To Err Is Human: Misconfigurations & Employee Neglect Are a Fact of Life
The cyber kill chain is only as strong as its weakest link, so organizations should reinforce that link with a properly equipped dedicated security team.
Facebook, News and XSS Underpin Complex Browser Locker Attack
An elaborate set of redirections and hundreds of URLs make up a wide-ranging tech-support scam.
Microsoft Teams Phishing Attack Targets Office 365 Users
Up to 50,000 Office 365 users are being targeted by a phishing campaign that purports to notify them of a "missed chat" from Microsoft Teams.
Fake Instagram follower services slapped with lawsuit
Facebook has filed federal lawsuits against four individuals who it claims have been selling fake Instagram followers. Read more in my article on the Hot for Security blog.
Chrome 86 Aims to Bar Abusive Notification Content
Google said Chrome 86 will automatically block malicious notifications that may be used for phishing or malware.
McAfee Raises $740M in Second IPO
The security software giant and its investors sold 37 million shares priced at $20 each, putting McAfee's value around $8.6 billion.
Donald Trump’s Twitter password is “maga2020!”, and there’s no 2FA, claims hacker
According to Dutch ethical hacker Victor Gevers, as recently as last week the US President's @realDonaldTrump account was protected by the incredibly-dumb password "maga2020!" and did not have two-factor authentication (2FA) enabled.
Securonix to integrate with Tanium
As workplaces are becoming more remote, with almost half of the workforce working from home, and an introduction of bring your own device policies in many organisations, endpoints have become more distributed and cyberattacks even more prevalent. Remote workforces are creating more vulnerabilities for endpoints as they are no longer…
A Last Call for QUIC, a giant leap for the Internet
QUIC is a new Internet transport protocol for secure, reliable and multiplexed communications. HTTP/3 builds on top of QUIC, leveraging the new features to fix performance problems such as Head-of-Line blocking. This enables web pages to load faster, especially over troublesome networks.QUIC and HTTP/3 are open standards that have been…
Need for ‘Guardrails’ in Cloud-Native Applications Intensifies
With more organizations shifting to cloud services in the pandemic, experts say the traditionally manual process of securing them will be replaced by automated tools in 2021 and beyond.
Feds: Iran Behind ‘Proud Boys’ Email Attacks on Democratic Voters
Messages that threaten people to ‘vote for Trump or else’ are part of foreign adversaries’ attempts to interfere with the Nov. 3 election, according to feds.
A Virtual Product Management Internship Experience
In July 2020, I joined Cloudflare as a Product Management Intern on the DDoS (Distributed Denial of Service) team to enhance the benefits that Network Analytics brings to our customers. In the following, I am excited to share with you my experience with remote working as an intern, and how…
The 6 best password managers
One of the smartest moves you can make to protect employees, especially those working from home, is to encourage them to use a password manager. It’s one of the easiest, too.Keyword best practices pertain to complexity, change frequency and uniqueness. Each best practice is intended to mitigate known attack methods…
US Treasury Department ban on ransomware payments puts victims in tough position
Earlier this month, the US Treasury Department's Office of Foreign Assets Control (OFAC) warned organizations making ransomware payments that they risk violating economic sanctions imposed by the government against cybercriminal groups or state-sponsored hackers. The advisory has the potential to disrupt the ransomware monetization model, but also puts victims, their…
Fort Bragg fails to keep a firm grip on its Twitter account, as it blames hacker for saucy tweets
The Twitter account of the Fort Bragg US military base was deleted last night, after what it claimed was a hack. But whether it really was hacked or not is up for debate.