So some of the more fun bugs involve one team saying, “Heh, we don’t need to validate input, we just pass data through to the next layer.” And the the next team is like, “Heh, we don’t need to validate input, it’s already clean by the time it reaches us.” The fun comes when you […]
Consumers Trust Energy Providers to Safeguard Personal Data
65% of consumers believe their energy provider can secure and protect their personal data and information about their energy usage.
SANS Cyberskills Self-Assessment Addresses Skills Shortage
Anyone in the UK can assess the quality of their existing skills and be considered for a £30,000 SANS Institute boot camp.
Dangerous Apple 0-Day Exposes App Credentials
An attacker can run amok on a device’s apps, stealing iCloud passwords, authentication tokens, saved web passwords on Google Chrome and more.
Wind Turbines Open to Hijacking
Plaintext credentials could hand remote attackers the keys to the energy grid.
Shylock Explained: How the NCA Got its Pound of Flesh
How one of the world’s most notorious malware campaigns was thwarted
Magazine House Loses $1.5m in Email Scam
Hackers hijacked CEO’s account and emailed accounts payable staff
Time to Hang Up: Phone Fraud Soars 30%
Pindrop Security report claims ‘robodialers’ are driving spike in scam calls
Keyboard Vulnerability Leaves 600 Million Samsung Devices at Risk
The flaw can be exploited to allow a remote attacker to execute arbitrary code on the user’s phone, including the Galaxy S6.
Privileged Users Pose Biggest Cyber-Risk to European Companies
In an Ovum survey, only 13% said that their organizations were not at all vulnerable to insider threats.