Vulnerability Disclosure: Ethical Hackers Seek Best Practices
Cybersecurity researchers Brian Gorenc and Dustin Childs talk about the biggest vulnerability disclosure challenges in IoT and the industrial vertical.
Facebook Debuts Third-Party Vulnerability Disclosure Policy
If the social-media behemoth finds a bug in another platform’s code, the project has 90 days to remediate before Facebook goes public.
Attackers Steal Outlook Credentials Via Overlay Screens on Legitimate Sites
A phishing campaign uses overlay screens and email ‘quarantine’ policies to steal targets’ Microsoft Outlook credentials.
WhatsApp Discloses 6 Bugs via Dedicated Security Site
The company also committed to more transparency about app flaws, with an advisory page aimed at keeping the community better informed of security vulnerabilities.
Digital Education: The cyberrisks of the online classroom
This past spring, as the COVID-19 pandemic took hold, online learning became the new norm as universities and classrooms around the world were forced to close their doors. By April 29, 2020, more than 1.2 billion children across 186 countries were impacted by school closures. Shortly after schools began to transition to emergency remote learning,…
Attackers Can Exploit Critical Cisco Jabber Flaw With One Message
An attacker can execute remote code with no user interaction, thanks to CVE-2020-3495.
Google Ups Product-Abuse Bug Bounties
The top award for flaws that allow cybercriminals to abuse legitimate services has increased by 166 percent.
Python-based Spy RAT Emerges to Target FinTech
The Evilnum APT has added the RAT to its arsenal as part of a big change-up in its TTPs.
NSA Mass Surveillance Program Illegal, U.S. Court Rules
The NSA argued its mass surveillance program stopped terrorist attacks – but a new U.S. court ruling found that this is not, and may have even been unconstitutional.
IT threat evolution Q2 2020. Mobile statistics
IT threat evolution Q2 2020. ReviewIT threat evolution Q2 2020. PC statistics These statistics are based on detection verdicts of Kaspersky products received from users who consented to provide statistical data. Quarterly figures According to Kaspersky Security Network, the second quarter saw: 1,245,894 detected malicious installers, of which 38,951 packages were related to mobile banking…