Data Breach Roundup: U.S. Healthcare, Cryptopia, SingHealth and Experian
January is off to a running start on the data breach front, while Experian is predicting new attack frontiers ahead.
Alerts
Judge: Law Enforcement Can’t Force Suspects to Unlock iPhones with FaceID
A ruling found that coercing suspects to open their phones using biometrics violates the fourth and fifth amendments.
ThreatList: $1.7M is the Average Cost of a Cyber-Attack
Brand damage, loss of productivity, falling stock prices and more contribute to significant business impacts in the wake of a breach.
Popular Web-Hosting Platform Bluehost Riddled with Flaws
He said that similar flaws were also found in the Dreamhost, HostGator, OVH and iPage web hosting platforms.
Threatpost Poll: Can We Fix 2FA?
Take our short poll to weigh in on the state of two-factor authentication.
Hack Allows Escape of Play-with-Docker Containers
Researchers created a proof-of-concept escape of Docker test environment.
Ryuk Hauls in $3.7M in ‘Earnings,’ Adds TrickBot to the Attack Mix
The malware's operator, Grim Spider, could be affiliated with Russian cybercrime rings, according to some -- others say there's no concrete evidence.
Mozilla Kills Default Support for Adobe Flash in Firefox 69
Firefox 69 will force users to manually install Adobe Flash as the plugin inches toward end of life.
Data Exposed in OXO, Amazon and MongoDB Leaks
Dual data exposures and a wide-scale data leak due to a vulnerable MongoDB database have kicked off 2019 so far.
Podcast: Emotet Grows With Fast-Evolving Tactics
Threatpost discusses the future of the Emotet banking trojan with Cylance.
Pre-Installed Android App Impacts Millions with Slew of Malicious Activity
The app was developed by legitimate Chinese manufacturing giant TCL.
TA505 Crime Gang Debuts Brand-New ServHelper Backdoor
The latest malware from TA505 has been seen targeting banks, retailers and restaurants with two different versions.
U.S. Government Shutdown Leaves Dozens of .Gov Websites Vulnerable
As the shutdown continues into its 21st day, dozens of .gov websites haven't renewed their TLS certificates.
Yet Another Bypass: Is 2FA Broken? Authentication Experts Weigh In
A penetration testing tool called Modlishka can defeat two-factor authentication in the latest 2FA security issue. We asked a roundtable of experts what it all means.
At CES, Focus is On ‘Cool Factor’ Not IoT Security
When it comes to IoT, the priority at CES is the "wow factor" - but not so much a focus on security.
‘Unprecedented’ DNS Hijacking Attacks Linked to Iran
The attacks, targeting several countries to redirect traffic and harvest credentials, have been linked to Iran.
Google Search Results Spoofed to Create Fake News
The technique can be used to spread disinformation while leveraging the trust people have in Google's search results.
Critical Flaw in Cisco’s Email Security Appliance Enables ‘Permanent DoS’
A remote attacker could exploit the vulnerability simply by sending an email.
ICEPick-3PC: A Sophisticated Adware That Collects Data En Masse
Researchers think an organized crime gang is running the massive campaigns, prepping for large-scale follow-on attacks on Android users.
Google Play Boots 85 Malicious Adware Apps
Once downloaded, the fake apps hide themselves on the victim’s device and continue to show a full-screen ad every 15 minutes.
The First Stop For Security News
Subscribe to Alerts feed
0732150500/7, 0703044000/7
KENET WEBSITE
