Software & App Vulnerabilities

Avoiding Video Background Snafus: How to Hold Safe Meetings Online

Posted on May 19, 2021 by Jennifer Gregory

Zoom mishaps have provided us with much comic relief while we’re trying to adjust to safe meetings online. We’ll never forget the lawyer who wasn’t really a cat and the boss who was a potato. Zoom backgrounds weren’t left out of the fun either. They gave us laughs, like the student who used Danny DeVito’s […]

The post Avoiding Video Background Snafus: How to Hold Safe Meetings Online appeared first on Security Intelligence.

Continue reading Avoiding Video Background Snafus: How to Hold Safe Meetings Online→

What is Ghimob Malware?

Posted on May 7, 2021 by David Bisson

A new Android malware strain ‘Ghimob’ is mimicking third-party mobile (mainly banking) apps to spy and steal user data when downloaded and installed. This Trojan virus steals data from users, primarily targeting online banking and cryptocurrency. As of the end of 2020, it is believed to siphon data from more than 153 apps by asking […]

The post What is Ghimob Malware? appeared first on Security Intelligence.

Continue reading What is Ghimob Malware?→

Health Care Ransomware Strains Have Hospitals in the Crosshairs

Posted on April 23, 2021 by Koen Van Impe

The language of digital attacks shares a lot with the language of disease: ‘viruses’ ‘infect’ computers, and stopping their spread can be like trying to keep down a contagious disease. The two worlds also come together when threat actors attack using health care ransomware. When every minute could change the fate of a patient, preventing […]

The post Health Care Ransomware Strains Have Hospitals in the Crosshairs appeared first on Security Intelligence.

Continue reading Health Care Ransomware Strains Have Hospitals in the Crosshairs→

Wake Me Up Before You Know Know … About the Latest Third-Party Data Breach

Posted on April 13, 2021 by Abby Ross

“It has gotten to the point, unfortunately, where they are so frequent and common these days, that it’s like, here we go again,” Christopher Sitter says when I asked him about the prospect of a third-party data breach. Sitter is the senior director of information security at Juniper Networks. He manages all things incident response-related — […]

The post Wake Me Up Before You Know Know … About the Latest Third-Party Data Breach appeared first on Security Intelligence.

Continue reading Wake Me Up Before You Know Know … About the Latest Third-Party Data Breach→

Using the Threat Modeling Manifesto to Get Your Team Going

Posted on April 7, 2021 by Irene Michlin

Secure software development requires a ‘shift left’ — paying attention to security and privacy early in the life cycle. Threat modeling is a very useful activity for achieving this goal, but for a variety of reasons, organizations struggle to introduce it. Last year, a group of industry and academy experts got together with the goal […]

The post Using the Threat Modeling Manifesto to Get Your Team Going appeared first on Security Intelligence.

Continue reading Using the Threat Modeling Manifesto to Get Your Team Going→

A Look at HTTP Parameter Pollution and How To Prevent It

Posted on February 3, 2021 by Darshan Mulimath

With HTTP Parameter Pollution (HPP) attacks, threat actors can hide scripts and processes in URLs. First discovered in 1999, this technique can also allow threat actors to pollute the parameters in the URL and the request body. This could lead to behavior changes in the app, such as cross-site scripting, privilege changes or granting unwanted […]

The post A Look at HTTP Parameter Pollution and How To Prevent It appeared first on Security Intelligence.

Continue reading A Look at HTTP Parameter Pollution and How To Prevent It→

QR Code Security: What You Need to Know Today

Posted on January 19, 2021 by Mike Elgan

QR codes are very common today, enough so that attackers are discovering ways of using them for profit. How can QR codes be used this way, and what can you do to boost QR code security and protect against these scams? What Are QR Codes Used For? QR codes — short for “quick response codes” […]

The post QR Code Security: What You Need to Know Today appeared first on Security Intelligence.

Continue reading QR Code Security: What You Need to Know Today→

E-Commerce Skimming is the New POS Malware

Posted on December 16, 2020 by Camille Singleton

As the holiday shopping season shifts into high gear, the COVID-19 pandemic is accelerating an ongoing trend: shoppers are opting to buy online. Rather than flooding brick-and-mortar stores — and point-of-sale (POS) machines — with sales, studies suggest a high percentage of shoppers in 2020 will be using online options and e-commerce checkout pages. And, those checkout […]

The post E-Commerce Skimming is the New POS Malware appeared first on Security Intelligence.

Continue reading E-Commerce Skimming is the New POS Malware→

Shadow IT: Addressing the Risks in Remote Work Environments

Posted on November 23, 2020 by David Bisson

Shadow IT can cause big problems for cybersecurity. The trouble is in the name: these connections exist in the shadows outside of IT (information technology) and security personnel’s knowledge. So, what can IT leaders do to address it in a time of growing remote workforces? What is Shadow IT? Shadow IT consists of information technology […]

The post Shadow IT: Addressing the Risks in Remote Work Environments appeared first on Security Intelligence.

Continue reading Shadow IT: Addressing the Risks in Remote Work Environments→