fbpx

Download free GDPR compliance checklist!

Tag Archives for " cybersecurity "

Interpol: Strong encryption helps online predators. Build backdoors

Multinational police agency Interpol is due to say that tech companies deploying strong encryption helps paedophiles – unless they build backdoors for police workers.

So-called “think of the children” rhetoric is a tried and trusted strategy for police workers who are determined to get their way with politicians. The agency has yet to issue the communique in question, though it is expected to be welcomed by Western governments increasingly fed up that their internal security agencies are unable to exercise China-style social control and surveillance over their populations.

Source: Interpol: Strong encryption helps online predators. Build backdoors • The Register

Ransomware increases 74.23% year on year

New research by Bitdefender identifies a significant rise in ransomware this year, in comparison to 2018.

In its Mid-Year Threat Landscape Report, researchers noted that since the fall of GrandCrab earlier this year, many spinoff ransomware families have filled the gap.

The top three threats facing business and consumers included coin-mining malware, commonly used in cryptojacking campaigns, exploits leveraging unpatched or previously known vulnerabilities and fireless attacks and banking trojans.

Source: #Privacy: Ransomware increases 74.23% year on year

Top 10 data security predictions for 2020

Data classification firm Titus has unveiled its “Top 10 Data Security Predictions for 2020″ – timely insights based on surveys and conversations with both public and private enterprises around the world as well as executive participation at major events.

Full article: #Privacy: Top ten data security predictions for 2020

Over 100K malicious sites using valid certificates

New research has uncovered suspicious retail look-alike domains using valid certificates.

Research conducted by Venafi, analysed suspicious domains targeting 20 major retailers in the US, UK, France, Germany and Australia. Over 100,000 lookalike domains using valid TLS certificates, to appear safe and trustworthy, were identified.

Source: #Privacy: Over 100K malicious sites using valid certificates

DNS-over-HTTPS will eventually roll out in all major browsers

All six major browser vendors have plans to support DNS-over-HTTPS (or DoH), a protocol that encrypts DNS traffic and helps improve a user’s privacy on the web.

The DoH protocol has been one of the year’s hot topics. It’s a protocol that, when deployed inside a browser, it allows the browser to hide DNS requests and responses inside regular-looking HTTPS traffic.

Source: DNS-over-HTTPS will eventually roll out in all major browsers, despite ISP opposition | ZDNet

Most organisations still misunderstand cloud security

A report based on a survey of over 700 respondents from the United States, Canada and UK, foundthat 60% of respondents misunderstand the shared responsibility model for cloud security and incorrectly believe the cloud provider is responsible for securing privileged access.

Furthermore, 68% of organisations are not employing a common security model or enforcing least privilege access to reduce risk, and the majority list security as their main challenge with cloud migrations.

Source: #Privacy: Most organisations still misunderstand cloud security, report reveals

Chinese researchers reveal method to bypass biometric fingerprint scanners in smartphones

Chinese security researchers from X-Lab security at Tencent challenged fingerprint security in a presentation at the GeekPwn 2019 conference in Shanghai, writes Forbes. The team claims it can hack into almost any Android or iOS device in just about 20 minutes by using what appears to be a fairly simple fingerprint hacking method.

Without giving too many details about the actual technical approach to the audience, researchers used a smartphone to take a photo of fingerprints left on a glass and ran the photo through an app they developed. They were then able to gain access into three different phones equipped with different scanning technologies, one each with capacitive, optical, and ultrasonic sensors.

Source: Chinese researchers reveal method to bypass biometric fingerprint scanners in smartphones | Biometric Update

Google teams up with security companies to catch bad apps before they hit the Play Store 

Google announced that it’s teaming up with three security companies to help identify malicious apps before they’re published on the Play Store and can potentially do harm to Android users. The company is calling this partnership the App Defense Alliance.

Android is on over 2.5 billion devices, according to Google, and the company says that makes the platform “an attractive target” for abuse.

Source: Google teams up with security companies to catch bad apps before they hit the Play Store – The Verge

The DNA database used to find the Golden State Killer is a national security leak waiting to happen

A private DNA ancestry database that’s been used by police to catch criminals is a security risk from which a nation-state could steal DNA data on a million Americans, according to security researchers.

Security flaws in the service, called GEDmatch, not only risk exposing people’s genetic health information but could let an adversary such as China or Russia create a powerful biometric database useful for identifying nearly any American from a DNA sample.

Source: The DNA database used to find the Golden State Killer is a national security leak waiting to happen – MIT Technology Review

Over 21 million stolen login credentials found on the dark web

Stolen login credentials from Fortune 500 companies have been found in numerous places on the dark web, many of which are available in plaintext form.

Amid the 21 million records exposed, it is noted that only 4.9 million of them were fully unique passwords, suggesting that many users have identical or similar passwords. 16 million of them being compromised during the last 12 months.

Source: State of Stolen Credentials in the Dark Web from Fortune 500 Companies | ImmuniWeb Security Blog

1 2 3 101
>