NIST

Security News for 8Jun2020

Compliance, cyber security, cybersecurity, Privacy, Risk Management, Security / By

“Google is indexing the phone numbers of WhatsApp users that could be abused by threat actors for malicious activities. Even if Google Search only revealed the phone numbers and not the identities of associated users, ill-intentioned attackers could be able to see users’ profile pictures on WhatsApp and performing a reverse-image search the user’s profile picture to gather additional info on the potential victim (i.e. mining social media accounts where the victim use the same profile picture).”

Cyber Security News for 1Jun2020

Compliance, cyber security, cybersecurity, Privacy, Risk Management, Security / By

“A totally connected world will also be especially susceptible to cyberattacks. Even before the introduction of 5G networks, hackers have breached the control center of a municipal dam system, stopped an Internet-connected car as it travelled down an interstate, and sabotaged home appliances. Ransomware, malware, crypto-jacking, identity theft, and data breaches have become so common that more Americans are afraid of cybercrime than they are of becoming a victim of violent crime.”

PCI Standards Security Council extends the SSL/TLS migration date to June 2018

Compliance, Security / By

Finally PCI Standards Security Council is finally realizing how much of an issue it is for organizations to migrate to new standards.  If they stood by their initial deadline, everybody would have been non-compliant. Organizations have to procure funding before embarking on this task, and in this landscape, capital is in short supply. Source: Migrating_from_SSL_and_Early_TLS_-v12.pdf