Cybersecurity | SC Media

Cybersecurity

flashlightcell

Avast places flashlight apps’ permission requests in the spotlight

An Avast researcher shed some light on the number and invasiveness of the permissions requested by various publishers to download and install their flashlight app. The security firm’s analyst Luis Corrons looked at 937 Android flashlight apps available and found on average each required 25 permissions ranging from the basic and obvious need to access…

antivirus

BitDefender Antivirus Free 2020 found vulnerable

A vulnerability has been found in Bitdefender Antivirus Free 2020 that could allow an attacker to load unsigned code that could lead to privilege escalation. Safebreach reported the main issue with the product is the code integrity guard mechanism is not enforced allowing an attacker to load unsigned code. The danger here is particularly high…

Microsoft-certified software drivers found to be security risks

More than 40 Microsoft-certified software drivers from 20 high-profile vendors have been found to contain vulnerabilities that can be exploited by an attacker, a new report revealed. Researchers at Eclypsium said the drivers were found on a variety of devices, including products from Toshiba, ASUS, NVIDIA, and Intel and has led Eclypsium to ask Microsoft…

Cybersecurity staffers needed, no experience required

The industry-wide shortage of trained cybersecurity personnel is not a new story, but Trustwave has begun to take a new approach to find not only trained cybersecurity staffers, but also those with no training or computer skills at all. To develop a pool of new talent, three years ago Trustwave partnered with the Chicago Community…

AppleMalware2

Apple halts contractors listening to Siri recordings, will offer opt-out

Apple will temporarily suspend its practice of allowing human contractors to grade snippets recordings of Siri conversations for accuracy. The move follows a Guardian report in which a former worker claimed contractors regularly hear confidential medical information, drug deals, and recordings of couples having sex” as part of their job.  While Apple says user requests…

Pearson data breach impacts thousands of university accounts

London-based educational software maker Pearson reported on Wednesday a data breach involving about 13,000 school and university AIMSweb 1.0 accounts. Exposed data included first and last names, dates of birth, and emails, Pearson said in a blog post. While the company didn’t give any details surrounding what caused the incident, it did say strict data…

HondaWannacry

Honda Motors Company databases leaked 40GB of employee data

Independent researcher xxdesmus discovered a Honda Motor Company database leaking the data of 134 million rows, roughly 40GB,  of employee information.  The researcher discovered the database July 4, 2019 and then began trying to contact Honda, which was accomplished early on July 6, 2019. By that evening the database had been secured, according to a…

Next post in Data Breach