Here’s an overview of some of last week’s most interesting news, articles and podcasts: CISO do’s and don’ts: Lessons learned Keeping a business safe from cyber threats while allowing it to thrive is every CISO’s goal. The task is not easy: a CISO has to keep many balls in the air while being buffeted by an increasingly complex and always shifting threat landscape. Consequently, the importance of a good CISO should not be underestimated. Security … More
The post Week in review: CISO do’s and don’ts, Windows Defender scan fail, new issue of (IN)SECURE appeared first on Help Net Security.
“Smart” devices might be handy and offer higher quality services, but users should be aware that everything comes with a price. And we’re not talking here about the price of the actual device, but of the fact that these devices collect device, user and user behavior information and send it to a variety of third-parties. This information might currently be worthless to users, but it’s worth a lot to companies: it is used to improve … More
The post Should you trust your smart TV or streaming device? appeared first on Help Net Security.
Many organizations’ privacy statements fail to meet common privacy principles outlined in GDPR, CCPA, PIPEDA, including the user’s right to request information, to understand how their data is being shared with third parties and the ability of that information to be deleted upon request, according to the Internet Society’s Online Trust Alliance (OTA). Organizations also have a duty to notify users of their rights in an easily understandable matter. OTA analyzed 29 variables in 1,200 … More
The post Organizations continue to struggle with privacy regulations appeared first on Help Net Security.
MSPs are significantly more concerned with internal data breaches and rapidly evolving technology practices, whereas internal IT teams are more concerned with employee behavior/habits, according to a Central by LogMeIn report. The global survey, which polled 500 IT professionals across North America and Europe, also showed that top security concerns remain consistent year over year with 54 percent of IT professionals ranking malware as their number one security concern, followed by ransomware (46 percent) and … More
Magecart has so radically changed the threat landscape, victimizing hundreds of thousands of sites and millions of users, that other cybercriminals are building campaigns to monetize their handiwork, a RiskIQ research reveals. These secondary actors know that websites breached by Magecart are likely still making calls to domains once used for skimming and exfiltrating credit card data. Once registrars bring these campaigns back online after they were sinkholed or otherwise deactivated, these scavengers buy them … More
The post Old Magecart domains are finding new life in fresh threat campaigns appeared first on Help Net Security.
The sophistication level of bots attacking e-commerce sites is on the rise, with nearly four-fifths (79.2 percent) classified as moderate or sophisticated, up from 75.8 percent in 2018, according to the Imperva report. The report analyzed 16.4 billion requests from 231 domains during the month of July 2019. E-commerce companies suffer from a continual barrage of bad bots that criminals, competitors, resellers and investment companies use to carry out unauthorized price scraping, inventory checking, denial … More
The post Researchers analyzed 16.4 billion requests to see how bots affect e-commerce appeared first on Help Net Security.