Get Your List of Top Infosec Journalists and Sources Today!

Become a Patron of Metacurity today and gain access to our exclusive quarterly lists ot top infosec journalists and resources.

Sponsor message. Interested in sponsoring Metacurity? Email us at info@metacurity.com and we’ll get back to you right away.


Latest News

2 years ago
BBC News

TalkTalk Hackers Jailed for a Combined 20 Months for Massive 2015 Data Breach

UK hackers Matthew Hanley and Connor Allsopp admitted their roles in the massive 2015 data breach of telco TalkTalk, which affected 1.6 million accounts, and have now been jailed for a combined 20 months, with Hanley slated to serve for 12 months and Allsopp for eight months. In addition to exposing personal details on millions of customers, the TalkTalk hack cost the company  £77 million, or nearly $100 million, and the two hackers subjected then-CEO Dido Harding to blackmail efforts.

2 years ago
Natasha Lomas / TechCrunch

Vision Direct Reveals Credit Card Data-Skimming Breach, Fake Google Analytics Script Running on Site

European online contact lens supplier Vision Direct said it had been hit with a data breach that compromised full credit card information and other personal data. The breach occurred between 12.11am GMT November 3, 2018, and 12.52pm GMT November 8, with any logged in users who were ordering or updating their information on visionDirect.co.uk in that time window potentially being affected. The personal data stolen during this window includes full name, billing address, email address, password, and telephone number. The data appears to have been compromised via a Javascript keylogger running on the Vision Direct website and according to security researcher Troy Mursch was due to a fake Google Analytics script had been running on Vision Direct’s UK website. Security researcher Willem de Groot said the malware used in this attack was the Magecart card-skimming malware used in a string of recent major attacks on British Airways and other sites.

2 years ago
Press Association / The Guardian

UK Parliament Blasts Government for ‘Absence of Political Leadership’ on Cyberthreats, Calls for Appointment of Cabinet-Level Cybersecurity Minister

UK ministers are failing to act with “a meaningful sense of purpose or urgency” when it comes to cyberthreats to the UK critical national infrastructure according to a report issued by parliament’s Joint Committee on the National Security Strategy. The report calls for Prime minister Theresa May to appoint a cybersecurity minister in the cabinet to take charge of the efforts to build national cybersecurity resilience. The report states that the cyberthreat to the UK’s critical national infrastructure “is as credible, potentially devastating and immediate as any other threat faced by the UK” and blasts the government for the “absence of political leadership at the centre of Government in responding to this top-tier national security threat.”

New for Patrons Only! Five Easy Questions

New for Metacurity’s Patrons!

Metacurity is proud to offer our patrons original content only available to upper tier Patreon supporters.  Five Easy Questions is a new feature that poses five questions to industry influencers, starting with infosec journalist Catalin Cimpanu.

Sign up today and gain insight into what top influencers think is important in information security.

(Sponsor message)


2 years ago
Mike Allen, Ina Fried / Axios

Apple CEO Says It’s ‘Inevitable’ There Will Be ‘Some Level of Regulation’ When It Comes to Internet Privacy

Apple CEO Tim Cook said in an interview with Axios on  HBO that some regulation of the data-oriented Internet industries is inevitable. “I’m a big believer in the free market. But we have to admit when the free market is not working. And it hasn’t worked here. I think it’s inevitable that there will be some level of regulation,” Cook said.

Podcasts

2 years ago
The Cyberlaw Podcast

If Paris Calls, Should We Hang Up?

Matthew Heiman, Megan Reiss, Maury Shenk, and Stewart Baker discuss the week’s news including a letter Russia sent in the DNC’s hacking case against Putin’s intelligence agents, apparent criminal charges against Julian Assange, the Paris Call for Trust and Security in Cyberspace and more. Mieke Eoyang joins the podcast, the interview about Third Way’s “To Catch a Hacker” report.

2 years ago
CYBER / Motherboard

America’s Voting Machines Are Vulnerable to Election Hacking

When you say “election hacking” it means something different than the Kremlin’s disinformation campaigns. On this episode of CYBER, Motherboard contributor Kim Zetter, who just wrote a piece for New York Times Magazine called “The Crisis of Election Security,” talks about election hacking. Kim says the real vulnerability in our system is something of our own making: the outdated voting machines we use to carry out our key civic duties.

2 years ago
ISC StormCast

PCAP Analysis Tool; Lookyloo; Spoofing From in GMAIL

Johannes Ullrich talks about Multipurpose PCAP Analysis Tool, Quickly Investigating Websites with Lookyloo, From Field Spoofing in GMail.

2 years ago
The Shared Security Podcast

USPS Informed Delivery Vulnerabilities, Holiday Credit Card Fraud, Huge SMS Database Leak – WB43

News wrap-up includes recent warning from the US Secret Service which was sent to law enforcement across the country earlier this month about the US Postal Service’s “Informed Delivery” feature, a report from Gemini Advisory showed that credit card fraud is still increasing in the US despite the use of new EMV chip-enabled cards and a report from ACI Worldwide shows that there will be a 14% increase in fraud attempts this holiday season.

2 years ago
Paul’s Security Weekly #583

Spectre, ATMs, and Japan’s Minister

7 new Spectre/Meltdown attacks, Hacking ATM’s for free cash is easier than Windows XP, AI can now fake fingerprints fooling ID scanners, and Japan’s cybersecurity minister admits he’s never used a computer.

Cybersecurity Events

Aug. 6-9 DefconVirtualVirtual
Aug. 6Future of Digital Identity: Self-Sovereign Identity & Verifiable CredentialsVirtualVirtual
Aug. 10-15SANS TrainingVirtualVirtual
Aug. 12Dolphin Tank®: Cyber Security (VIRTUAL)VirtualVirtual
Aug. 13CISO LiveVirtualVirtual
Aug. 13SecureWorld Chicago - Twin Cities - St. Louis Virtual ConferenceVirtualVirtual
Aug. 13Cloud Security SummitVirtualVirtual
Aug. 10-14Tactical EdgeVirtualVirtual
Aug. 12-14USENIX Security SymposiumVirtualVirtual
Aug. 15Digital Kids SecuriDayVirtualVirtual
Aug. 19ExploitCon SpokaneVirtualVirtual
Aug. 21-22The Diana InitiativeVirtualVirtual
Aug. 25SecureITVirtualVirtual
Aug. 27SecureWorld Atlanta - Charlotte VirtualVirtual
Sept. 23DC METRO 2020 Virtual Cyber Security SummitVirtualVirtual


Listen to Metacurity on Alexa

Metacurity now has over 500 monthly listeners, and thousands of plays for our ongoing summaries on Amazon Alexa.

Sign up on Alexa today and just ask “Alexa, what’s my flash briefing!”


Please Support Us!

We need the help and support of our individual readers as we develop new forms of corporate support, including sponsorships and an information security job hub. Please support Metacurity’s  by one of the two following methods. If you have any questions at all, please don’t hesitate to contact us at info@metacurity.com

Patreon

We’ve launched a Patreon campaign to help you support the Metacurity community. Check it out and earn lots of goodwill from your infosec peers and even get a great Metacurity sticker, among other patron rewards!

One-Time or Recurring Payments

If you like to support our effort to truly become the end of cybersecurity information overload, chip in and for less than a proverbial cup of coffee you will be doing your part to help Metacurity survive. Please select one of the options below to ensure that Metacurity sticks around as an important information security resource.