New infosec products of the week: April 19, 2019
CHAOSSEARCH releases new search and analytics platform for cloud storage CHAOSSEARCH released their search and analytics platform. Using scalable elasticity ...

Worldwide IT spending to grow just 1.1% in 2019
Worldwide IT spending is projected to total $3.79 trillion in 2019, an increase of 1.1 percent from 2018, according to the latest forecast by Gartner. “Curre...

The biggest hurdles to digital transformation initiatives...
More than half of enterprise IT professionals need help from industry partners and prefer agile service providers to implement digital transformation, accord...

ExaGrid and Zerto launch an integrated solution for real-...
ExaGrid, a leading provider of intelligent hyperconverged storage for backup, announced the availability of an integrated disaster recovery, long-term retent...

Serve’s fingerprint recognition technology integration in...
Serve announced the integration of its unique fingerprint recognition technology with its award-winning blockchain-based Serve platform. Bringing forth a new...

SoftwareONE acquires SAMSentry advancing its software lif...
SoftwareONE, a global leading Platform, Solutions and Services company, announced that it has recently acquired SAMSentry, a software governance technology. ...

Google bans logins from embedded browser frameworks to pr...
Google previously banned logins initiated from browsers where JavaScript had been disabled.

Cisco Issues 31 Mid-April Security Alerts
Among them, two are critical and six are of high importance.

Creator of Hub for Stolen Credit Cards Sentenced to 90 Mo...
Coming eight years after he launched the site, the steep sentence for the cybercriminal operator is based on a tab of $30 million in damages calculated by Ma...

6 Takeaways from Ransomware Attacks in Q1
Customized, targeted ransomware attacks were all the rage.

Cloud Security Spend Set to Reach $12.6B by 2023
Growth corresponds with a greater reliance on public cloud services.

Weather Channel Knocked Off-Air in Dangerous Precedent
The incident was the work of malicious cyberattackers.

BrandPost: Are You Leaving the Wired Network Door Wide Open?
Most organizations lock down Wi-Fi access but rely on physical security and static segmentation as the primary defensive technique for the wired network. Thi...

The Cybersecurity Automation Paradox
Recent studies show that before automation can reduce the burden on understaffed cybersecurity teams, they need to bring in enough automation skills to run t...

Facebook admits to storing plaintext passwords for millio...
Last month, Facebook admitted to storing plaintext passwords for hundreds of millions of Facebook accounts.

Facebook Stored Millions of Instagram Users' Passwords in...
Facebook late last month revealed that the social media company mistakenly stored passwords for "hundreds of millions" of Facebook users in plaintext, includ...

Condres OS Conjures Up Pleasing Arch Linux Transition
Condres OS, a distro much like the defunct Apricity OS, could be a speedier replacement for Linux OSes that have turned slow to no-go in recent new releases....

Shopify Flaw Exposed Thousands of Merchants’ Revenue, Tra...
The flaw, which existed in a Shopify API endpoint, has been patched.

How to Raise the Level of AppSec Competency in Your Organ...
Improving processes won't happen overnight, but it's not complicated either.

Construction Fires and Cathedrals
A different look at the Notre Dame Fire from ASIS Fire & Life Safety Council.

Poll: Facebook Harvests Email Contacts for 1.5M Users – I...
Take our short poll on how far Facebook can push its luck.

Former Student Admits to USB Killer Attack
An Indian national used device to attack computers and peripherals at a New York college.

Easter Attack Affects Half a Billion Apple iOS Users via ...
The U.S-focused eGobbler malvertising attacks are exploiting an unpatched Google Chrome bug.

GoT Guide to Cybersecurity: Preparing for Battle During a...
Faced with an overwhelming adversary, Game of Thrones heroes Daenerys Targaryen and Jon Snow have a lot in common with today's beleaguered CISOs.

Facebook Accidentally Imported 1.5M Users' Email Data San...
The social media giant says it did not access the imported data and is notifying affected users.

Cisco Patches Critical Flaw In ASR 9000 Routers
The flaw could enable an unauthenticated, remote attacker to access the devices, Cisco said.

IDG Contributor Network: Proposed changes to California C...
On April 4, 2019, California Assembly Member Wicks proposed sweeping changes to bill AB 1760 , effectively repealing the California Consumer Privacy Act of 2...

Embracing creativity to improve cyber-readiness
How approaching cybersecurity with creativity in mind can lead to better protection from digital threats The post Embracing creativity to improve cyber-readi...

Shopify API flaw offered access to revenue data of thousa...
The bug was accepted as valid, but the researcher wasn’t paid.

Shopify API flaw offered access to revenue data of thousa...
Updated: The bug was accepted as valid, but the researcher wasn’t paid.

Facebook harvested 1.5 million user email contacts withou...
The “unintentional uploads” have taken place since 2016.

Mobile app used in Car2go fraud scheme to steal 100 vehicles
Services have been temporarily paused in Chicago to investigate the incident.

Facebook Collected Contacts from 1.5 Million Email Accoun...
Not a week goes without a new Facebook blunder. Remember the most recent revelation of Facebook being caught asking users new to the social network platform ...

The perimeter is vanishing, how will you secure your netw...
There’s a new reality to network security, driven by the fact that the perimeter is vanishing. The concept of a network being fully enclosed within a buildin...

One hundred percent of endpoint security tools eventually...
Endpoint security tools and agents fail, reliably and predictably, according to the 2019 Global Endpoint Security Trends Report from Absolute. From there, ev...

EU: We Have No Evidence Kaspersky Lab is Security Risk
The European Commission has admitted it has no evidence that Kaspersky Lab products are a national security risk to member states, despite the European Parli...

Dark Web Fraudsters Defraud Each Other with Fraud Guides
Cyber-criminals are doing a roaring trade in “how-to” fraud guides for their fellow scammers, although many are out-of-date and incomplete, according to new ...

VPN Vulnerabilities Point Out Need for Comprehensive Remo...
VPNs are the primary tool for securing remote access, but recently disclosed vulnerabilities point out the weakness of relying on them as the only tool. R...

New DNS Hijacking Attacks
DNS hijacking isn't new, but this seems to be an attack of uprecidented scale: Researchers at Cisco's Talos security division on Wednesday revealed that a ha...

Assume breach is for losers: These steps will stop data b...
“Assume breach” is the popular computer defense strategy based on the idea that your company is either already breached or could easily be breached by a dedi...

How New York City plans to become a cybersecurity hub
Start spreading the news, folks. New York City wants to be king of the hill, top of the heap, "A" number-one in cybersecurity. To read this article in full, ...

Army researchers identify new way to improve cybersecurity
With cybersecurity one of the nation’s top security concerns and billions of people affected by breaches last year, government and businesses are spend...

Part One: Understanding cyber security in accountancy
Emmy Hawker takes a deep dive into cyberspace, assessing how prepared accountancy firms and practices are for the ever-growing threat of cyber-crime. In June...

The perils of fake technical support
Fake technical support websites and accounts in social networks pose a real danger. How to spot and avoid them.

Microsoft 365 security: Protecting users from an ever-evo...
In this age of frequent security and data breaches, the statement “We take our customers’ privacy and security very seriously” has been hea...