Russian Pleads Guilty to Running 'CardPlanet' to Sell Stolen Credit Cards

Remote job: Russian Pleads Guilty to Running 'CardPlanet' to Sell Stolen Credit Cards Image credit: Times of Israel. Aleksei Burkov, a 29-year-old Russian hacker, on Thursday pleaded guilty to multiple criminal charges for running two illegal websites that helped cyber criminals commit more than $20 million in credit card fraud. The first website Burkov operated was an online marketplace for buying and selling stolen credit card and debit card numbers—called Cardplanet—which Source: Hackernews Link: Russian Pleads Guilty to Running 'CardPlanet' to Sell Stolen Credit Cards Continue reading Russian Pleads Guilty to Running 'CardPlanet' to Sell Stolen Credit Cards

250 Million Microsoft Customer Support Records Exposed Online

Remote job: 250 Million Microsoft Customer Support Records Exposed Online If you have ever contacted Microsoft for support in the past 14 years, your technical query, along with some personally identifiable information might have been compromised. Microsoft today admitted a security incident that exposed nearly 250 million “Customer Service and Support” (CSS) records on the Internet due to a misconfigured server containing logs of conversations between its support Source: Hackernews Link: 250 Million Microsoft Customer Support Records Exposed Online Continue reading 250 Million Microsoft Customer Support Records Exposed Online

Saudi Prince Allegedly Hacked World's Richest Man Jeff Bezos Using WhatsApp

Remote job: Saudi Prince Allegedly Hacked World's Richest Man Jeff Bezos Using WhatsApp The smartphone of Amazon founder Jeff Bezos, the world’s richest man, was reportedly hacked in May 2018 after receiving a WhatsApp message from the personal account of Saudi crown prince Mohammed bin Salman, the Guardian newspaper revealed today. Citing unnamed sources familiar with digital forensic analysis of the breach, the newspaper claimed that a massive amount of data was exfiltrated Source: Hackernews Link: Saudi Prince Allegedly Hacked World's Richest Man Jeff Bezos Using WhatsApp Continue reading Saudi Prince Allegedly Hacked World's Richest Man Jeff Bezos Using WhatsApp

Download: The State of Security Breach Protection 2020 Survey Results

Remote job: Download: The State of Security Breach Protection 2020 Survey Results What are the key considerations security decision-makers should take into account when designing their 2020 breach protection? To answer this, we polled 1,536 cybersecurity professionals in The State of Breach Protection 2020 survey (Download the full survey here) to understand the common practices, prioritization, and preferences of the organization today in protecting themselves from Source: Hackernews Link: Download: The State of Security Breach Protection 2020 Survey Results Continue reading Download: The State of Security Breach Protection 2020 Survey Results

BitDam Study Exposes High Miss Rates of Leading Email Security Systems

Remote job: BitDam Study Exposes High Miss Rates of Leading Email Security Systems Imagine receiving an email from US VP Mike Pence’s official email account asking for help because he has been stranded in the Philippines. Actually, you don’t have to. This actually happened. Pence’s email was hacked when he was still the governor of Indiana, and his account was used to attempt to defraud several people. How did this happen? Is it similar to how the DNC server was hacked? Source: Hackernews Link: BitDam Study Exposes High Miss Rates of Leading Email Security Systems Continue reading BitDam Study Exposes High Miss Rates of Leading Email Security Systems

Citrix Releases Patches for Critical ADC Vulnerability Under Active Attack

Remote job: Citrix Releases Patches for Critical ADC Vulnerability Under Active Attack Citrix has finally started rolling out security patches for a critical vulnerability in ADC and Gateway software that attackers started exploiting in the wild earlier this month after the company announced the existence of the issue without releasing any permanent fix. I wish I could say, “better late than never,” but since hackers don’t waste time or miss any opportunity to exploit Source: Hackernews Link: Citrix Releases Patches for Critical ADC Vulnerability Under Active Attack Continue reading Citrix Releases Patches for Critical ADC Vulnerability Under Active Attack

Evaluating Your Security Controls? Be Sure to Ask the Right Questions

Remote job: Evaluating Your Security Controls? Be Sure to Ask the Right Questions Testing security controls is the only way to know if they are truly defending your organization. With many different testing frameworks and tools to choose from, you have lots of options. But what do you specifically want to know? And how are the findings relevant to the threat landscape you face at this moment? “Decide what you want to know and then choose the best tool for the job.” Source: Hackernews Link: Evaluating Your Security Controls? Be Sure to Ask the Right Questions Continue reading Evaluating Your Security Controls? Be Sure to Ask the Right Questions

Microsoft Warns of Unpatched IE Browser Zero-Day That's Under Active Attacks

Remote job: Microsoft Warns of Unpatched IE Browser Zero-Day That's Under Active Attacks Internet Explorer is dead, but not the mess it left behind. Microsoft earlier today issued an emergency security advisory warning millions of Windows users of a new zero-day vulnerability in Internet Explorer (IE) browser that attackers are actively exploiting in the wild — and there is no patch yet available for it. The vulnerability, tracked as CVE-2020-0674 and rated moderated, is a remote Source: Hackernews Link: Microsoft Warns of Unpatched IE Browser Zero-Day That's Under Active Attacks Continue reading Microsoft Warns of Unpatched IE Browser Zero-Day That's Under Active Attacks

Broadening the Scope: A Comprehensive View of Pen Testing

Remote job: Broadening the Scope: A Comprehensive View of Pen Testing Penetration tests have long been known as a critical security tool that exposes security weaknesses through simulated attacks on an organization’s IT environments. These test results can help prioritize weaknesses, providing a road-map towards remediation. However, the results are also capable of doing even more. They identify and quantify security risk, and can be used as a keystone in Source: Hackernews Link: Broadening the Scope: A Comprehensive View of Pen Testing Continue reading Broadening the Scope: A Comprehensive View of Pen Testing