Collaborate Disseminate
Researchers have discovered a vulnerability in the Maxthon 5 Browser for Windows. Maxthon is a freeware browser developed by Maxthon Ltd, a firm headquartered in Beijing, China, and with offices in San Francisco, CA. Maxthon claims to be the default br… Continue reading Maxthon Browser Vulnerability Can Help Attackers in Post-Exploitation Phase
Magecart is the umbrella term for a range of criminal groups that use software to perform digital credit card skimming. It isn’t clear how many different Magecart groups are currently operating. There are some suggestions that there are dozens, but wit… Continue reading Historical Breadcrumbs Link Magecart 5 to Carbanak Group
Two bills, currently in the Senate, have the potential to change the U.S. cybersecurity landscape if passed into law. The first is the ‘Cybersecurity Disclosure Act of 2019’, introduced by Senator Jack Reed (D-RI) on 28 February 2019. The second is the… Continue reading New Cybersecurity Bills Promote CISOs and Privacy
Three years after Thoma Bravo acquired a majority holding in DigiCert, the Utah-based digital certificate firm has announced its acquisition by Clearlake Capital Group and TA Associates. TA already had a minority holding in the firm and has been invest… Continue reading Under New Ownership, DigiCert Expands into Verified Mark Certificates
Shadow IT is a well-known and long-standing organizational issue that has never really been solved. The problem is that it is a boon as well as a threat; and an uneasy balance exists between the two aspects. But with increasing use and familiarity… Continue reading Shadow IT Has Benefits Not Yet Fully Utilized by Business
The California Attorney General Xavier Becerra has released the draft proposed regulations on how the state will enforce the California Consumer Protection Act (CCPA) that comes into force on January 1, 2020.
read more
Continue reading California Attorney General Outlines How State Will Enforce Upcoming Privacy Law
Blockchain, or distributed ledger, is sometimes described as a ‘solution in search of a problem’. There are many valid applications outside of pure cybersecurity — for example, reducing transaction costs in complex legal situations like house purchase… Continue reading New Blockchain Solution for IIoT Aims to Solve Scaling Problem
In 2010, SANS reported that knowledge of the Pass the Hash attack first described some thirteen years earlier was still poor. By 2019, knowledge of the threat vector that has now been in the public domain for more than two decades has improved, but is … Continue reading Pass the Hash Remains a Poorly Defended Threat Vector
An analysis of more than 2.2 billion emails between April and June (Q2) 2019 exposes the current tactics, techniques and targets of contemporary attackers.
read more
Continue reading Email Attacks Using Cloud Services are Increasing
Despite everything that has happened over the last four years, the security posture of the 2020 presidential candidates’ campaign websites is little better and often worse than it was in 2016.
read more
Continue reading 2020 Presidential Candidate Campaign Websites Fail On User Privacy