Android banking and finance apps’ security found wanting

Posted on April 6th, 2019 by Responsible Cyber

by Danny Bradbury Many mobile finance apps are littered with bugs that could allow attackers to access users’ sensitive data, a report revealed this week. The smallest providers of mobile financial apps had the best security practices, while the larger players produced the most vulnerable apps, according to a six-week analysis commissioned by application protection […]

Read More

Friday Squid Blogging: Fried Squid Recipe

Posted on April 6th, 2019 by Responsible Cyber

This is an easy fried squid recipe with saffron and agrodolce. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Tags: squid Go to Source Author: Bruce Schneier

Read More

The Matrix at 20: A Metaphor for Today’s Cybersecurity Challenges

Posted on April 6th, 2019 by Responsible Cyber

The Matrix ushered in a new generation of sci-fi movies and futuristic plotlines with a relentless, seemingly invulnerable set of villains. Twenty years later, that theme is all too familiar to security pros. It’s difficult to believe that The Matrix celebrated its 20th anniversary in March. It’s equally hard to ignore how well the film […]

Read More

WordPress iOS App Bug Leaked Secret Access Tokens to Third-Party Sites

Posted on April 6th, 2019 by Responsible Cyber

If you have a “private” blog with WordPress.com and are using its official iOS app to create or edit posts and pages, the secret authentication token for your admin account might have accidentally been leaked to third-party websites.WordPress has recently patched a severe vulnerability in its iOS application that apparently leaked secret authorization tokens for […]

Read More

Advanced Breach Protection Demystified – Untold Truths On Security Beyond AV

Posted on March 30th, 2019 by Responsible Cyber

Doing business in today’s connected world means dealing with a continually evolving threat landscape.With potential losses due to downtime following a breach, plus valuable client and proprietary information at risk, most organizations realize they cannot afford to be complacent.This puts extra onus on security IT teams, who are continuously left scrambling, looking for the best […]

Read More

APT group Elfin switches from data destruction to data stealing via WinRAR vulnerability

Posted on March 28th, 2019 by Responsible Cyber

Elfin (aka APT33), a hacker group affiliated with the Iranian government, is described by Symantec as “one of the most active groups currently operating in the Middle East.” They have been linked with a string of attacks on U.S. and Saudi Arabian companies, particularly in the aerospace and energy sectors. However, where previously the group […]

Read More

SaaS Ecosystem Complexity Ratcheting Up Risk of Insider Threats

Posted on March 24th, 2019 by Responsible Cyber

Even with common security platforms like CASBs, organizations struggle to deal with the volume of apps and accounts that interact with business-critical data. The pressure of increasing software-as-a-service (SaaS) deployments in the enterprise and the complexity of administering accounts across a varied cloud environment is ratcheting up the risk of insider threats. A new study […]

Read More

What can we learn about infosec from the Varsity Blues college admissions scandal?

Posted on March 24th, 2019 by Responsible Cyber

There is tremendous pressure with successful parents to get their kids into top colleges. Graduation from a top school doesn’t just bring with it the prestige of its diploma, it’s also the connections and job opportunities that come from the college experience at those institutions. For instance, graduates have a great likelihood to work for […]

Read More

What is malvertising? And how to protect against it

Posted on March 24th, 2019 by Responsible Cyber

Malvertising definition Malvertising, a word that blends malware with advertising, refers to a technique cybercriminals use to target people covertly. Typically, they buy ad space on trustworthy websites, and although their ads appear legitimate, they have malicious code hidden inside them. Bad ads can redirect users to malicious websites or install malware on their computers […]

Read More

Facebook password crisis – what to do? [VIDEO]

Posted on March 23rd, 2019 by Responsible Cyber

by Paul Ducklin Facebook has just admitted to years of problems with password hygiene by leaking plaintext passwords into logfiles by mistake. Watch this special edition of Naked Security Live… …we answer the questions lots of people have been asking us since we first wrote about this issue: What happened? Was this a blunder or […]

Read More