds of virtual “smash and…
-
New PCI Data Security Standard v4.0 receives kudos for flexibility
PRIVACY PRIVACY Standards are often force-fed to the industries they govern, but that doesn’t seem to be the case with the latest version of the PCI Data Security Council’s global Data Security Standard (DSS). According to the council, during the three years it took to develop the new standard, more than 200 organizations provided more…
-
New PCI DSS v4.0 receives kudos for flexibility
PRIVACY PRIVACY Standards are often force-fed to the industries they govern, but that doesn’t seem to be the case with the latest version of the PCI Data Security Council’s global Data Security Standard (PCI DSS). According to the council, during the three years it took to develop the new standard, more than 200 organizations provided…
-
Zoom’s bug bounty ROI clear as program pays $1.8 million to fix over 400 bugs
PRIVACY PRIVACY Since its inception in 2020, Zoom’s private bug bounty program has awarded $2.4 million in payments and swag to security researchers, recruiting over 800 ethical hackers via the HackerOne platform. In 2021 alone, it paid $1.8 million to researchers for helping to identify and resolve more than 400 security bugs, with its bounties…