IoT security will set innovation free: Azure Sphere general availability scheduled for February 2020

Today, at the IoT Solutions World Congress, we announced that Azure Sphere will be generally available in February of 2020. General availability will mark our readiness to fulfill our security promise at scale, and to put the power of Microsoft’s expertise to work for our customers every day—by...

A Chief Security Concern for Executive Teams

Virtually all companies like to say they take their customers' privacy and security seriously, make it a top priority, blah blah. But you'd be forgiven if you couldn't tell this by studying the executive leadership page of each company's Web site. That's because very few of the world's biggest...

DHS Webinar: Communicating Cyber Risk to Agency Decision Makers and Mission Owners

DHS Office of Cybersecurity and Communications Assistant Secretary Jeanette Manfra is hosting a webinar on communicating cybersecurity risk issues to federal department and agency executives and mission owners on Tuesday, October 30, 2018, from 12-1 p.m. ET. NCCIC encourages users and...

Threatlist: Email Attacks Surge, Targeting Execs

There was a 36 percent increase in email attacks against businesses between the first and second quarters of 2018, with retail, healthcare and government experiencing the most business email compromise BEC attempts, according to a new report. Several trends emerged in the analysis period, includi...

Sound, Fury, And Nothing One Year After Equifax

One year ago today, Equifax suffered what remains one of the largest and most impactful data breaches in U.S. history. Last September, it was revealed that the personal information of 145 million Americans, almost 700,000 UK citizens, and 19,000 Canadians was stolen by cybercriminals. This...

Zomato: [www.zomato.com] Tampering with Order Quantity and paying less amount then actual amount, leads to business loss

Hi, Team, Like discussed with Prateek I am dropping the report here. Summary: Like the title says using this vulnerability one could order food at negligible price or keep all delivery executives busy. Description: While fuzzing my way through the payment flow on Zomato orders I came across a...

technologyexecutivesclub.com XSS vulnerability

Open Bug Bounty ID: OBB-658147 Description| Value ---|--- Affected Website:| technologyexecutivesclub.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

executives-hotel.com XSS vulnerability

Open Bug Bounty ID: OBB-638554 Description| Value ---|--- Affected Website:| executives-hotel.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Carbon Black Elevated to CDW Emerging Gold Partner

I am proud to announce that CDW recently elevated Carbon Black from the “Silver” partner designation to “Emerging Gold!” This honor is a true testament to our growing partnership with CDW. It’s also a reflection of CDW’s continued commitment to endpoint security by leveraging Next-Generation...

Takeaways from GAM 2018: Internal Audit Embraces Cybersecurity

Last week, the Institute of Internal Auditors IIA held its 2018 Global Audit Management Conference at the Aria Resort in Las Vegas. With over 1,700 attendees, this was the most well-attended event in the history of the conference. Coalfire was one of the sponsors, and we were delighted to meet wi...

Weather Forecast for April — It’s Raining Security Pros

As you are planning out your spring calendar, make sure an April visit to San Francisco is on it. Anchored by RSA Conference 2018, San Francisco will become a center of US security life for a week. The week will start with some training events and, of course, BSides San Francisco. Bsides is a...

Uber Paid 20-Year-Old Florida Hacker $100,000 to Keep Data Breach Secret

Last year, Uber received an email from an anonymous person demanding money in exchange for the stolen user database. It turns out that a 20-year-old Florida man, with the help of another, breached Uber's system last year and was paid a huge amount by the company to destroy the data and keep the...

After Getting Hacked, Uber Paid Hackers $100,000 to Keep Data Breach Secret

Uber is in headlines once again—this time for concealing last year's data breach that exposed personal data of 57 million customers and drivers. On Tuesday, Uber announced that the company suffered a massive data breach in October 2016 that exposed names, e-mail addresses and phone numbers of 57...

#CbChats: 3 Questions with Carbon Black’s Chief People Officer Amy Robinson

Amy Robinson is Carbon Black's Chief People Officer. She is also taking over Boston tech, according to Rev3, a list comprising the top 20 female tech executives in Boston. Amy is the third Carbon Black honoree on the Rev Boston list. Both Di Hall and Sandra O' Sullivan were named to the list in...

Equifax Hack Exposes Personal Info of 143 Million US Consumers

It's ironic—the company that offers credit monitoring and ID theft protection solutions has itself been compromised, exposing personal information of as many as 143 million Americans—that's almost half the country. Equifax, one of the three largest credit reporting firm in the United States,...

Getting the Most Value Out of Your Phishing Program

Are your phishing tests worth the money you are spending on them? Please dont misinterpret that as suggesting you shouldnt be testing your users. To the contrary, I think you should be testing all your users executives of all ranks included on a regular basis. What I mean by that question is; are...

Forbes Names Beyond Fear as One of the "13 Books Technology Executives Should Have On Their Shelves"

It's a weird list...

Commodity 'Exaspy' Spyware Targets High-Level Execs

Researchers say they have discovered commodity Android spyware called Exaspy being used to spy on executives. The spyware, according to Skycure Research Labs, is being sold as a $15-a-month turnkey service online and can be used to intercept nearly all phone-based communications including phone...

2016 Cybersecurity Predictions

The lessons learned from this past year teach us that no one is immune to cyber threats. The sooner corporate boards and executives come to understand that cybersecurity breaches are a very real and pervasive threat; then the hard work can begin to take preemptive measures and prepare an...

BlueHat v15 Announces Schedule and Registration

As we inch closer to the 15th BlueHat Security Conference, we are happy to announce the lineup of speakers and topics for this event. This year will continue with a solid speaker and topic selection that engage engineers, executives, and invited guests to discuss and tackle some of the hardest...