Tales from the honeypot: this time a MySQL-based attack. Old tricks still work, because we're still making old mistakes - here's what to do.
Almost exactly one year after the stringent European General Data Protection Regulation came into effect (May 25, 2019), the Supreme Court of the state of Georgia has ruled (May 20, 2019) that the state government does not have an inherent obligation to protect citizens' personal information that it stores. read more
Your two-minute guide to all the other security news this week Roundup It's a bumper three-day weekend in the US and UK, so we won't keep you long. Here's a rapid summary of information security news from the past week beyond what El Reg has already covered.…
Article: "How a Squid's Color-Changing Skin Inspired a New Material That Can Trap or Release Heat." As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here....
The Web site for Fortune 500 real estate title insurance giant First American Financial Corp. [NYSE:FAF] leaked hundreds of millions of documents related to mortgage deals going back to 2003, until notified this week by KrebsOnSecurity. The digitized records -- including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images -- were available without authentication to anyone with a Web browser.
Recently I've heard Edward Snowden talk about his working at the NSA in Hawaii as being "under a pineapple field." CBS News recently ran a segment on that NSA listening post on Oahu. Not a whole lot of actual information. "We're in office building, in a pineapple field, on Oahu...." And part of it is underground -- we see a...
After a report found that Snap employees were abusing their access to Snapchat data, experts are warning that insider threats will continue to be a top challenge for privacy.
ZDNet's Danny Palmer sits down with TechRepublic's Karen Roby to break down exactly what GDPR is, what it does, and what the future looks like as its one-year anniversary approaches.
New .htaccess injector threat on Joomla and WordPress websites redirects to malicious websites.
Microsoft-owned GitHub on Thursday announced the introduction of several new security tools and features designed to help developers secure their code. read more
Microsoft’s unified endpoint security solution is now publicly available for Mac users, following two months of limited preview. read more
The Windows 10 update that's rolling out addresses insecure Wi-Fi hotspots with new user notifications.
The EU's strict data laws have set the global benchmark for protecting personal information online since coming into force a year ago, but some worry that many users have barely noticed the change. read more
The New York State Department of Financial Services (DFS) this week announced that it has launched a new cybersecurity division whose role is to protect consumers and financial services organizations from cyber threats. read more
Though phishing volume remained relatively stable, attacks against Canadian users dominate, according to an RSA report.
CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.