“Siloscape”, the first malware to target Windows containers, breaks out of Kubernetes clusters to plant backdoors and raid nodes for credentials. Windows Container Malware Targets Kubernetes Clusters
Joseph Carson, chief security scientist and advisory CISO at ThycoticCentrify, discusses best practices for securing healthcare data against the modern threat landscape. Then and Now: Securing Privileged Access Within Healthcare Orgs
In this Threatpost podcast, Forcepoint’s SASE and Zero Trust director describes how the pandemic jump-started SASE adoption. Effective Adoption of SASE in 2021
Important-rated EoP flaws make up the bulk of the CVEs; SharePoint continues its critical run with four worrying bugs. Microsoft Addresses 111 Bugs for May Patch Tuesday
The login scheme promises it won’t share data — and will be required for all developers using third-party sign-ins. Is ‘Sign in with Apple’ Marketing Spin or Privacy Magic? Experts Weigh In
An attacker could gain remote access by chaining together an exploit for home routers with the TV flaw. Smart-TV Bug Allows Rogue Broadcasts
“Password-killing” authentication efforts may be on a road to nowhere. Passwords: Here to Stay, Despite Smart Alternatives?
Five of them allow remote compromise of the IoT gadgets, so attackers can intercept video feeds and more. Yi IoT Home Camera Riddled with Code-Execution Vulnerabilities
Gym customer data, including contact information, birth dates and height/weight data, opens the door to convincing follow-on social-engineering attacks. FitMetrix Exposes Millions of Customer Details, Accessed by Criminals
Chrome users are now automatically signed into the browser if they’re signed into any other Google service, such as Gmail. Google’s Forced Sign-in to Chrome Raises Privacy Red Flags