Amazon Web Services Inc. today announced three new security-related products at its annual AWS re:Invent conference today in Las Vegas, all aimed at providing new services and capabilities for its customers to “operate securely.” Leading the announcements is the long-rumored Amazon Detective. The new service has been designed to make it easier for AWS customers ...

McAfee LLC today announced it’s adding support for the new Amazon Detective cloud security service as part of its McAfee MVISION Cloud for Amazon Web Services to provide customers with better incident detection and remediation. Amazon Detective, announced by Amazon Web Services Inc. at the AWS re:Invent conference in Las Vegas running this week, uses artificial ...

Cloud-based encryption software company StrongSalt today announced its Open Privacy application programming interface for searching and sharing encrypted data in cloud services and enterprise applications. The company’s first major announcement since it raised $3 million in seed funding in September, the API has been designed to allow searching and use of encrypted data without the need for ...

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has released a draft version of a directive that would require federal agencies to establish vulnerability disclosure policies. The draft Binding Operational Directive 20-01 has been designed to address an environment that delays or discourages the public from reporting potential information security problems to the ...

Private data including tens of millions of SMS text messages linked to communication company TrueDialog have been found exposed online putting data related to millions of Americans at risk. Found and publicized today by security researchers at vpnMentor, the breach involved an unsecured Oracle Marketing Cloud database exposed on Microsoft Azure. The 604 gigabytes of data in the database ...

A newly discovered Android vulnerability being exploited in the wild allows attackers to insert fake login screens into legitimate apps to steal credentials as well as undertake various other nefarious activities. Detailed today by security researchers at Promon, the vulnerability, dubbed “StrandHogg,” exists as a result of the way Android handles multitasking.  Found in all versions of Android including ...

U.K.-based music streaming service Mixcloud Ltd. has been hacked, with about 21 million customer records stolen. The hack is believed to have occurred in November and only came to light after a “dark web” seller provided a portion of the stolen data to some outlets. The data included usernames, email addresses, signup dates and login ...

Millions may have been stolen after the chief executive of a little-known Asian cryptocurrency exchange called IDAX disappeared with the keys to the company’s cold wallets. The origins of the company are cloudy, but the company appears to be operated out of Shanghai. Cryptocurrency exchanges are illegal in China, but the company was registered in ...

An Ethereum research scientist was arrested at Los Angeles International Airport Friday on allegations that he breached U.S. sanctions by attending a conference in North Korea and discussing blockchain technology. Virgil Griffith, 36, a resident of Singapore but a U.S. citizen, stands accused of speaking at the Pyongyang Blockchain and Cryptocurrency Conference in April. He’s alleged by the ...

In a sign of the times, a longstanding botnet has changed its behavior, switching its activity to cryptomining while using YouTube as part of its process. Discovered Tuesday by security researchers at ESET spol s.r.o, the shift involves the Statinko Botnet that has been around since 2012 and was previously used as part of a massive adware campaign. Those ...