Mozilla, Internet Society and Others Pressure Retailers to Demand Secure IoT Products

Posted on February 15th, 2019 by Responsible Cyber

New initiative offers five principles for greater IoT security . Mozilla Foundation, the Internet Society, and eight other organizations have teamed up to push retailers to demand that Internet of Things manufacturers improve security in their devices. The initiative seeks to enlist retailers to use their greatest power — that of dropping products from distribution […]

Read More

CrowdStrike Store opens its endpoint security agent to other vendors

Posted on February 15th, 2019 by Responsible Cyber

Cloud-based endpoint security company CrowdStrike has launched a new platform that allows other security vendors to use its own software agent to collect data. It’s a new model that, if successful, could disrupt the endpoint security space and could solve a problem that many organizations have: Being forced to install software agents from multiple vendors […]

Read More

How Fortinet Helps Bridgeway Senior Healthcare Protect PHI and Provide Top-Notch Care

Posted on February 15th, 2019 by Responsible Cyber

In most organizations, social security numbers, credit card information, and consumer data are kept secure under cyber lock and key. When it comes to healthcare, however, organizations are tasked with more than just data protection, but also protecting the lives and well-being of their patients. Bridgeway Senior Healthcare is a nationally recognized, award-winning healthcare provider […]

Read More

Ep. 019 – Android holes, iOS screengrabbing and USB poo [PODCAST]

Posted on February 15th, 2019 by Responsible Cyber

by Paul Ducklin The Naked Security podcast pokes a stick into the latest critical security bugs in Android, investigates the dubious art of iOS screenshots you didn’t know about, and marvels at the USB drive that survived a seal’s digestive tract. With Anna Brading, Paul Ducklin, Mark Stockley and Matthew Boddy. This week’s stories: If […]

Read More

New CSO, CISO appointments

Posted on February 14th, 2019 by Responsible Cyber

The upper ranks of corporate security are seeing a high rate of change as companies try to adapt to the evolving threat landscape. Many companies are hiring a chief security officer (CSO) or chief information security officer (CISO) for the first time to support a deeper commitment to information security. CSO’s Movers & Shakers is […]

Read More

First Android Clipboard Hijacking Crypto Malware Found On Google Play Store

Posted on February 14th, 2019 by Responsible Cyber

A security researcher has discovered yet another cryptocurrency-stealing malware on the official Google Play Store that was designed to secretly steal bitcoin and cryptocurrency from unwitting users.The malware, described as a “Clipper,” masqueraded as a legitimate cryptocurrency app and worked by replacing cryptocurrency wallet addresses copied into the Android clipboard with one belonging to attackers, […]

Read More

Patch Tuesday, February 2019 Edition — Krebs on Security

Posted on February 14th, 2019 by Responsible Cyber

Microsoft on Tuesday issued a bevy of patches to correct at least 70 distinct security vulnerabilities in Windows and software designed to interact with various flavors of the operating system. This month’s patch batch tackles some notable threats to enterprises — including multiple flaws that were publicly disclosed prior to Patch Tuesday. It also bundles […]

Read More

RunC Flaw Lets Attackers Escape Linux Containers to Gain Root on Hosts

Posted on February 14th, 2019 by Responsible Cyber

A serious security vulnerability has been discovered in the core runC container code that affects several open-source container management systems, potentially allowing attackers to escape Linux container and obtain unauthorized, root-level access to the host operating system.The vulnerability, identified as CVE-2019-5736, was discovered by open source security researchers Adam Iwaniuk and Borys Popławski and publicly disclosed […]

Read More

Researchers Dig into Microsoft Office Functionality Flaws

Posted on February 14th, 2019 by Responsible Cyber

An ongoing study investigating security bugs in Microsoft Office has so far led to two security patches. Microsoft Office, ubiquitous on enterprise and personal computers, is a hot target for cybercriminals and a key focus area for researchers hoping to find bugs before the bad guys do. Stan Hegt and Pieter Ceelen, both security researchers […]

Read More

Cybersecurity and the Human Element: We’re All Fallible

Posted on February 13th, 2019 by Responsible Cyber

We examine the issue of fallibility from six sides: end users, security leaders, security analysts, IT security administrators, programmers, and attackers. First of a six-part series. We are only human; we all make mistakes sometimes. Until the day when both the offensive and defensive sides of cyberattacks are conducted entirely by machines, we need to […]

Read More