Step away from the social media single sign-on services, cybersecurity experts say, citing numerous privacy and security risks. Instead, they recommend that everyone use password managers to create unique and complex passwords for every site, service or app they use.
While Facebook has invalidated 90 million users' single sign-on access tokens following a mega-breach, researchers warn that most access token hijacking victims still lack any reliable "single sign-off" capabilities that will revoke attackers' access to hyper-connected web services and mobile apps.
In its ongoing quest to improve the state of medical device cybersecurity, the FDA has announced a number of key moves - including the release of a security "playbook," plans to leverage information sharing and analysis organizations and an effort to update its 2014 premarket guidance for manufacturers.
To comply with GDPR, Facebook has notified Ireland's data privacy watchdog about the massive breach it has suffered, resulting in 50 million accounts being exposed. But Irish authorities have signaled that Facebook has failed to share all of the information they would have expected to see.
As attackers become more adept at evading "reactive" security controls and alert mechanisms, proactively analyzing the behaviors of people and systems is critical to detecting malicious activity, says Gartner's Kelly Kavanagh.
Facebook says that whoever hacked 50 million user accounts, putting the privacy of those users' personal data at risk, did so by abusing its "View As" privacy feature. Facebook says the attack successfully targeted three separate bugs in its video-uploading functionality.
Endpoint management, while broad from a technology standpoint, is moving in a definitive direction - the ability to centrally discover, provision, deploy, update, and troubleshoot endpoint devices within
an organization. The proliferation of laptops, desktops, and more will propel the worldwide market for
unified...
The workplace is transforming, and keeping up with evolving security threats has become more critical and challenging than ever. Malware
attacks come from all directions with an overwhelming majority of successful breaches beginning at the endpoint. This means that having a
comprehensive endpoint management solution...
Cryptojacking has erupted onto the cybercrime scene in recent months, thanks to the surge in value during 2017 of cryptocurrencies such as Bitcoin, Monero, and Ethereum.
Crooks are aggressively targeting servers and even whole networks in order to mine for cryptocurrency on other people's computers. Simply put, you...
With 83% of IT managers agreeing that cyber threats are getting harder to stop, it's time to move from point products to a connected cybersecurity system.
Read this paper to discover:
How a connected cybersecurity system enables you to stay ahead of the hackers
The real-world impact Synchronized Security has had...
Exploits are commonly used in cyber attacks: upwards of 90% of reported data breaches involve an exploit at one or more points in the attack chain. Including exploit prevention as part of a comprehensive lineup of security defenses is clearly valuable.
Almost every major security vendor can claim some level of...
Businesses MUST address the proliferation of mobile devices in the workplace, whether authorized or not. For every laptop, there is a mobile phone, literally doubling the attack surface for hackers to breach your business and cause harm to you and/or your customers. While protection for traditional devices has long...
Facebook revealed Friday that it had discovered a breach that affected almost 50 million user accounts. Attackers exploited a vulnerability that enabled them to steal "access tokens," digital keys that keep users logged in so they don't need to re-enter their password.
Several days after the Port of San Diego was hit by a crypto-locking ransomware attack, incident response efforts remain underway and many port systems remain offline. Port officials say the attacker has demanded a ransom, payable in bitcoin, for the promise of a decryption key.
Leading the latest edition of the ISMG Security Report: The reaction to the recently released White House cybersecurity strategy. Also featured: A discussion of GDPR's impact on class action lawsuits.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.