Hot Topics

Industry Spotlight

Biggest Threats to Data Security in Health Care

Survey Sees Cyberattacks Impacting Primary Health Care Services

| | cyberattack, Data Security, health care, Ponemon, primary care
A Proofpoint survey found the majority of health care organizations experienced an average of 40 attacks in the past 12 months ...
Security Boulevard
A small bunch of keys on a stark, white background

Google Pushes ‘Passkeys’ Plan — but it’s Too Soon for Mass Rollout

| | 2 factor auth, 2-fa authentication, 2-factor authentication, 2fa, 2FA Authenticator, 2FA/MFA, advanced authentication, auth, Authentication, biometric, biometric authentication, biometric identification, biometric security, biometrics, biometrics authentication, Biometrics-Based Authentication, FIDO, FIDO Alliance, FIDO2, google, MFA, MFA rollout, Multi-Factor Authentication (MFA), Passkeys, passwordless, , passwordless-authentication, PKI-based passwordless authentication, SB Blogwatch, two-factor-authentication.2fa, WebAuthn
FIDO FAIL: “Killing passwords” is a worthy goal—but is coercion the best way? ...
Security Boulevard
vulnerability curl patch

Heads Up: Patch for ‘Worst Curl Security Flaw’ Coming This Week

| | curl, Cybersecurity, open source, vulnerability
Developers who use the popular curl open-source data transfer tool will be able to patch two vulnerabilities in the software on October 11, one of which the lead developer called the “worst ...
Security Boulevard
A 3D render of a DNA strand

Huge DNA PII Leak: 23andMe Must Share the Blame

| | 23andMe, Compromised Credential, compromised credentials, compromised credentials monitoring, Credential Compromise, Credential Management and Enforcement for ICS/SCADA environments, credential replay attacks, credential reuse, credential stuffing, credential stuffing attack, Credential Stuffing Attacks, DEVOPS, DevSecOps, DNA, GDPR, iam, password reuse, pii, PII Leakage, SB Blogwatch
DNA: Do Not Agree. 23andMe says it’s not a breach—just credential stuffing. I’m not so sure ...
Security Boulevard
Google Yahoo spam

Google, Yahoo to Put Tighter Spam Restrictions on Bulk Senders

| | google, Phishing, Spam, Yahoo
Email giants Google and Yahoo are putting tighter requirements on bulk email senders in hopes of reducing the massive amounts of spam that hammer inboxes every day and deflecting the phishing and ...
Security Boulevard
Three iPhone 15s sit on a wicker table, with the words “PATCH NOW!” macro’ed on top

iPhone/iPad Warning: Update Now to Avoid Zero-Day Pain

| | Apple, Apple iPhone, Apple zero-day, CVE-2023-42824, CVE-2023-5217, iOS 7, iPadOS Vulnerability, iPhone, iPhone and iPad, iphone update, SB Blogwatch, Zero Day Attacks, zero-day vulnerabilities, Zero-day Vulnerability, zero-days
Apple’s embarrassing regression: iOS 17.0.3 fixes yet more nasty zero-days (and the overheating bug) ...
Security Boulevard
SpyCloud MFA Systems Vulnerable Authentication Bypass

CISA and NSA Offer MFA and SSO Guidelines for Developers, Vendors

| | cisa, Cybersecurity, MFA, nsa, Phishing
Developers and tech vendors need to improve multifactor authentication (MFA) and single sign-on (SSO) tools and make them easier for organizations to use to reduce the threat of phishing, password spraying, and ...
Security Boulevard
software code antivirus

Two Campaigns Drop Malicious Packages into NPM

| | cyberseucurity, malicious code npm, Malware, open source software supply chain
The popular NPM code registry continues to be a target of bad actors looking to sneak their malicious packages into open-source code used by software developers. Researchers with Fortinet’s FortiGuard Labs this ...
Security Boulevard
cloud security palo alto networks Deloitte Broadcom report cloud security threat

AWS’ MadPot Honeypot Operation Corrals Threat Actors

| | aws, Cloud Security, Cybersecurity, Malware
Engineers with Amazon Web Services more than a decade ago began developing tools to better collect intelligence on the cyberthreats coming into the giant cloud provider’s IT environment Fast forward to now, ...
Security Boulevard
A tailor’s dummy hand is separated from its arm

Broken ARM: Mali Malware Pwns Phones

| | android, ARM, CVE-2023-33200, CVE-2023-34970, CVE-2023-4211, GPU, hardware supply chain, Linux, Mali, open source software supply chain, SB Blogwatch, software supply chain, software supply chain risk, Software Supply Chain risks, software supply chain security, Software Supply Chain Security Risks
Exploited in the wild: Yet more use-after-free vulns in Arm’s Mali GPU driver ...
Security Boulevard
Load more