Security News > 2020

REGISTRY LOCK. Dijkxhoorn said one security precaution his company had not taken with their domain prior to the fraudulent transfer was a "Registry lock," a more stringent, manual process that effectively neutralizes any attempts by fraudsters to social engineer your domain registrar. With a registry lock in place, your registrar cannot move your domain to another registrar on its own.

Unexpectedly, in December, Apple published a blog thanking Google for suggesting some changes to ITP which they'd implemented in Safari as part of December's iOS 13.3, and Safari for macOS 13.0.4 updates. Any site can issue cross-site requests, increasing the number of ITP strikes for an arbitrary domain and forcing it to be added to the user's ITP list.

Now that you have the Observium network monitoring platform installed, it's time to add a host.

Learn how to avoid saving your Docker login credentials in plain text by creating an encrypted credential storage. I want to walk you through the process of enabling secure credential storage in Docker.

Microsoft this week announced the availability of Azure Security Benchmark v1, a collection of more than 90 security best practices recommendations for Azure customers. ASB, Microsoft says, was designed to improve the consistency of security documentation for Azure services by creating a framework containing all recommendations for Azure services, in the same format.

Aleksey Burkov, a Russian national who was extradited to the U.S. from Israel in November, pleaded guilty Thursday to federal charges related to owning and operating a site called "Cardplanet," which trafficked in stolen payment card data, according to the Justice Department. Burkov, 29, pleaded guilty to charges that included access device fraud; conspiracy to commit computer intrusion, identity theft, wire and access device fraud; and money laundering.

Hackers who may have ties to Iran have recently turned their attention to the European energy sector, using open source tools to target one firm's network as part of an cyberespionage operation, according to the security firm Recorded Future. The precise goal of the campaign that the Recorded Future analysts describe in a report released Thursday is not clear, although other studies have found that several Iranian-backed advanced persistent threat groups have targeted U.S. and European businesses connected to the energy sector over the last several years - before the tensions between the U.S. and Iran recently heated up.

U.S. lawmakers on Thursday introduced a bill that aims to reform the National Security Agency's surveillance programs in an effort to protect citizens' rights. The senator, a vocal critic of the NSA's surveillance programs, last year introduced a bill that sought to put an end to the mass collection of Americans' phone records.

An internet privacy firm says it was able to access private personal information of more than 30,000 medical marijuana patients, recreational pot customers or dispensary employees in several states. The privacy firm was searching for unsecured data online and says the database has now been secured.

There are not only more users, but also more kinds of users working in more places, all needing to authenticate in a way that keeps resources secure without making access unduly difficult or time-consuming. You need an authentication solution that allows you to authenticate users in multiple ways, both to meet different users' needs for convenient access and to make multi-factor authentication possible for security purposes.