Bruce Schneier is reporting: “The EFF and Lookout are reporting on a new piece of spyware operating out of Lebanon. It primarily targets mobile devices compromised by fake secure messaging clients like Signal and WhatsApp.”
https://www.schneier.com/blog/archives/2018/01/dark_caracal_gl.html
“Organizations face many threats to their information systems and data. Understanding all the basic elements to cyber security is the first step to meeting those threats.” J.M. Porup
https://www.itworld.com/article/3242690/data-protection/what-is-cyber-security-how-to-build-a-cyber-security-strategy.html
Bruce Schneier reports: “New research found that many banks offer certificate pinning as a security feature, but fail to authenticate the hostname. This leaves the systems open to man-in-the-middle attacks.”
https://www.schneier.com/blog/archives/2017/12/security_vulner_10.html
Krebs on Security is reporting:
“KrebsOnSecurity has sought to call attention to online services which expose sensitive consumer data if the user knows a handful of static details about a person that are broadly for sale in the cybercrime underground, such as name, date of birth, and Social Security Number. Perhaps the most eye-opening example of this is on display at fafsa.ed.gov, the Web site set up by the U.S. Department of Education for anyone interested in applying for federal student financial aid.”
Read more here:
https://krebsonsecurity.com/2017/11/namedobssnfafsa-data-gold-mine/
Nicholas Fearn of Computing is reporting:
“A group of security researchers have found a new vulnerability in a generation of RSA encryption keys used by software libraries in cryptographic smartcards, security tokens and PC chipsets.”
https://www.computing.co.uk/ctg/news/3019314/pc-encryption-keys-targeted-in-new-security-vulnerability
