Amazon Simple Notification Service (SNS) now supports VPC Endpoints (VPCE) via AWS PrivateLink. You can use VPC Endpoints to privately publish messages to SNS topics, from an Amazon Virtual Private Cloud (VPC), without traversing the public internet. When you use AWS PrivateLink, you don’t need to set up an Internet Gateway (IGW), Network Address Translation (NAT) device, or Virtual Private Network (VPN) connection. You don’t need to use public IP addresses, either.
Facebook detected Russian government hackers targeting the Facebook accounts of campaign officials before the 2016 presidential election, Mark Zuckerberg revealed during a congressional hearing on Tuesday.
The annual Data Breach Investigations Report from Verizon usually provides cybersecurity professionals with some cold comfort. This year’s report covering 53,000 security incidents, including 2,216 confirmed data breaches, is no exception. Highlights of the report include the fact that almost three-quarters (73 percent) of cyberattacks were perpetrated by outsiders. Members of organized criminal groups were behind half of all breaches, with nation-state or state-affiliated actors accounting for 12 percent. The rest (28 percent) involved insiders.
We hear so often that artificial intelligence is soon—very soon—going to be driving our cars or doing our lawyering that a reality check is sometimes needed. Facebook founder Mark Zuckerberg let a doozy slip during his testimony on Tuesday in front of a joint Congressional committee that focused on the social network’s data policies.
Today’s VERT Alert addresses Microsoft’s April 2018 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-773 on Wednesday, April 10th.In-The-Wild & Disclosed CVEsCVE-2018-1034A vulnerability in SharePoint Server could allow specially crafted web requests to read unauthorized content or perform actions in the context of an authorized user. This attack is possible due to a failure to properly sanitize certain web requests and the update ensures proper sanitization occurs.Microsoft has rated this as a 3 on the Exploitability Index (Exploitation Unlikely)CVE Breakdown by TagWhile historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis.Other InformationIn addition to the Microsoft vulnerabilities included in the April Security Guidance, a number of security advisories were also made available.April 2018 Adobe Flash Security Update [ADV180007]Microsoft released updates for Adobe Flash. These correspond with Adobe Update APSB18-08. This includes fixes for CVE-2018-4932, CVE-2018-4933, CVE-2018-4934, CVE-2018-4935, CVE-2018-4936, and CVE-2018-4937.
While the recent Cambridge Analytica data privacy scandal is the main focus for American lawmakers questioning Facebook’s Mark Zuckerberg today, the company’s record beyond the U.S. raises even more alarms.
When officials at the Federal Communications Commission (FCC) denied launch authorization for four innovative satellites from startup Swarm Technologies last December, the agency was unequivocal as to the reason. “The applicant proposes to deploy and operate four spacecraft that are smaller than 10 centimeters in one of their three dimensions,” read a letter to Swarm’s CEO and founder Sara Spangelo. “These spacecraft are therefore below the size threshold at which detection by the Space Surveillance Network can be considered routine.”
Let’s talk about an integrated security experience. Many of our customers are in various stages of cybersecurity maturity:
In this post, we’ll take a quick look at a possible new ransomware variant, which appears to be the latest version of Maktub ransomware, also known as Maktub Locker.
In testimony before the Senate Judiciary and Commerce, Science, and Transportation committees, Facebook chief executive Mark Zuckerberg said that his company did not notify the Federal Trade Commission about the initial user data leak that triggered its most recent privacy scandal.
Microsoft today patched 66 different vulnerablities. In addition, Adobe patched 6 vulnerabilities in Adobe Flash.
[unable to retrieve full-text content]
Adobe PhoneGap Push Plugin CVE-2018-4943 Security Bypass Vulnerability
In the wake of revelations that the personal information of as many as 87 million Facebook users was used by data analysis firm Cambridge Analytica in 2016 for political purposes, reports indicate Facebook will contribute raw, anonymized data to a new Social Data Initiative via what is described as an independent, transparent and peer–reviewed process.
Facebook founder Mark Zuckerberg will be questioned by US lawmakers today about the “use and abuse of data” — following weeks of breaking news about a data misuse scandal dating back to 2014.
A global cybersecurity drill hosted Tuesday by the Department of Homeland Security served to “push participants out of their comfort zone” to practice information sharing at a time of heightened risk to critical infrastructure, top DHS cybersecurity official Jeanette Manfra said.
As digital information and data continues to accumulate worldwide, new big data solutions grow more and more popular. The introduction of IoT into our lifestyle, which turns appliances into smart data logging machines, along with organizations tracking behaviors for data science and research purposes, has made the move into big data storage inevitable.
Alex Wilhelm is the editor-in-chief of Crunchbase News and co-host of Equity, TechCrunch’s venture capital-focused podcast. More posts by this contributor
- In a Slack world, Microsoft bets on Teams and Yammer
- Spotify steadies, DocuSign’s big year, and scooters are the new blockchain
Today Carbon Black filed to go public, publishing its S-1 document with a $100 million IPO figure as a placeholder.
Facebook has become the de facto way people today keep up with their friends and family and, at times, their wider network of professional acquaintances and colleagues. But its inattention to user data protection is leading some people looking for an out. A new app called Garden, officially launching today, wants to offer people a more private and personal way to keep up with those who are important to them.
Open source components have gone mainstream. With every company undoubtedly becoming a software company, open source and commercial components are a vital element in developing applications at the speed of DevOps. But while they’re a powerful tool for adding features and functionalities to applications in relatively short order, they also introduce remarkable security risks.