Exchange/Outlook Autodiscover Bug Spills $100K+ Email Passwords

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

0 Comments

Consumers Share Security Fears as Risky Behaviors Persist

Cybersecurity concerns are growing more prevalent among consumers — but not enough to prevent risky behaviors, new survey data shows. To learn more about how people approach cybersecurity and their thoughts on data protection, consumer security firm Aura and the Harris Poll surveyed more than 2,000 US adults. They learned

0 Comments

Are VPNs still the best solution for security?

Cybersecurity professionals rely on VPNs to secure remote endpoints with an organization’s home network. One expert suggests there is a better, simpler and safer approach to accomplish the same thing. Image: Getty Images/iStockphoto It’s almost old news to say that COVID changed everything, and remote workforces are here to stay.

0 Comments

How to improve relations between developers and security teams and boost application security

Chris Wysopal shared a history lesson about the evolution of application security and advice on how to make all apps more secure. Veracode CTO Chris Wysopal shared the highlights of his career in application security during an OWASP event, including his 1998 testimony to Congress as a member of the

0 Comments

What Is the Difference Between Security and Resilience?

Question: What is the difference between security and resilience? Tim Wade, Technical Director, CTO Team at Vectra: In practice, enterprise security has emphasized preventative measures as a means of defense, often overinvesting in such measures well past the point of diminishing returns. Such emphasis gives rise to the “defender’s dilemma”: An

0 Comments

Bug in macOS Finder allows remote code execution

While Apple did issue a patch for the vulnerability, it seems that the fix can be easily circumvented Researchers have uncovered a flaw in Apple’s macOS Finder system that could allow remote threat actors to dupe unsuspecting users into running arbitrary commands on their devices. The security loophole affects all

0 Comments

Apple’s New iCloud Private Relay Service Leaks Users’ Real IP Addresses

A new as-yet unpatched weakness in Apple’s iCloud Private Relay feature could be circumvented to leak users’ true IP addresses from iOS devices running the latest version of the operating system. Introduced with iOS 15, which was officially released this week, iCloud Private Relay aims to improve anonymity on the

0 Comments

How to create Let’s Encrypt SSL certificates with acme.sh on Linux

Issuing and installing SSL certificates doesn’t have to be a challenge, especially when there are tools like acme.sh available. Jack Wallen shows you how to install and use this handy script. Image: Getty Images/iStockphoto Installing SSL certificates isn’t difficult, but it’s a process every Linux administrator will have to take

0 Comments

Here’s a fix for open source supply chain attacks

Commentary: Open source has never been more popular or more under attack, but there’s something cloud providers can do to make OSS more secure. Image: Kheng Guan Toh/Shutterstock TechRepublic contributing writer Jack Wallen is correct that “Open source software has proved itself, time and time and time again, that it

0 Comments

REvil Affiliates Confirm: Leadership Were Cheating Dirtbags

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

0 Comments