Thursday, January 18, 2018

Downloaders on Google Play spreading malware to steal Facebook login details

Multiple downloaders, malicious apps that download further malicious apps to infected devices, have made it onto the Google Play Store. The downloaders are capable of downloading further apps that pose as system apps, some of which are capable of stealing Facebook login credentials. To do so, the malicious apps use social engineering tactics to trick victims into giving them up.

The post Downloaders on Google Play spreading malware to steal Facebook login details appeared first on Security Boulevard.



from Downloaders on Google Play spreading malware to steal Facebook login details

Aetna Accepts $17M Settlement Agreement for HIV Privacy Breach

Aetna has agreed to pay $17 million as part of a settlement agreement for a breach that might have compromised thousands of HIV patients’ privacy. On 16 January, the United States District Court for the Eastern District Court of Pennsylvania received a proposed settlement agreement (PDF). The arrangement stipulates that Aetna, Inc., Aetna Life Insurance […]… Read More

The post Aetna Accepts $17M Settlement Agreement for HIV Privacy Breach appeared first on The State of Security.

The post Aetna Accepts $17M Settlement Agreement for HIV Privacy Breach appeared first on Security Boulevard.



from Aetna Accepts $17M Settlement Agreement for HIV Privacy Breach

Integrity: The New “I” in PCI Compliance

The retail industry saw more than its fair share of data breaches in 2017, with security incidents detected at American supermarket chain Whole Foods Market and clothing companies Brooks Brothers, The Buckle, and Forever 21, to name a few. At least some of those events likely resulted from retailers’ poor data breach preparation. Consider the […]… Read More

The post Integrity: The New “I” in PCI Compliance appeared first on The State of Security.

The post Integrity: The New “I” in PCI Compliance appeared first on Security Boulevard.



from Integrity: The New “I” in PCI Compliance

Twitter accused of breaking privacy claims by conservative media group

Social media giant Twitter is in the midst of a scandal following accusations of breaking privacy claims. Pro-Trump group Project Veritas released three videos in which Clay Haynes,  a senior engineer at Twitter, is recorded without his consent in a bar making various statements about the company’s policy on disclosing sensitive tweets and DMs. Speaking […]

The post Twitter accused of breaking privacy claims by conservative media group appeared first on Security Boulevard.



from Twitter accused of breaking privacy claims by conservative media group

Bad Rabbit is No Match for Secure Remote Browsing

Last year’s barrage of ransomware attacks, from WannaCry and Petya (NotPetya) to Bad Rabbit, had enterprises constantly reacting to the latest internet-borne cyberthreats. Reliance on the web, combined with social engineering, paves the way for destructive possibilities that can compromise even the strongest organization’s cybersecurity frameworks. Unfortunately, in many instances, the human factor is the weak link responsible..

The post Bad Rabbit is No Match for Secure Remote Browsing appeared first on Security Boulevard.



from Bad Rabbit is No Match for Secure Remote Browsing

The State of IoT (In)Security

The state of IoT security today is clear: it’s terrible. Internet of Things devices are everywhere; from FitBits and Amazon Alexas to smart appliances and intelligent home security systems, they’ve already permeated our consumer lives. Outside of the consumer space, however, IoT is even more prevalent. IoT devices control electrical grid switches and public water […]… Read More

The post The State of IoT (In)Security appeared first on The State of Security.

The post The State of IoT (In)Security appeared first on Security Boulevard.



from The State of IoT (In)Security

Do Your On-Prem Controls Extend into the Cloud?

There’s a Russian proverb “overyai, no proveryai.” (Trust, but verify.) You trust your IT department to keep your systems up and running and configured in a secure manner.  But, do you verify those configurations? As we all know, in the rush to get things done quickly, some things slip through the cracks. And most often, security […]… Read More

The post Do Your On-Prem Controls Extend into the Cloud? appeared first on The State of Security.

The post Do Your On-Prem Controls Extend into the Cloud? appeared first on Security Boulevard.



from Do Your On-Prem Controls Extend into the Cloud?