The latest edition of the ISMG Security Report discusses new combination ransomware and doxing attacks. Plus, Twitter drops phone numbers in 2FA, and why we need to consider quantum cryptography today.
Microsoft has outlined its plans for supporting the encryption of Domain Name System queries, which allows for more private internet browsing. The first step will be to upgrade connections to DNS over HTTPS, but allow admins to control DNS settings.
A House impeachment hearing has revealed that President Donald Trump spoke by phone with a key ambassador - who was sitting in a Kiev restaurant - about "investigations." If that mobile phone call was unsecured, security experts say, foreign intelligence agencies could have intercepted it.
Personalized product retailer CafePress has been hit with a lawsuit alleging that it failed to notify 23 million customers about a data breach in a timely manner or follow security best practices. The company was allegedly still using outdated SHA-1 to hash passwords, which can be easily cracked.
Facebook is falling under renewed pressure for its plans to make its messaging platforms fully encrypted. The U.S., U.K. and Australia are asking Facebook to ensure law enforcement can access messages.
Delayed enforcement of the "strong customer authentication" requirements for online transactions under the European Union's PSD2 regulation is hampering efforts to enhance security. That's why the European Banking Authority should act quickly to develop a new timeline.
The Canadian government has arrested a senior intelligence official on charges of working as a mole. He was reportedly unmasked after investigators found someone had pitched stolen secrets to the CEO of Phantom Secure, a secure smartphone service marketed to criminals that authorities shuttered last year.
Even with the uptake of cloud services, many large enterprises still hold data on mainframes, says Philip MacLochlainn of IBM. But the diversity of computing environments around mainframes is rapidly changing, which increases the risk of data breaches, he explains.
Web hosting company Hostinger has reset all customer passwords after one of its databases was breached, affecting 14 million accounts. The intruder gained access to an authorization token that allowed access to a customer database, the company says.
Monzo, a U.K. mobile-only bank that plans to expand into the U.S., alerted about 480,000 customers to change their PINs this week after the company's security team found that a software bug meant some numbers were stored unencrypted in plaintext.
The latest edition of the ISMG Security Report offers a deep dive on the debate about whether law enforcement officials should have a "backdoor" to circumvent encryption. Also featured: An analysis of Equifax's settlement with the FTC and a discussion of a new report on the cost of data breaches.
U.S. Attorney General William Barr argued on Tuesday that enabling law enforcement to access encrypted content would only minimally increase data security risks. Barr's comments drew criticism from lawmakers and technologists, who contend backdoors would put the public at greater risk.
Like many risk-averse organizations, state and local governments are missing out on the benefits of full-scale cloud adoption because they are paralyzed by the complexities associated with trusting their data to a third party. It's no surprise that government agencies have concerns about storing citizen data in the...
A cybersecurity vulnerability discovered in open source software used by organizations conducting genomic analysis could potentially have enabled hackers to affect the accuracy of patient treatment decisions. But the vulnerability was patched before hackers took advantage of it, researchers believe.
Déjà vu basic cybersecurity challenge all over again: With the U.S. government warning that geopolitical tensions could trigger wiper-attack reprisals, security experts review the basic anti-wiper - and anti-ransomware - defenses organizations should already have in place.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.
