DoD Launches 'Hack the Marine Corps' Bug Bounty Program

The U.S. Department of Defense on Monday announced the launch of “Hack the Marine Corps,” the organization’s sixth bug bounty program. Similar to previous programs run by the Pentagon, Hack...
Continue reading
0 Comments

IETF Publishes TLS 1.3 as RFC 8446

IETF Publishes TLS 1.3 as RFC 8446
The Internet Engineering Task Force (IETF) on Friday published version 1.3 of the Transport Layer Security (TLS) traffic encryption protocol as RFC 8446. The final version of TLS 1.3 was...
Continue reading
0 Comments

Microsoft's National Cybersecurity Policy Framework: Practical Strategy or Non-Starter?

Microsoft Cybersecurity Policy Framework
Microsoft's Cybersecurity Policy Framework Has Good Intentions, But It's Difficult to See What It Actually Brings to the Table Microsoft has never been backward in making global recommendations for improved...
Continue reading
0 Comments

Nigerian Man Found Guilty on Charges Related to Hacking

ATLANTA (AP) — A jury in Atlanta has convicted a Nigerian man on federal charges related to hacking universities. Prosecutors said in a news release Monday that 34-year-old Olayinka Olaniyi...
Continue reading
0 Comments

IBM Describes AI-powered Malware That Can Hide Inside Benign Applications

DeepLocker - Advanced Malware
IBM Researchers Describe "DeepLocker" as a Stealthy, Evasive, Targeted Attack Methodology in a Class of Its Own Cybersecurity is an arms-race game of leapfrog. Adversaries gain the upper hand until...
Continue reading
0 Comments

Critical Flaws Found in NetComm Industrial Routers

NetComm patches critical flaws in industrial routers
An industrial router made by Australian telecommunications equipment company NetComm Wireless is affected by several serious vulnerabilities that can be exploited remotely to take control of affected devices. According to...
Continue reading
0 Comments

Google Tracks Your Movements, Like It or Not

Google wants to know where you go so badly that it records your movements even when you explicitly tell it not to. An Associated Press investigation found that many Google...
Continue reading
0 Comments

For Effective Patch Management, Don’t Overlook Risk

Patch management has always been an evergreen topic for security practitioners. Each time poor patching is identified as the root cause of a breach, it triggers a new flood of...
Continue reading
0 Comments

Smart Irrigation Systems Expose Water Utilities to Attacks

Piping botnet targets smart irrigation systems
A team of experts has analyzed smart irrigation systems from several vendors and found vulnerabilities that can be exploited to cause potentially serious disruptions to urban water services. Researchers from...
Continue reading
0 Comments

HIPAA Security Rule Turns 20: It's Time for a Facelift

HIPAA Security Rule Turns 20: It's Time for a Facelift Security Expert Tom Walsh Discusses Why the Technical Regs Need an Update) • August 10, 2018     15 Minutes   ...
Continue reading
0 Comments

D-Link Routers In Brazil Fall To DNS Tampering

D-Link Routers In Brazil Fall To DNS Tampering
image
image
Data Breach , Endpoint Security , Fraud Remotely Exploitable Software Vulnerabilities To Blame For Hijacking( jeremy_kirk ) • August 13, 2018    Vulnerable D-Link routers were exploited to direct people...
Continue reading
0 Comments

Beware the Fax Machine: Some Hackers Target Old Gadgets

Hackers could infiltrate a network by exploiting all-in-one printer-fax machines.
What could be less threatening than the old office fax machine? Nothing. That's precisely why it's used as a backdoor for hackers to get into an organization's network. Check Point,...
Continue reading
0 Comments

Kaspersky VPN Bug Leaked DNS Lookups

A recently patched security vulnerability in the Kaspersky VPN application for Android resulted in DNS queries being exposed even after the user connected to a virtual server. The flaw was...
Continue reading
0 Comments

Critical Vulnerability Patched in Oracle Database

Oracle patches critical Database flaw
Oracle informed customers late on Friday that its Database product is affected by a critical vulnerability. Patches have been released and users have been advised to install them as soon...
Continue reading
0 Comments

Amazon S3 Bucket Exposed GoDaddy Server Information

A publicly accessible Amazon S3 bucket was found storing documents apparently detailing GoDaddy infrastructure running in the Amazon AWS cloud, UpGuard reveals. GoDaddy is considered the world’s largest domain name...
Continue reading
0 Comments

Bitfi Gets Pwnies Award for 'Lamest Vendor Response'

Bitfi Gets Pwnies Award for 'Lamest Vendor Response'
image
Cybersecurity , Data Breach , Data Loss Bitfi Gets Pwnies Award for 'Lamest Vendor Response' How John McAfee's Cryptocurrency Hardware Wallet and Company Fell Short( euroinfosec ) • August 9,...
Continue reading
0 Comments

The Global State of Online Digital Trust

The Global State of Online Digital Trust CA's David Duncan on the Business Impact of Breaches and Broken Trust Forty-eight percent of customers drop the products and services of organizations that...
Continue reading
0 Comments

Managed Detection & Response for Financial Services

Managed Detection & Response for Financial Services Arctic Wolf's Todd Thiemann on How to Augment Existing Staff, Defenses Ransomware. Phishing. Credential stuffing. These are among the top threats to financial institutions...
Continue reading
0 Comments

New Privacy Issues for Amazon

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use...
Continue reading
0 Comments

Gaining Visibility Into Supply Chain Risk

Governance , Vendor Risk Management CrowdStrike's Mike Sentonas Shares Insights From Latest Research( APACinfosec ) • August 9, 2018    Michael Sentonas, vice president, technology strategy, Crowdstrike Even though many...
Continue reading
0 Comments