Cloud Security Alliance Gives New Guidance

Version 2.1 of the Cloud Security Alliance’s “Guidance for Critical Areas of Focus in Cloud Computing” provides more concise and actionable guidance across all
domains, and encompasses knowledge gained from real world deployments
over the past six months. Read the full article. [Help Net Security]

Fraudsters have started to raid user accounts by beating strong two-factor authentication methods with Trojan-based, man-in-the-browser attacks, said Gartner Research. Read the full article. [Help Net Security]

An attacker with access to the target computer simply boots from a USB
flash drive and replaces the BitLocker bootloader with a substitute
bootloader which mimics the BitLocker PIN query process but saves the
PINs entered by the user to disk in unencrypted form. Read the full article. [The H Security]

Microsoft released data collected from an FTP-server
honeypot, showing that attempts to guess passwords continue to focus on
the low-hanging fruit: passwords with an average length of eight
characters, with “password” and “123456” being the most common. Read the full article. [Security Focus]

Beginning in March, personal identifiable data of customers and employees in Massachusetts will be required to be encrypted on any mobile device such as laptops or portable USB drives. Read the full article. [EnterpriseNews]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.