Comcast secure second Xfinity security bug issue that leaked data

A seldom known page on Comcast’s Xfinity website was exposing customers’ account information to anyone — or any app — on a customer’s network. An anonymous security researcher dropped ZDNet an email, explaining that an API used by the internet giant could be tricked into returning customer data, including account numbers, a customer’s home address …

UK invests £1.9bn in cyber security to complement govt’s safeguards

Threats to cyber security are increasingly organised and transnational with no respect for geographical borders. Over the last year, we have seen a significant increase in the scale and severity of malicious cyber activity globally. In the UK, we have seen the impact of major cyber security incidents, such as the WannaCry attack that affected …

UK’s cyber security watchdog warns the UK telecoms sector against using ZTE Equipment

The UK’s cyber security watchdog has warned the UK telecoms sector not to use network equipment or services from Chinese supplier ZTE as it would have a “long term negative effect on the security of the UK”. This is seen as the latest crackdown on telecoms equipment suppliers by governments concerned about the national security …

Tinder Security Flaws Could Allow Hackers Spy On Your Swipes

The Checkmarx Security Research Team found disturbing vulnerabilities in a highly popular dating application used by people across the globe – Tinder. The report features how a malicious attacker can take advantage of these vulnerabilities to cause serious privacy breaches to an unsuspecting user. Are you a Tinder user? After undergoing the responsible disclosure procedure …

eScan Warns on Security Flaws in Xiaomi’s MIUI Software

Security solutions company eScan on Thursday in a 36-page report alleged that Xiaomi’s MIUI custom Android ROM has multiple flaws that affected the security of user data. Xiaomi system apps such as the uninstall mechanism and Mi Mover were some of the flawed aspects of MIUI, the report stated. The Chinese smartphone company has refuted …

Artificial intelligence (AI) will play a major role in cyber security

Artificial intelligence (AI) will play a stronger role in the cyber security space in the future and the key purpose is to initially help automate mundane tasks, like prioritising security logs, so that companies can reduce the human time and effort. A rapidly-growing number of logs, metrics and all kind of different indicators open doors …

GoDaddy Launches New Website Security Products After Sucuri Aquisition

GoDaddy Inc. (NYSE: GDDY), the world’s largest technology provider dedicated to shifting the global economy toward life-fulfilling independent ventures, yesterday launched GoDaddy Website Security, a cutting-edge website protection service to keep customers’ sites clean and free of malware. Website Security is powered by Sucuri, which was in March 2017 acquired by GoDaddy to further strengthen …

Report Urges Security providers to consider offering DDoS protection as a service

A new report by Corero Network Security suggests that offering DDoS protection as a service is a viable business idea. Out of its respondents, 82 percent see a “clear business opportunity” in providing DDoS protection as a service to its customers. Also, 93 percent see providing DDoS mitigation in relation to other types of security …

Trump Exec. Order Could Move Federal Cybersecurity to the Cloud

A new Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure has been signed. The order is targeting the federal government’s notorious vulnerability to cyber threats, mandating one set of standards and making the heads of each government agency responsible for security. “The United States invented the internet and we need …

Symantec’s annual Internet Security Threat Report Details a Scary 2017

Symantec’s 2017 Internet Security Threat Report reads more like a catalog of horrors for CIS and their staffs, with cyber spies and criminals running amuck everywhere. In 2016 as internet security threats mushroomed, cyber criminals and state-sponsored saboteurs pursued aggressive capers that included multi-million dollar virtual bank heists, some of the biggest distributed denial of …