A Connecticut man admitted to hacking into the iCloud accounts of prominent females celebrities including “Red Sparrow” actress Jennifer Lawrence and more than 200 others.
A GulfTech researcher spotted multiple vulnerabilities In Western Digital’s MyCloud products, some of which could lead to remote code execution and unauthorized access.
A pair of flaws dubbed Meltdown and Spectre that take advantage of the speculative execution performance feature in modern CPUs make the memory of virtually all computers and devices accessible to hackers. “The Meltdown [CVE-2017-5754] and Spectre [CVE-2017-5753 and CVE-2017-5715] exploitation techniques abuse speculative execution to access privileged memory—including that of the kernel—from a less-privileged user process…
Make-up company Tarte Cosmetics exposed the personal information of nearly two million online customers after two of its online MongoDB databases were reportedly misconfigured for public access.
Yet another company has mistakenly exposed its sensitive internal information after storing data on misconfigured cloud-based servers from Amazon Web Services. The culprit in this case – the $32.9 billion consulting and professional services company Accenture – was found to be insecurely storing data that, ironically, has to do with its own cloud-based enterprise solution,…
A bipartisan group of U.S. representatives from the House Information Technology Subcommittee has reintroduced the Modernizing Government Technology (MGT) Act designed to modernize the federal IT infrastructure while eliminating wasteful spending.
Cloud security vendor fixes cross-site-scripting bug, downplays the threat, says it would only affect co-workers.
Researcher at the Russia proactive software firm Elcomsoft found that iPhones silently upload call logs to iCloud.
TRUST AWARDS Best Advanced Persistent Threat (APT) ProtectionAn advanced persistent threat (APT) product and/or service provides real-time detection of and protection against intruders gaining access to an enterprise environment to stealthily extract high-value information assets from targeted organizations in manufacturing, financial, national defense and other industries. Check Point Software Technologies for SandBlast Cisco for Advanced…
Who’s responsible for cybersecurity incidents? While the answer was never clear, it’s become even murkier over the last couple of years, marked by lots of finger-pointing and consequences aimed at boards, IT, users, senior management, business partners and the supply chain. John Sapp, CISO at medical device company Orthofix, says the firing of top-level…
