Tuesday, July 7
Women in Payments: Q&A with Diane Rogerson
Cyber Security

Women in Payments: Q&A with Diane Rogerson

Diane Rogerson didn’t choose a career in cybersecurity; rather, it chose her. In this month’s blog series, find out how Rogerson’s transferrable skillsets were more valuable than her subject matter expertise around cybersecurity, and how she thinks other women can be successful in this regard, too.   (more…)
Zoom: We’ve delivered on all of our security and privacy promises, apart from one
Cyber Security

Zoom: We’ve delivered on all of our security and privacy promises, apart from one

CEO Eric Yuan said the company had been working to improve safety, privacy and security, but has pushed back the date for its transparency report. The meteoric rise of videoconferencing platform Zoom during the global lockdowns was accompanied by criticism of its cybersecurity standards. As more remote workers turned to Zoom for business meetings, virtual get-togethers and other forms of socially distanced communication, it soon became apparent that security –thanks to headaches such as a wave of ' Zoom-bombing ' – was an area that needed more work. As a result, Zoom CEO Eric Yuan launched a 90-day programme that pledged to addre...
Paul’s Security Weekly: New Web Technology & Impact on Automated Security Testing
Cyber Security

Paul’s Security Weekly: New Web Technology & Impact on Automated Security Testing

Our core security researcher, Benjamin Daniel Mussler, has been invited to Paul’s Security Weekly podcast to participate in a discussion about new web technologies and their impact on automated security testing. Benjamin primarily talked about the fact that web browsers have gone a long way since serving static pages and web applications are becoming more and more like desktop applications. This means that the web browser is taking on the role of an operating system. The biggest challenges related to this are: Browsers will gain more and more access to the underlying operating system without user confirmation (for example, direct file system access). Therefore, web vulnerabilities may have even more serious implications on the client side. Security professionals must find ways to ...
Women in Payments: Q&A with Julie Quandt
Cyber Security

Women in Payments: Q&A with Julie Quandt

Julie Quandt used to be the only woman in the room at her corporate meetings. In this month’s Women in Payments blog series, find out why that’s changing and why the good old days of not having to wait in line for the ladies’ room at industry conferences may now be over. (more…)
Women in Payments: Q&A with Diane Rogerson
Cyber Security

Women in Payments: Q&A with Diane Rogerson

Diane Rogerson didn’t choose a career in cybersecurity; rather, it chose her. In this month’s blog series, find out how Rogerson’s transferrable skillsets were more valuable than her subject matter expertise around cybersecurity, and how she thinks other women can be successful in this regard, too.   (more…)
Zoom: We’ve delivered on all of our security and privacy promises, apart from one
Cyber Security

Zoom: We’ve delivered on all of our security and privacy promises, apart from one

CEO Eric Yuan said the company had been working to improve safety, privacy and security, but has pushed back the date for its transparency report. The meteoric rise of videoconferencing platform Zoom during the global lockdowns was accompanied by criticism of its cybersecurity standards. As more remote workers turned to Zoom for business meetings, virtual get-togethers and other forms of socially distanced communication, it soon became apparent that security –thanks to headaches such as a wave of ' Zoom-bombing ' – was an area that needed more work. As a result, Zoom CEO Eric Yuan launched a 90-day programme that pledged to addre...
Phishing attack spoofs Twitter to steal account credentials
Cyber Security

Phishing attack spoofs Twitter to steal account credentials

A new phishing campaign spotted by Abnormal Security attempts to trick people with a phony Twitter security notification. Image: GrafVishenka, Getty Images/iStockPhotos Phishing campaigns are a favored tactic among many cybercriminals because they're relatively easy to set up and deploy. Because the phishing emails typically impersonate a well-known company or brand, they stand a good chance of trapping unsuspecting victims who have accounts with the spoofed entity. A new phishing campaign analyzed by the security provider Abnormal Security shows how the attackers are taking ...
How to secure your iOS Lock Screen
Cyber Security

How to secure your iOS Lock Screen

Configure your iOS Lock Screen to block those picking up your device from reading messages, viewing the Today View, or interacting with Siri unless your device is unlocked first. cnet.com We spend a lot of time on our mobile iOS devices and it may seem that securing our devices with Touch ID and Face ID is all we need to protect our data. However, there's other data accessible on the Lock Screen, through Siri, or through the Today View that can still be read by potential data thieves or on-lookers that can gain valuable information. In this tutorial, you will learn how to sec...
5 NSA-recommended strategies for improving your VPN security
Cyber Security

5 NSA-recommended strategies for improving your VPN security

The US National Security Agency has noticed a surge in cyberattacks targeting VPNs since the COVID-19 pandemic has forced more people to work from home. The United States National Security Agency is warning remote workers, whose numbers have skyrocketed due to the COVID-19 pandemic, that Virtual Private Networks (VPNs) are increasingly a target of cybercriminals. A senior NSA official speaking to reporters last week said that telework infrastructure like VPNs have become a focus for malicious actors, which led the NSA to release a formal advisory on how to secure VPNs from cyberattacks.  Security risks due to an increase in remote work have bee...
Paul’s Security Weekly: New Web Technology & Impact on Automated Security Testing
Cyber Security

Paul’s Security Weekly: New Web Technology & Impact on Automated Security Testing

Our core security researcher, Benjamin Daniel Mussler, has been invited to Paul’s Security Weekly podcast to participate in a discussion about new web technologies and their impact on automated security testing. Benjamin primarily talked about the fact that web browsers have gone a long way since serving static pages and web applications are becoming more and more like desktop applications. This means that the web browser is taking on the role of an operating system. The biggest challenges related to this are: Browsers will gain more and more access to the underlying operating system without user confirmation (for example, direct file system access). Therefore, web vulnerabilities may have even more serious implications on the client side. Security professionals must find ways to ...