pindrop-logo-2.svg
Search
Close this search box.
Search
Close this search box.

Congress Pushes DHS For Answers on SS7 Security

A year after flaws in SS7, one of the underlying protocols in the cell network came to the public’s attention, two powerful members of Congress are asking the secretary of Homeland Security how DHS has addressed the threat and whether the department has sufficient resources to detect and defeat SS7-related attacks. The flaws in SS7, a […]

Security Professionals Expect More Attacks On IIoT in 2017

As technology vendors race to create more and more devices connected to the Internet of Things (IoT) the opportunity for hackers to get into these devices grows larger and larger, as these IoT devices are usually made with little to no regard for security. The fears of a large-scale attack waiting to happen were solidified this week when security firm Tripwire released the […]

Struts Vulnerability Attracting Plenty of Attackers

Attackers are continuing to seek out and exploit vulnerable servers running vulnerable versions of the Apache Struts framework, with hundreds of separate sources trying to take advantage of the bug. The vulnerability lies in the way that some versions of the Struts framework handles some content-type values. An attacker who is able to exploit the […]

Researchers Find 36 Android Devices Pre-Owned With Malware

About 10 years ago, security researchers began warning users and technology manufacturers about the problem of hardware devices coming out of the box pre-loaded with malware. It began with digital picture frames and USB drives, and it has moved to mobile phones, with the latest example coming in the form of 36 Android phones that shipped with […]

Google Roots Out Harmful Chamois Apps From Play Store

Fraudsters and cybercriminals continue to target mobile app stores with garbage apps disguised as benign ones, and Google has just identified a large family of potentially harmful apps in the Play marketplace and banned the apps and some people who were trying to take advantage of the company’s ad system to make money on the apps. […]

Google Steps Up Security on G Suite and Cloud Platform

Google has rolled out several new security features for its G Suite and Google Cloud Platform, including a DLP system that finds and redacts sensitive data, and a service that allows organizations to manage the lifecycle of encryption keys. Users of Google’s hosted apps are reliant on the company for the security and privacy controls, […]

Senator Asks DNI Nominee Coats for Answers on Section 702 Use

A Senate leader is asking Daniel Coats, the nominee for the vacant director of national intelligence position, to specify the number of Americans whose communications have been collected as part of the Section 702 surveillance program used by the NSA. In a letter sent this week to Coats, Sen. Ron Wyden (D-Ore.) repeated a request […]

Hackers Targeting Critical Apache Struts Flaw

Attackers are targeting a critical vulnerability in the Apache Struts framework, using exploits that have been published online to go after thousands of vulnerable sites. On Monday, the Apache Software Foundation published an advisory about the vulnerability, saying that the bug enabled remote code execution in certain situations. Almost immediately afterward, attackers began going after vulnerable […]

The Data Breach Butterfly Effect Hindering Retailers

Retail is now the number one target for cyberattacks. Because retailers hold large volumes of highly distributed personal information, including credit card data, these organizations are attractive environments for fraudsters to breach. In 2015, $60 billion was lost to retailers in the United States due to fraudulent activity. The phone channel is the weakest link […]