Latest from James Sanders
-
Data breaches increased 54% in 2019 so far
More than 3,800 data breaches have hit organizations in 2019, according to Risk Based Security.
-
Huawei doesn't see open source as the fix for spying accusations (but it should)
The closed-source, opaque operation of network equipment makes spying accusations difficult to disprove. This could be solved by opening the software stack, but Huawei CSO Andy Purdy disagrees.
-
Russian phishing campaign using AWS to host landing pages designed to avoid detection
Assets used as part of phishing campaigns are being hosted on AWS, with heavy XOR obfuscation to limit detection, according to a Proofpoint report.
-
Businesses need to patch for BlueKeep to avoid another WannaCry
BitSight is sounding an alarm over the potential for patching to taper off, leaving legacy systems at risk for the potentially potent vulnerability.
-
SanDisk's SSD Dashboard uses hardcoded password, lacks encrypted updates
Lackadaisical security practices in proprietary management software from a hardware vendor underscore the need for a vendor-agnostic solution.
-
Vulnerability in VxWorks RTOS allows attackers to control internal networks
Internet-connected devices powered by VxWorks 6.5 and newer are affected by a vulnerability that allows remote attackers full control over targeted devices.
-
Facebook data privacy scandal: A cheat sheet
Read about the saga of Facebook's failures in ensuring privacy for user data, including how it relates to Cambridge Analytica, the GDPR, the Brexit campaign, and the 2016 US presidential election.
-
83% have experienced a DDoS attack in the past two years, survey finds
The ease with which DDoS attacks can be waged makes them particularly prevalent, with over half surveyed experiencing multiple attacks waged against their organization.
-
40% of enterprises experienced Office 365 credential theft, report finds
While 80% of organizations use more than the default security provided by Office 365, additional measures are needed to secure enterprise email.