- — Multiple Governments Buying Android Zero-Days for Spying: Google
![[*]](img/ib-star_nm.png "mark favorite")
![[-]](img/ib-mark_nm.png "mark as read")
![[-]](img/ib-markold_nm.png "mark older as read")
![[x]](img/ib-delete_nm.png "delete article")
![[A+]](img/ib-fontbg_nm.png "larger font")
![[a-]](img/ib-fontsm_nm.png "smaller font")
![[l]](img/ib-link_nm.png "direct link")
at 5/23/22 3:22pmAn analysis from Google TAG shows that Android zero-day exploits were packaged and sold for state-backed surveillance.- — QuSecure Carves Out Space in Quantum Cryptography With Its Vision of a Post-RSA World
- at 5/23/22 3:13pmNIST may be on the brink of revealing which post-quantum computing encryption algorithms it is endorsing, solidifying commercial developments like QuProtect.
- — Malicious Python Repository Package Drops Cobalt Strike on Windows, macOS & Linux Systems
- at 5/23/22 3:03pmThe PyPI "pymafka" package is the latest example of growing attacker interest in abusing widely used open source software repositories.
- — Linux Trojan XorDdos Attacks Surge, Targeting Cloud, IoT
- at 5/23/22 12:18pmAnalysts have seen a massive spike in malicious activity by the XorDdos trojan in the last six months, against Linux cloud and IoT infrastructures .
- — Why the Employee Experience Is Cyber Resilience
- at 5/23/22 11:38amA culture of trust, combined with tools designed around EX, can work in tandem to help organizations become more resilient and secure.
- — Valeo Networks Acquires Next I.T.
- at 5/23/22 8:31amNext I.T. is the sixth and largest acquisition to date for Valeo Networks.
- — Kingston Digital Releases Touch-Screen Hardware-Encrypted External SSD for Data Protection
- at 5/23/22 8:28amIronKey Vault Privacy 80 External SSD safeguards against brute-force attacks and BadUSB with digitally-signed firmware.
- — After the Okta Breach, Diversify Your Sources of Truth
- at 5/23/22 8:00amWhat subsequent protections do you have in place when your first line of defense goes down?
- — Chatbot Army Deployed in Latest DHL Shipping Phish
- at 5/20/22 1:54pmIn a new phishing tactic, faux chatbots establish a conversation with victims to guide them to malicious links, researchers say.
- — Partial Patching Still Provides Strong Protection Against APTs
- at 5/20/22 1:14pmOrganizations that deploy updates only after a vulnerability is disclosed apply far fewer updates and do so at a lower cost than those that stay up to date on all of their software, university researchers say.
- — Quantum Key Distribution for a Post-Quantum World
- at 5/20/22 12:01pmNew versions of QKD use separate wavelengths on the same fiber, improving cost and efficiency, but distance is still a challenge.
- — Microsoft Rushes a Fix After May Patch Tuesday Breaks Authentication
- at 5/20/22 10:37amTwo of Microsoft's Patch Tuesday updates need a do-over after causing certificate-based authentication errors.
- — Authentication Is Static, Yet Attackers Are Dynamic: Filling the Critical Gap
- at 5/20/22 8:00amTo succeed against dynamic cybercriminals, organizations must go multiple steps further and build a learning system that evolves over time to keep up with attacker tactics.
- — New Open Source Project Brings Consistent Identity Access to Multicloud
- at 5/20/22 6:23amHexa and IDQL allows organizations using cloud platforms such as Microsoft Azure, Amazon Web Services, and Google Cloud Platform to apply consistent access policy across all applications, regardless of environment.
- — More Than 1,000 Cybersecurity Career Pursuers Complete the (ISC)² Entry-Level Cybersecurity Certification Pilot Exam
- at 5/19/22 3:47pmNew professional certification program establishes a pathway into the workforce for students and career changers by demonstrating their foundational knowledge, skills and abilities to employers.
- — Deadbolt Ransomware Targeting QNAP NAS Devices
- at 5/19/22 3:37pmQNAP is urging customers of its NAS products to update QTS and avoid exposing the devices to the Internet.
- — Pro-Russian Information Operations Escalate in Ukraine War
- at 5/19/22 1:41pmIn the three months since the war started, Russian operatives and those allied with the nation's interests have unleashed a deluge of disinformation and fake news to try and sow fear and confusion in Ukraine, security vendor says.
- — DoJ Won't Charge 'Good Faith' Security Researchers
- at 5/19/22 1:29pmRevised policy means security analysts won't be charged under the Computer Fraud and Abuse Act.
- — Majority of Kubernetes API Servers Exposed to the Public Internet
- at 5/19/22 12:39pmShadowserver Foundation researchers find 380,000 open Kubernetes API servers.
- — Dig Exits Stealth With $11M for Cloud Data Detection and Response Solution
- at 5/19/22 12:32pmCrowdStrike and CyberArk invest in Dig's seed round, which was led by Team8, alongside Merlin Ventures and chairs of MongoDB and Exabeam.
- — 6 Scary Tactics Used in Mobile App Attacks
-
![[+]](img/ib-marked_nm.png "mark as new")
at 5/19/22 8:00amMobile attacks have been going on for many years, but the threat is rapidly evolving as more sophisticated malware families with novel features enter the scene. - — MITRE Creates Framework for Supply Chain Security
- at 5/18/22 3:29pmSystem of Trust includes data-driven metrics for evaluating the integrity of software, services, and suppliers.
- — Google Cloud Aims to Share Its Vetted Open Source Ecosystem
- at 5/17/22 10:00amThe online giant analyzes, patches, and maintains its own versions of open source software, and now the company plans to give others access to its libraries and components as a subscription.
As of 5/24/22 12:17am. Last new 5/23/22 7:20pm.
- Next feed in category: Tech News World