Security News

In this article, we'll identify some first steps you can take to establish your cloud security strategy. We'll do so by discussing the cloud security impact of individual, concrete actions featured within the CIS Critical Security Controls and the CIS Benchmarks.

OpenTable has reversed its decision to show members' first names and profile pictures in past anonymous reviews after receiving backlash from members who felt it was a breach of privacy. This follows our reporting last week that OpenTable would display members' personal information on old and future reviews, even though old reviews, especially negative reviews, were created under the expectation they would remain anonymous.

Restaurant reservation platform OpenTable says that all reviews on the platform will no longer be fully anonymous starting May 22nd and will now show members' profile pictures and first names. "At OpenTable, we strive to build a community in which diners can help other diners discover new restaurants, and reviews are a big part of that," reads the OpenTable email seen by BleepingComputer.

Bruce Schneier was at the first ever RSA Conference in 1991, and he was the first 'exhibitor' in 1994 when he asked Jim Bidzos, Creator of the RSA Conference, if he could sell copies of his book "Applied Cryptography." Bidzos set Schneier up in the hotel lobby where the conference was being held-and the rest is history. Listen to some great RSA Conference memories on this episode of the History of RSA Conference.

Cybersecurity researchers have disclosed what they say is the "first native Spectre v2 exploit" against the Linux kernel on Intel systems that could be exploited to read sensitive data from the...

In today's digital era, data privacy isn't just a concern; it's a consumer demand. Businesses are grappling with the dual challenge of leveraging customer data for personalized experiences while...

The European Commission adopted the implementing regulation concerning the EU cybersecurity certification scheme on Common Criteria. ENISA is grateful for the guidance and support from Member States via the European Cybersecurity Certification Group and for the contributions of the Stakeholder Cybersecurity Certification Group.

Five $60,000 bounties - the second-highest monetary awards behind Synacktiv's $100k Tesla hacks - were awarded for attacks on EV chargers manufactured by Emporia, ChargePoint, Ubiquiti, Phoenix and JuiceBox. Three attacks against Automotive Grade Linux were also attempted, with only one succeeding.

Microsoft has released Windows Server Insider Preview 26040, the first Windows Server 2025 build for admins enrolled in its Windows Insider program. This build is the first pushed for the next Windows Server Long-Term Servicing Channel Preview, which comes with both the Desktop Experience and Server Core installation options for Datacenter and Standard editions, Annual Channel for Container Host and Azure Edition.

Apple released security updates to address this year's first zero-day vulnerability exploited in attacks that could impact iPhones, Macs, and Apple TVs. The zero-day fixed today is tracked as CVE-2024-23222 and is a WebKit confusion issue that attackers could exploit to gain code execution on targeted devices. "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited," Apple said today.