Changing Employee Security Behavior Takes More Than Simple Awareness
Designing a behavioral change program requires an audit of existing security practices and where the sticking points are.
Major BEC Phishing Ring Cracked Open with 3 Arrests
Some 50,000 targeted victims have been identified so far in a massive, global scam enterprise that involves 26 different malwares.
Critical MobileIron RCE Flaw Under Active Attack
Attackers are targeting the critical remote code-execution flaw to compromise systems in the healthcare, local government, logistics and legal sectors, among others.
How to Update Your Remote Access Policy – And Why You Should Now
Reducing the risks of remote work starts with updating the access policies of yesterday.
Light-Based Attacks Expand in the Digital Home
The team that hacked Amazon Echo and other smart speakers using a laser pointer continue to investigate why MEMS microphones respond to sound.
Post-Breach, Peatix Data Reportedly Found on Instagram, Telegram
Events application Peatix this week disclosed a data breach, after user account information reportedly began circulating on Instagram and Telegram.
‘Minecraft Mods’ Attack More Than 1 Million Android Devices
Fake Minecraft Modpacks on Google Play deliver millions of abusive ads and make normal phone use impossible.
Smart Doorbells on Amazon, eBay, Harbor Serious Security Issues
Matt Lewis, with NCC Group, talks to Threatpost about a slew of security and privacy issues found in smart doorbells that are being sold on Amazon and eBay.
Baidu Apps in Google Play Leak Sensitive Data
Cyberattackers could use the information to track users across devices, disable phone service, or intercept messages and phone calls.
Blackrota Golang Backdoor Packs Heavy Obfuscation Punch
Blackrota is targeting a security bug in Docker, but is nearly impossible to reverse-analyze.