Blog
-
Hundreds of Malicious Apps Targeting Facebook Login Information Found on App Stores
The malicious apps appeared to evade Apple and Google security by not including malware or recognized threat elements. Users are asked for Facebook login information at the startup screen, which was then skimmed by the attacker and used to take over the account.
-
Source Code Leak May Have Exposed Security Features of Intel Alder Lake
The Intel Alder Lake files contain nearly 6 GB of information in a zip file, most of that the BIOS source code leak. Assorted tools and documentation are included, some of which present potential security problems.
-
Binance Crypto Hack Joins the Top Ranks With $566 Million Loss
Binance suffered a crypto hack that led to a loss of $566 million. Attackers exploited a vulnerability in the Binance Smart Chain Token Hub bridge that involved using prior legitimate proof messages to forge new ones.
-
Telstra Data Breach Not as Bad as Optus Hack, but Pattern of Telco Break-ins Raises Concerns
First the Optus hack, now a Telstra data breach. The timing of the two incidents may well be a coincidence, but the breaches of two of the biggest service providers in rapid succession have raised serious concerns among both citizens and lawmakers.
-
Former Uber Security Chief Convicted for Role in Covering up 2016 Data Breach, Sentencing Could Include Prison Time
The 2016 Uber data breach was a case study in how not to handle such an incident, and after court proceedings it appears that former security chief Joseph Sullivan will be taking the brunt of the responsibility.
-
New Study Finds Personal Data Theft Is Moving to Social Media in a Big Way
Cyber criminals are spending much more time on social media. Personal data theft is up across multiple categories, but social media account takeovers have jumped a shocking 1,000% in just a year’s time.
-
Congress Ready for Open Source Software Security Push With New Bill
Proposed open source software security bill would task CISA with creating a risk assessment framework applicable throughout the federal government for open source software it adopts.
-
Companies Face Barriers to DevSecOps Maturity as Half Have Vulnerability Management Backlogs of at Least 100,000 Issues
Majority of companies have heavy vulnerability management backlogs and are struggling to address them. 66% report at least 100,000 in their backlog, and 33% have at least one million. In some cases, the existing backlog is a major barrier to getting DevSecOps functioning properly.
-
Hundreds of Fake Dating Sites Found To Be Part of Massive Credit Card Fraud Ring Making Charges on Stolen Credit Cards
Credit card fraud scheme earned tens of millions of dollars over the past three years by making charges on stolen credit cards on hundreds of fake dating websites approved by payment processors.
-
Security of Connected Devices Could See Improvements Thanks to EU’s New Cyber Resilience Act
A very wide range of connected devices will be covered by the EU Cyber Resilience Act’s terms, essentially anything that can connect to the internet or even just to other devices or home networks.