NTT Communications Data Breach Affects Customers, Threatens Supply Chain

Japan-based systems integrator NTT Communications has disclosed a recent data breach that it said impacted hundreds of customers. The total affected comes to as many as 621 customers, the company said, but security experts worry about the impacts of the data breach due to the company’s positionin...

Texas Courts Won't Pay Up in Ransomware Attack

A ransomware attack has hit the information technology office that supports Texas appellate courts and judicial agencies, leading to their websites and computer servers being shut down. The office said that it will not pay the ransom requested by the cybercriminals. Specifically affected is the...

Secure the software development lifecycle with machine learning

Every day, software developers stare down a long list of features and bugs that need to be addressed. Security professionals try to help by using automated tools to prioritize security bugs, but too often, engineers waste time on false positives or miss a critical security vulnerability that has...

Tencent Ups Top Bug-Bounty Award to $15K

The Tencent Security Response Center TSRC is launching an expanded bug-bounty program, via the HackerOne white-hat platform – and the company has increased its top reward to $15,000. Tencent, a China-based global internet service provider, is opening up its existing bug-bounty program to...

So Wait, How Encrypted Are Zoom Meetings Really?

The service's mixed messages have frustrated cryptographers, as the US government and other sensitive organizations increasingly depend on it...

Real-Time Alerting and Incident Management for Unauthorized Changes

The security landscape is constantly changing, and you need to adopt proactive measures to stay ahead of security breaches by being extremely vigilant about every little change in your environment. In our previous blog, we discussed how you can leverage the ready-to-use monitoring profiles in you...

Internet Voting in Puerto Rico

Puerto Rico is considered allowing for Internet voting. I have joined a group of security experts in a letter opposing the bill. Cybersecurity experts agree that under current technology, no practically proven method exists to securely, verifiably, or privately return voted materials over the...

Security Breach Disrupts Fintech Firm Finastra

Finastra, a company that provides a range of technology solutions to banks worldwide, said today it was shutting down key systems in response to a security breach discovered this morning. The company's public statement and notice to customers does not mention the cause of the outage, but their...

Live Coronavirus Map Used to Spread Malware

Cybercriminals constantly latch on to news items that captivate the public's attention, but usually they do so by sensationalizing the topic or spreading misinformation about it. Recently, however, cybercrooks have started disseminating real-time, accurate information about global infection rates...

Bruce Schneier Proposes 'Hacking Society' for a Better Tomorrow

SAN FRANCISCO – Cybersecurity experts have long stayed in their problem-solving lane when it comes to finding vulnerabilities, patching bugs and keeping networks safe. But maybe it is time they applied their defensive skillsets and adversarial understanding of cyberthreats to help solve some of...

Privacy Experts Skeptical of Proposed Data Protection Agency

A new federal bureaucracy, the Data Protection Agency DPA, has been proposed to completely revamp how the U.S. government regulates data collection and misuse by big tech companies. However, while privacy experts call the agency a “good first step,” they remain skeptical about how effective it...

experts-24.ru Cross Site Scripting vulnerability

Security Researcher geeknik Helped patch 8601 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting experts-24.ru website and its users. Following coordinated...

Flaw in Philips Smart Light Bulbs Exposes Your WiFi Network to Hackers

There are over a hundred potential ways hackers can ruin your life by having access to your WiFi network that's also connected to your computers, smartphones, and other smart devices. Whether it's about exploiting operating system and software vulnerabilities or manipulating network traffic, ever...

Smartphone Election in Washington State

This year: King County voters will be able to use their name and birthdate to log in to a Web portal through the Internet browser on their phones, says Bryan Finney, the CEO of Democracy Live, the Seattle-based voting company providing the technology. Once voters have completed their ballots, the...

trainingcourseexperts.wa.edu.au Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1075616 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

PoC Exploits Do More Good Than Harm: Threatpost Poll

When it comes to the release of proof-of-concept PoC exploits, more security experts agree that the positives outweigh the negatives, according to a recent and informal Threatpost poll. Last week, Threatpost conducted a reader poll and almost 60 percent of 230 security pundits thought it was a...

Facebook Cracks Down on Deepfake Videos

Facebook is banning deepfake videos, which stem from a technique of human-image synthesis based on artificial intelligence AI to create fake content. Over the past year, security experts and lawmakers have voiced concerns about malicious deepfake applications, particularly as a vessel for...

LifeLabs Pays Hackers Who Accessed 15M Customers’ Lab Test Results

LifeLabs, a Canadian laboratory testing company, said it has paid hackers after they accessed the data of 15 million customers – including highly-sensitive lab test results. In a letter sent Tuesday to customers, LifeLabs said that the breach affected customer information including names,...

PoS Malware Exposes Customer Data of Catch Restaurants

Popular NYC restaurants Catch NYC, Catch Roof and Catch Steak discovered and removed malware on their point-of-sale PoS systems — but not before it exposed credit-card information from unknowing diners. Catch Hospitality Group, which owns the three NYC hotspots, said in a data-breach notice this...

Tianfu Cup Round-Up: Safari, Chrome, D-Link Routers and Office 365 Successfully Hacked

Hackers over the weekend successfully compromised widely used software and hardware–including browsers Safari and Chrome, D-Link routers and the Office 365 suite–using zero-day vulnerabilities at the annual Tianfu Cup gathering. The hacking competition, held in Chengdu, China, is very similar to...