- Clear & Present Danger: Data Hoarding Undermines Better Securityby Elissa M. Redmiles Researcher, Max Planck Institute for Software Systems on April 13, 2021 at 2:00 pm
Facebook and Google can identify patterns of attack within their own data, but smaller businesses rarely see enough traffic to successfully identify an attack or warn users.
- 100M More IoT Devices Are Exposed—and They Won’t Be the Lastby Lily Hay Newman on April 13, 2021 at 4:01 am
The Name:Wreck flaws in TCP/IP are the latest in a series of vulnerabilities with global implications.
- ParkMobile Breach Exposes License Plate Data, Mobile Numbers of 21M Usersby BrianKrebs on April 12, 2021 at 10:18 pm
Someone is selling account information for 21 million customers of ParkMobile, a mobile parking app that's popular in North America. The stolen data includes customer email addresses, phone numbers, license plate numbers, hashed passwords and mailing addresses.
- Chrome Zero-Day Exploit Posted on Twitterby Elizabeth Montalbano on April 13, 2021 at 1:40 pm
An update to Google’s browser that fixes the flaw is expected to be released on Tuesday.
- More Biden Cybersecurity Nominationsby Bruce Schneier on April 13, 2021 at 2:13 pm
News: President Biden announced key cybersecurity leadership nominations Monday, proposing Jen Easterly as the next head of the Cybersecurity and Infrastructure Security Agency and John “Chris” Inglis as the first ever national cyber director (NCD). I know them both, and think they’re both good choices. More news.
- Average British computer criminal is young, male and not highly skilled, researcher findsby Gareth Corfield on April 13, 2021 at 9:27 am
Analysis of Computer Misuse Act cases also draws heavily on El Reg archives An academic researcher has analysed more than 100 Computer Misuse Act cases to paint a picture of the sort of computer-enabled criminals who plague Great Britain’s digital doings in the 21st Century.…
- Watch out for this W-2 phishing scam targeting the 2021 tax seasonby Lawrence Abrams on April 13, 2021 at 1:04 pm
With the United State tax season in high gear, threat actors have sprung into action with a recent tax document phishing scam that abuses TypeForm forms to steal your login credentials. [...]
- New NAME:WRECK Vulnerabilities Impact Nearly 100 Million IoT Devicesby noreply@blogger.com (Ravie Lakshmanan) on April 13, 2021 at 12:24 pm
Security researchers have uncovered nine vulnerabilities affecting four TCP/IP stacks impacting more than 100 million consumer and enterprise devices that could be exploited by an attacker to take control of a vulnerable system. Dubbed "NAME:WRECK" by Forescout and JSOF, the flaws are the latest in series of studies undertaken as part of an initiative called Project Memoria to study the security
- BrandPost: Why Choose Open XDR? It's the Integrationby Brand Post on April 13, 2021 at 2:58 pm
There are almost as many flavors of detection and response tools as there are flavors at the local ice cream shop – OK, perhaps that’s a slight exaggeration, but there are definitely a confusing number of options these days. NDR (network detection and response), EDR (endpoint detection and response), XDR (eXtended detection and response), and even Open XDR – they’re all variations on a theme of protecting endpoints, since they’re the first line of network defense.Which option to pick? As a ReliaQuest customer recently related to us with a smile on his face, cybersecurity vendors want to sell you tools: some of which are Teslas, and some of which are Vespas. Sometimes you need the full-on Tesla, and other times, the Vespa is all you really need to get the job done. But customers need to decide if the top-of-the-line model makes sense for the business, or if the scooter makes sense based on the risk environment.To read this article in full, please click here