SEARCH
All Articles
MATA Cross-Platform Malware Framework Tied to Lazarus Group
A malware framework known as MATA that targets Windows, Linux, and macOS machines has been attributed to the Lazarus group tied to North Korea.
EU Court Strikes Down Privacy Shield
The European Union’s Court of Justice ruling to strike down Privacy Shield means non-European companies must provide privacy controls that align with European data protection laws for European users regardless of where that information is stored or transferred.
Deciphering The Conversation
Zoe Lindsey and Peter Baker join Dennis Fisher to break down the 1974 Francis Ford Coppola paranoid classic The Conversation, a film that predicted today's surveillance culture and is a master class is social engineering and hacking.
Russian Attackers Target COVID-19 Vaccine Research
US and UK intelligence agencies say a Russian attack group known as APT29 is targeting organizations associated with COVID-19 vaccine research.
Google Debuts Confidential VMs to Protect Cloud Data in Use
Google Cloud Confidential VMs, now in beta, allows customers to run workloads in the cloud on data that is encrypted while it's in use.
SAP Patches Critical Flaw Across Product Line
A vulnerability in a NetWeaver component (CVE-2020-6287) that can be exploited by a remote unauthenticated attacker has been patched by SAP.
Wormable Flaw in Windows DNS Server Can Take Over IT Networks
DNS issues are bad news, and SigRed is among the worst: Microsoft fixes a flaw in Windows DNS Server which has a severity rating of 10 and is believed to be wormable.
Mozilla to Cut TLS Certificate Lifespan Nearly in Half
Mozilla will reduce the valid lifespan of TLS certificates in its root store to 398 days in a move to limit exposure for keys and certificates.
Google Releases Tsunami Vulnerability Scanner
Google's Tsunami scanner is designed specifically to find critical vulnerabilities in large-scale enterprise networks.
Lab Presents: What Data Brokers Know About Users
Under California’s data privacy law, consumers can ask companies for data that has been collected about them. However, this Duo Labs research reveals how the complex web of data sharing and partnerships makes it very difficult for consumers to know who has their data, let alone what is being collected.
Citrix Patches 11 Vulnerabilities in Several Products
Citrix has fixed 11 vulnerabilities in its ADC, Gateway, and SD-WAN appliances, some which could allow authenticated access to a target appliance.
Attackers Already Exploiting BIG-IP Vulnerability
A critical vulnerability in F5 Networks’ BIG-IP networking gear is under active attack, just days after the company first announced the flaw.
Facebook Changes Developer Rules After Apps Improperly Got User Data
On the heels of yet another privacy incident where Facebook app developers received user data when they shouldn’t be, the social networking giant rolled out new terms and policies for developers.
ACM Calls for Suspension of Facial Recognition Use
The Association for Computing Machinery, a venerable computing society, has called for the immediate suspension of the use of facial recognition systems until regulation is in place.
UCSF Pays Portion of $1.14M Ransom to Regain Medical School Data
The University of California San Francisco paid some of the $1.14 million ransom to regain access to data encrypted by ransomware on its School of Medicine servers.