Facebook has patched a vulnerability in WhatsApp Desktop that could allow an attacker to launch cross-site scripting (XSS) attacks and access files from the victim’s system when paired with WhatsApp for iPhone. [Read More]
Researchers have demonstrated an ability to compromise an IoT smart bulb, and then use malware from the internet-connected bulb to infiltrate the rest of a network. [Read More]
US officials and cyber experts warned Tuesday that the voting debacle in the Democratic caucuses in Iowa underscored the vulnerabilities in the country's election infrastructure in everything from hacking to trust-eroding conspiracy theories. [Read More]
A prosecutor told a jury at the opening of an espionage trial Tuesday that an angry CIA employee got his vengeance by committing the agency’s biggest leak of classified information ever, but a defense lawyer said her client was innocent. [Read More]
A new Maryland bill would ask the state’s Department of Information Technology to develop a baseline plan for localities within the state to help battle cyber attacks. [Read More]
Irish regulators have launched separate inquiries into Google and dating app Tinder over how they process user data, in a new round of regulatory scrutiny aimed at tech companies. [Read More]
Google this week released the February 2020 set of security updates for the Android operating system, which address a total of 25 vulnerabilities, including 2 rated critical severity. [Read More]
Twitter unveiled a plan to curb the spread of manipulated content including "deepfake" videos as part of a move to fight misinformation which could result in violence or other harm. [Read More]
While defense scoring lowers the barrier to sharing defensive success insights, it does not yet address the insights gained from learning from others’ failures and the stigma of a breach.
Elevating from the Cyber threat intelligence (CTI) team concept to an “intelligence team” concept is the next generation of intelligence practice within the private sector.
Threat intelligence value comes down to relevance and accessibility, which requires curation into a customized enrichment source, aggregating data filtered by a range of factors.
No matter how many best-of-breed protective solutions you use to defend your network, the unfortunate reality is eventually an attacker is going to get past them.
Many of us are familiar with the two most common types of socially engineered attacks – phishing and spear-phishing – but there are many more to be aware of.
Outpacing your security capacity with digital innovation is a formula for disaster that may take you out of the running in today’s highly competitive digital marketplace entirely.
Performing gap analysis well and remediating findings appropriately can help reduce both the number of weak points within your enterprise and your susceptibility to attack at each of them.
CISOs are increasingly cognizant of the value deep integration of threat intelligence can bring to cloud protection platforms and bottom-line operational budgets.