A week in security (April 8 – 14)
A roundup of news stories from April 8–14, including Baldr, medical management apps, an Android password stealer, and new sextortion scams.
The global data privacy roadmap: a question of risk
For any American company taking steps outside the US market, global data privacy compliance is a question of risk versus reward.
The Advanced Persistent Threat Files: APT1
Next up in the Advanced Persistent Threat Files: APT1, a unit of the People’s Liberation Army of China known for wide-scale and high-volume data collection on mostly English-speaking companies.
The Advanced Persistent Threat files: APT10
While security companies are getting good at analyzing the tactics of nation-state threat actors, they still struggle with placing these actions in context and making solid risk assessments. So in this series, we’re going to take a look at a few APT groups, and see how they fit into the larger threat landscape—starting with APT10.
Flaw in Twitter form may have been abused by nation states
Twitter announced in a blog post Monday that they discovered and addressed a security flaw in one of their support forms. The discovery was made on November 15—more than a month ago—and promptly fixed the next day. So why are we only hearing about it now?
Nigerian scams without the Nigerians
Many in the United States are familiar with Nigerian scams, but what kind of scams are going on in non-English countries? Take a look at the Chinese version – the seminar scam.