Time to remove xss protection in our hardening documents and introduce CSPs. https://portswigger.net/daily-swig/google-deprecates-xss-auditor-for-chrome https://portswigger.net/daily-swig/xss-protection-disappears-from-microsoft-edge https://groups.google.com/a/chromium.org/forum/m/#!msg/blink-dev/TuYw-EZhO9g/blGViehIAwAJ


Time to remove xss protection in our hardening documents and introduce CSPs.

https://ift.tt/2lvy1N0

https://ift.tt/2JCHAjI

https://ift.tt/2lDYckJ Via Salman, Khwaja

The Hacker News Engage Your Management with the Definitive ‘Security for Management’ Presentation Template In every organization, there is a person who’s directly accountable for cybersecurity. The name of the role varies per the organization’s size and maturity – CISO, CIO, and Director of IT are just a few common examples – but the responsibility is similar in all places. They’re the person who understands the risk and exposure, knows how prepared the team and most important – what the gaps are


The Hacker News
Engage Your Management with the Definitive ‘Security for Management’ Presentation Template

In every organization, there is a person who’s directly accountable for cybersecurity. The name of the role varies per the organization’s size and maturity – CISO, CIO, and Director of IT are just a few common examples – but the responsibility is similar in all places.

They’re the person who understands the risk and exposure, knows how prepared the team and most important – what the gaps are Via Salman, Khwaja

TechBeacon – Security Why the phishing problem is getting worse Phishing has been around as long as email, and it continues to present a substantial risk to business and is often cited as a top security concern. The concern is driven by increasingly sophisticated attacks; the move from email to alternative attack vectors, such as social media and messaging; and the simple fact that phishing targets the weakest link in the security chain: people.


TechBeacon – Security
Why the phishing problem is getting worse

Phishing has been around as long as email, and it continues to present a substantial risk to business and is often cited as a top security concern. The concern is driven by increasingly sophisticated attacks; the move from email to alternative attack vectors, such as social media and messaging; and the simple fact that phishing targets the weakest link in the security chain: people. Via Salman, Khwaja

The Hacker News Cybersecurity Frameworks — Types, Strategies, Implementation and Benefits Organizations around the world are wondering how to become immune from cyber attacks which are evolving every day with more sophisticated attack vectors. IT teams are always on the lookout for new ransomware and exploit spreading in the wild, but can all these unforeseen cyber attacks be prevented proactively? That’s definitely a ‘NO,’ which is why there’s a reactive approach in place to


The Hacker News
Cybersecurity Frameworks — Types, Strategies, Implementation and Benefits

Organizations around the world are wondering how to become immune from cyber attacks which are evolving every day with more sophisticated attack vectors.

IT teams are always on the lookout for new ransomware and exploit spreading in the wild, but can all these unforeseen cyber attacks be prevented proactively?

That’s definitely a ‘NO,’ which is why there’s a reactive approach in place to Via Salman, Khwaja

The Hacker News Patch Tuesday: Microsoft Releases July 2019 Security Updates Microsoft today released its monthly batch of software security updates for the July month to patch a total of 77 vulnerabilities, 14 are rated Critical, 62 are Important, and 1 is rated Moderate in severity. The July 2019 security updates include patches for various supported versions of Windows operating systems and other Microsoft products, including Internet Explorer, Edge, Office, Azure


The Hacker News
Patch Tuesday: Microsoft Releases July 2019 Security Updates

Microsoft today released its monthly batch of software security updates for the July month to patch a total of 77 vulnerabilities, 14 are rated Critical, 62 are Important, and 1 is rated Moderate in severity.

The July 2019 security updates include patches for various supported versions of Windows operating systems and other Microsoft products, including Internet Explorer, Edge, Office, Azure Via Salman, Khwaja

Threatpost | The first stop for security news 1,300 Popular Android Apps Access Data Without Proper Permissions Study finds Android apps circumvented privacy opt-in rules and collected sensitive user information against user permission.


Threatpost | The first stop for security news
1,300 Popular Android Apps Access Data Without Proper Permissions

Study finds Android apps circumvented privacy opt-in rules and collected sensitive user information against user permission. Via Salman, Khwaja

Threatpost | The first stop for security news Marriott Hit With $123M Fine For Massive 2018 Data Breach The data breach fine against Marriott by the Information Commissioner’s Office comes a day after British Airways was also penalized.


Threatpost | The first stop for security news
Marriott Hit With $123M Fine For Massive 2018 Data Breach

The data breach fine against Marriott by the Information Commissioner’s Office comes a day after British Airways was also penalized. Via Salman, Khwaja