Protecting Your Cyber World With Real World Solutions

The FTC Is Officially Investigating Facebook's Data Practices

This entry was posted in SecurityNews on March 27, 2018 by

By l33tdawg The FTC Is Officially Investigating Facebook’s Data Practices
l33tdawg
Tue, 03/27/2018 – 05:32 …read more

Trending
Current
CSO
Did you Know?

Morgan Stanley fined millions for selling off devices full of customer PII

Critical data on old disks always seems inaccessible if you really need it. But when you DON''T want it back, guess what happens... [...]

S3 Ep101: Uber and LastPass breaches – is 2FA all it’s cracked up to be? [Audio + Text]

Latest episode - listen now! Learn why adopting 2FA isn't a reason to relax your other security precautions... [...]

Interested in cybersecurity? Join us for Security SOS Week 2022!

Four one-on-one interviews with experts who are passionate about sharing their expertise with the community. [...]

LastPass source code breach – incident response report released

Wondering how you'd handle a data breach report if the worst happened to you? Here's a useful example. [...]

S3 Ep100.5: Uber breach – an expert speaks [Audio + Text]

Chester Wisniewski on what we can learn from Uber: "Just because a big company didn't have the security they should doesn't mean you can't." [...]

UBER HAS BEEN HACKED, boasts hacker – how to stop it happening to you

Uber is all over the news for a widely-publicised data breach. We help you answer the question, "How do I stop this happening to me?" [...]

Student Loan Breach Exposes 2.5M Records

2.5 million people were affected, in a breach that could spell more trouble down the line. [...]

Watering Hole Attacks Push ScanBox Keylogger

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool. [...]

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system. [...]

Ransomware Attacks are on the Rise

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. [...]

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed. [...]

Twitter Whistleblower Complaint: The TL;DR Version

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk. [...]

SEO poisoning campaign directs search engine visitors from multiple industries to JavaScript malware

Researchers have discovered a high-effort search engine optimization (SEO) poisoning campaign that seems to be targeting employees from multiple industries and government sectors when they search for specific terms that are relevant to their work. Clicking on the malicious search results, which are artificially pushed higher in ranking, lead visitors to a known JavaScript malware downloader."Our findings suggest the campaign may have foreign intelligence service influence through analysis of the blog post subjects," researchers from security firm Deepwatch said in a new report. "The threat actors used blog post titles that an individual would search for whose organization may be… [...]

Security Recruiter Directory

Looking for a qualified candidate or new job? CSO's security recruiter directory is your one-stop shop.The recruiters listed below can help you find your next chief information security officer (CISO) or VP of security and fill hard-to-hire positions in risk management, security operations, security engineering, compliance, application security, penetration testers, and computer forensics, among many others.If you're a security recruiting firm, we want your information! Our goal is to provide the most complete recruiter resource available, but to do that we need your assistance. Please send the name, contact info and a few sentences about your company and its specialties… [...]

A third of Australian population likely affected in Optus cyberattack

Australia’s second largest telecommunications provider, Optus, revealed it suffered a cyberattack where data from customers have possibly been accessed. However, the company claims the attack has not affected the platforms and services supporting wholesale, satellite and enterprise customers, and that of enterprise customers. Mobile and home internet services have also not been affected.Suspicious activity was noticed on Wednesday with Optus issuing a media statement on Thursday afternoon, which was a nation-wide public holiday.What Optus knows about the breach The 9.8 million number of “possibly” affected customers circulating is the worst-case scenario, said Optus CEO Kelly Bayer Rosmarin at a media… [...]

BrandPost: What’s Missing in Most CISO’s Security Risk Management Strategies

At the foundation of cybersecurity is the need to understand your risks and how to minimize them. Individuals and organizations often think about risk in terms of what they’re trying to protect. When talking about risk in the IT world, we mainly talk about data, with terms like data privacy, data leakage and data loss. But there is more to cybersecurity risk than just protecting data. So, what should our security risk management strategies consider? Protecting data and blocking known vulnerabilities are good tactics for cybersecurity, but those activities are not the only components of what CISOs should be considering… [...]

Ransomware operators might be dropping file encryption in favor of corrupting files

Ransomware started out many years as scams where users were being tricked into paying fictitious fines for allegedly engaging in illegal online behavior or, in more serious cases, were blackmailed with compromising videos taken through their webcams by malware. The threat has since come a long way, moving from consumers to enterprises, adding data leak threats on the side and sometimes distributed denial-of-service (DDoS) blackmail.The attacks have become so widespread that they now impact all types of organizations and even entire national governments. The cybercriminal groups behind them are well organized, sophisticated, and even innovative, always coming up with new… [...]

BrandPost: 5G Deployments, Wireless Hotspots Are Likely Culprits for Increased Attacks

Wireless operators continued to ramp up 5G deployments in 2021. 5G networks not only expanded to include 13 additional countries during that time, but the overall number of connections doubled from 2020 to reach more than 540 million people by the close of 2021.To read this article in full, please click here [...]

Malwarebytes Gets $100M Weeks After Laying Off 14% of Staff

Malwarebytes Gets $100M Weeks After Laying Off 14% of Staff l33tdawg Fri, 09/23/2022 - 00:10 [...]

Researchers Uncover Mysterious 'Metador' Cyber-Espionage Group

Researchers Uncover Mysterious 'Metador' Cyber-Espionage Group l33tdawg Fri, 09/23/2022 - 00:10 [...]

A New Linux Tool Aims to Guard Against Supply Chain Attacks

A New Linux Tool Aims to Guard Against Supply Chain Attacks l33tdawg Thu, 09/22/2022 - 23:59 [...]

AI model from OpenAI automatically recognizes speech and translates it to English

AI model from OpenAI automatically recognizes speech and translates it to English l33tdawg Thu, 09/22/2022 - 23:59 [...]

Facebook users sue Meta for bypassing beefy Apple security to spy on millions

Facebook users sue Meta for bypassing beefy Apple security to spy on millions l33tdawg Thu, 09/22/2022 - 23:59 [...]

Hackathon finds dozens of Ukrainian refugees trafficked online

Hackathon finds dozens of Ukrainian refugees trafficked online l33tdawg Thu, 09/22/2022 - 23:59 [...]