Collaborate Disseminate
It would be funny, if it were not so frustrating, that two individuals so intent on managing risk don’t understand one another. But that is the fundamental problem between business and security leaders. The gap is so huge that bridging it may seem near… Continue reading How CISOs Can Successfully Talk Security to CEOs
Payments processor TIO Networks identified a security breach that potentially has compromised the personally identifiable information of 1.6 million people. PayPal, which acquired TIO in July for more than $230 million, suspended the company’s op… Continue reading PayPal Subsidiary TIO Networks Suffers Breach Affecting 1.6 Million Users
Attackers have found a new technique to make cryptocurrency mining, or cryptomining, inside browsers persistent, or at least survive normal attempts of closing the browser window. Drive-by cryptomining has become widespread in recent months with websit… Continue reading Attackers Inject Persistent Cryptomining in Browsers
Attackers have found a new technique to make cryptocurrency mining, or cryptomining, inside browsers persistent, or at least survive normal attempts of closing the browser window. Drive-by cryptomining has become widespread in recent months with websit… Continue reading Attackers Inject Persistent Cryptomining in Browsers
In an interesting turn of events, the ongoing case of Waymo v. Uber, which was scheduled to go to trial next week, has come to a screeching halt amid allegations of Uber having withheld material information surrounding the existence of a unit within th… Continue reading Uber’s Shady Competitive Intelligence Unit Revealed in Court
Apple has released an emergency fix for an embarrassing vulnerability that allowed people to access the highest privileges account on Mac computers without a password. The vulnerability was disclosed by a user Tuesday on Twitter. He noticed that when p… Continue reading Apple Fixes MacOS High Sierra Root Access Vulnerability
I recently read an article on Security Boulevard discussing how to get the most out of data loss prevention (DLP) technology. While much of the byline I agree with, especially the three questions all organizations should be asking to understand their d… Continue reading Data Loss Prevention Needs a Little Help from Its Friends
Researchers from security firm Risk Based Security have found that many installations of OpenEMR, a popular open-source electronic health records management application, contain the original setup script. This gaffe exposes the system to a complete com… Continue reading Millions of Health Records At Risk Due to Vulnerable OpenEMR Configurations
Some may say that China has always had an underlying current of xenophobia. Arrests and prosecutions of foreign nationals in China on unexplained or unidentified espionage charges continue. These actions continue to feed this narrative, as do the gover… Continue reading China Continues its Xenophobic Counterintelligence Campaigns
Developers of the widely used Exim message transfer agent are advising administrators to disable a feature on their email servers to protect them from a critical remote execution exploit that has been publicly disclosed. Developed at the University of … Continue reading Public Remote Code Execution Exploit Affects Thousands of Email Servers