Troy Hunt

APRIL 17, 2018

I have a vehement dislike of spam. Right there, that's something you and I have in common because I'm yet to meet a person who says "well actually, I find those Viagra emails I receive every day kinda useful" We get bombarded by spam on a daily basis and quite rightly, people get kinda cranky when they have to deal with it; it's an unwanted invasion that takes a little slice of unnecessary mental processing each time we see it.

Media 211

Media Advertising Accountability Marketing 211

Schneier on Security

APRIL 19, 2018

Police in the UK were able to read a fingerprint from a photo of a hand : Staff from the unit's specialist imaging team were able to enhance a picture of a hand holding a number of tablets, which was taken from a mobile phone, before fingerprint experts were able to positively identify that the hand was that of Elliott Morris. [.]. Speaking about the pioneering techniques used in the case, Dave Thomas, forensic operations manager at the Scientific Support Unit, added: "Specialist staff within th

Mobile 127

Mobile 127

WIRED Threat Level

APRIL 19, 2018

We leave traces of our genetic material everywhere, even on things we’ve never touched. That got Lukis Anderson charged with a brutal crime he didn’t commit.

89

89

Dark Reading

APRIL 17, 2018

Hackers are craftier than ever, pilfering PII piecemeal so bad actors can combine data to set up schemes to defraud medical practices, steal military secrets and hijack R&D product information.

96

96

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Troy Hunt

APRIL 19, 2018

I was chatting to some folks at a bank just the other day about a bunch of modern web security standards. Whilst this blog post is about a Pluralsight course I created with Lars Klint , it only really hit me during that bank conversation just how much there is to take onboard when it comes to securing things in the browser today. Let me paraphrase: Bank: We're thinking of using SRI to protect malicious modification of scripts we load in from a partner.

Banking 117

Banking DNS 117

Schneier on Security

APRIL 17, 2018

Turns out it's easy to hijack emergency sirens with a radio transmitter.

Hacking 149

Hacking 149

Thales Cloud Protection & Licensing

APRIL 16, 2018

The past year has seen a number of high profile security breaches tied to leaky storage servers. Specifically, the leakage of sensitive files connected to misconfigured security protocols on Amazon Simple Storage Service (S3) buckets. In fact, in June, a misconfigured database containing the sensitive personal information of 198 million American voters was left exposed online for nearly two weeks.

Encryption 91

Encryption Big data Backups Threat Reports 91

Troy Hunt

APRIL 20, 2018

I'm home! Home is good. My travel stats for this year - not so good. As I say in the video, I need to fix this so at this stage, I'm saying "no" to pretty much everything in the second half of the year that involves international travel and I'll just do the exceptionally awesome stuff. But be that as it may, there's a bunch of other stuff to talk about this week including 3 new blog posts.

Mobile 108

Mobile Media Hacking 108

Schneier on Security

APRIL 16, 2018

The Center for Democracy and Technology has a good summary of the current state of the DMCA's chilling effects on security research. To underline the nature of chilling effects on hacking and security research, CDT has worked to describe how tinkerers, hackers, and security researchers of all types both contribute to a baseline level of security in our digital environment and, in turn, are shaped themselves by this environment, most notably when things they do upset others and result in threats,

Hacking 147

Hacking Accountability Technology Risk 147

WIRED Threat Level

APRIL 17, 2018

Among those involved in David Pokora's so-called Xbox Underground, one would become an informant, one would become a fugitive, and one would end up dead.

Hacking 112

Hacking 112

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Elie

APRIL 18, 2018

This post explains why artificial intelligence (AI) is the key to building anti-abuse defenses that keep up with user expectations and combat increasingly sophisticated attacks. This is the first post of a series of four posts dedicated to provide a concise overview of how to harness AI to build robust anti-abuse protections. The remaining three posts delve into the top 10 anti-abuse specific challenges encountered while applying AI to abuse fighting, and how to overcome them.

Artificial Intelligence 91

Artificial Intelligence Phishing Technology Malware 91

Dark Reading

APRIL 20, 2018

Threat actors generate, launder, spend, and reinvest more than $1.5 trillion in illicit funds, according to a new study on cybercrime's 'web of profit.

Cybercrime 81

Cybercrime 81

Schneier on Security

APRIL 18, 2018

Interesting idea : we present Oblivious DNS (ODNS), which is a new design of the DNS ecosystem that allows current DNS servers to remain unchanged and increases privacy for data in motion and at rest. In the ODNS system, both the client is modified with a local resolver, and there is a new authoritative name server for.odns. To prevent an eavesdropper from learning information, the DNS query must be encrypted; the client generates a request for www.foo.com, generates a session key k, encrypts th

DNS 28

DNS Encryption 28

WIRED Threat Level

APRIL 16, 2018

New research shows just how prevalent political advertising was from suspicious groups in 2016—including Russian trolls.

Advertising 112

Advertising 112

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Elie

APRIL 18, 2018

This post explains why artificial intelligence (AI) is the key to building anti-abuse defenses that keep up with user expectations and combat increasingly sophisticated attacks. This is the first post of a series of four posts dedicated to provide a concise overview of how to harness AI to build robust anti-abuse protections. The remaining three posts will delve into the top 10 anti-abuse specific challenges encountered while applying AI to abuse fighting, and how to overcome them.

Artificial Intelligence 91

Artificial Intelligence Phishing Technology Malware 91

Dark Reading

APRIL 19, 2018

At RSA Conference, Senrio researchers will show how relatively unskilled attackers can steal personally identifiable information without coming into contact with endpoint security tools.

Data breaches 72

Data breaches IoT Hacking 72

Thales Cloud Protection & Licensing

APRIL 18, 2018

Security Application Key Management. One of the long standing challenges with security applications that involve data encryption has been key management. Where to get good keys? Where to store keys safely? With Thales eSecurity’s Vormetric Application Encryption (VAE) we’ve solved these problems by providing a PKCS #11 library and a connection to the Vormetric Data Security Manager (DSM), which both creates and stores encryption keys in a FIPS 140-2 compliant system.

Encryption 63

Encryption Authentication Software 63

WIRED Threat Level

APRIL 17, 2018

By accepting Verge, Pornhub could help make cryptocurrency transactions in general more mainstream.

Cryptocurrency 111

Cryptocurrency 111

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Elie

APRIL 18, 2018

While machine learning is integral to innumerable anti-abuse systems including spam and phishing detection, the road to reap its benefits is paved with numerous abuse-specific challenges. Drawing from concrete examples this session will discuss how these challenges are addressed at Google and providea roadmap to anyone interested in applying machine learning to fraud and abuse problems.

Phishing 89

Phishing 89

Threatpost

APRIL 19, 2018

Despite numerous talks about IoT vulnerabilities at RSAC this week, a clear resolution on fixes is nowhere in sight.

IoT 59

IoT 59

Dark Reading

APRIL 14, 2018

Credit card and social security numbers aren't the only sensitive information that requires protection.

56

56

WIRED Threat Level

APRIL 17, 2018

CCleaner owner Avast is sharing more details on the malware attackers used to infect legitimate software updates with malware.

Malware 110

Malware Software 110

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Elie

APRIL 18, 2018

While machine learning is integral to innumerable anti-abuse systems including spam and phishing detection, the road to reap its benefits is paved with numerous abuse-specific challenges. Drawing from concrete examples this session will discuss how these challenges are addressed at Google and providea roadmap to anyone interested in applying machine learning to fraud and abuse problems.

Phishing 89

Phishing 89

Threatpost

APRIL 17, 2018

Mobile apps leak personal data via insecure ads that transmit ad-targeting data insecurely.

Mobile 56

Mobile Advertising 56

Dark Reading

APRIL 17, 2018

A newly discovered variant of a long-known malware loader adds the ability to control the victim from afar.

Malware 56

Malware 56

WIRED Threat Level

APRIL 16, 2018

Rube-Goldbergesque IoT hacks are surprisingly simple to pull off—and can do a ton of damage.

IoT 109

IoT Hacking 109

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

eSecurity Planet

APRIL 17, 2018

The RSA Conference 2018 Cryptographers' panel was not particularly optimistic about blockchain or the state of modern cyber security.

53

53

Threatpost

APRIL 17, 2018

Cryptomining malware is the top threat to watch out for 2018, according to a Q1 analysis of threats.

Malware 56

Malware Ransomware Cryptocurrency 56

Dark Reading

APRIL 17, 2018

New privacy solutions are becoming scalable, smarter, and easier to address compliance across industries and geographies.

52

52

WIRED Threat Level

APRIL 17, 2018

Inaudible signals that your phone can hear—but you can't—are often based on ad hoc tech, which makes for risky security.

Wireless 107

Wireless 107

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity