Schneier on Security

JANUARY 19, 2018

Interesting research: " Long-term market implications of data breaches, not ," by Russell Lange and Eric W. Burger. Abstract : This report assesses the impact disclosure of data breaches has on the total returns and volatility of the affected companies' stock, with a focus on the results relative to the performance of the firms' peer industries, as represented through selected indices rather than the market as a whole.

Marketing 329

Marketing Financial Services Data breaches Healthcare 329

Troy Hunt

JANUARY 14, 2018

I don't know how many data breaches I'm sitting on that I'm yet to process. 100? 200? It's hard to tell because often I'm sent collections of multiple incidents in a single archive, often there's junk in there and often there's redundancy across those collections. All I really know is that there's hundreds of gigabytes spread across thousands of files.

Data breaches 148

Data breaches Passwords Accountability Media 148

WIRED Threat Level

JANUARY 16, 2018

Megan Squire doesn’t consider herself to be antifa and pushes digital activism instead, passing along information to those who might put it to real-world use—who might weaponize it.

111

111

Thales Cloud Protection & Licensing

JANUARY 18, 2018

There has always been a battle between business efficiency and security since the invention of shared compute and data resources. Enterprise risk managers continue to swing the pendulum between business risk and security risk, depending on new demands versus new threats. Today’s enterprises have experienced this pendulum shift as cloud has become more relevant.

Encryption 88

Encryption Risk Phishing Authentication 88

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Schneier on Security

JANUARY 15, 2018

No More Ransom is a central repository of keys and applications for ransomware, so people can recover their data without paying. It's not complete, of course, but is pretty good against older strains of ransomware. The site is a joint effort by Europol, the Dutch police, Kaspersky, and McAfee.

Ransomware 154

Ransomware Encryption 154

Troy Hunt

JANUARY 19, 2018

It's NDC London! I'm pushing this week's update out a little later due to the different time zones and frankly, due to it being an absolutely non-stop week of events. I talk about those, about how I'm trying to tackle breach disclosures now and about some upcoming events. Next week is Norway and Denmark and I'll be coming to you a little later due to a totally jam-packed Friday, more from me then. iTunes podcast | Google Play Music podcast | RSS podcast.

115

115

Thales Cloud Protection & Licensing

JANUARY 16, 2018

I have been in the security space for many decades. Although security technologies and processes have vastly improved, it seems that we are losing the battle as more and more data breaches are reported in the news. The wide adoption of the cloud has added to the concern for most enterprise risk officers. Due to increasing risk, favoring business efficiency over security — especially when dealing with cloud services — is no longer an accepted approach.

Encryption 59

Encryption Risk Data breaches Technology 59

Schneier on Security

JANUARY 17, 2018

Interesting article by Major General Hao Yeli, Chinese People's Liberation Army (ret.), a senior advisor at the China International Institute for Strategic Society, Vice President of China Institute for Innovation and Development Strategy, and the Chair of the Guanchao Cyber Forum. Against the background of globalization and the internet era, the emerging cyber sovereignty concept calls for breaking through the limitations of physical space and avoiding misunderstandings based on perceptions of

Government 146

Government Internet Internet Firewall 146

Dark Reading

JANUARY 17, 2018

Serverless architectures take away business responsibility for server management, but security should still be top of mind.

Architecture 78

Architecture 78

WIRED Threat Level

JANUARY 14, 2018

It's a new name for an old argument: that public agencies fighting crime and terrorism must have access to our private communications—for our own good.

Encryption 91

Encryption 91

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

eSecurity Planet

JANUARY 19, 2018

The IT and software solutions that help businesses meet the EU's tough new data privacy regulation.

Technology 82

Technology Data privacy Software 82

Schneier on Security

JANUARY 16, 2018

Jim Risen writes a long and interesting article about his battles with the US government and the New York Times to report government secrets.

Government 123

Government 123

Dark Reading

JANUARY 16, 2018

ICEBRG Security Research team's finding highlights an often-overlooked threat.

88

88

WIRED Threat Level

JANUARY 17, 2018

When researchers put a popular criminal justice algorithm up against a bunch of Mechanical Turks, they came out about even.

92

92

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

eSecurity Planet

JANUARY 19, 2018

Patch management might be the single most important security tool. We review 9 of the top patch management solutions.

71

71

Schneier on Security

JANUARY 18, 2018

Interesting.

174

174

Threatpost

JANUARY 18, 2018

A massive mobile espionage campaign has been collecting troves of sensitive personal information since 2012, according to a new report from the Electronic Frontier Foundation and security firm Lookout.

Mobile 52

Mobile Government Malware 52

WIRED Threat Level

JANUARY 18, 2018

New details about Triton malware should put industrial systems and critical infrastructure on notice.

Malware 97

Malware 97

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

eSecurity Planet

JANUARY 19, 2018

We review Flexera Corporate Software Inspector, a patch management solution for Windows, Mac OS and Red Hat Linux.

Software 69

Software 69

Dark Reading

JANUARY 19, 2018

While the attack surface has increased exponentially because of the cloud and everything-as-a-service providers, there are still ways in which host companies can harden supply chain security.

Cyber Attacks 52

Cyber Attacks 52

Threatpost

JANUARY 16, 2018

A bug in Lenovo’s Enterprise Networking Operating System could allow an attacker to launch an authentication bypass attack.

Authentication 60

Authentication 60

WIRED Threat Level

JANUARY 18, 2018

New research advances techniques for finding and exploiting known vulnerabilities in IoT devices automatically.

IoT 88

IoT 88

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

eSecurity Planet

JANUARY 19, 2018

We review SolarWinds Patch Manager, a patch management solution focused on Windows servers and workstations and third-party products.

48

48

Dark Reading

JANUARY 17, 2018

New research categorizes CISOs into four distinct groups based on factors related to workforce, governance, and security controls.

CISO 59

CISO Government 59

Threatpost

JANUARY 17, 2018

Researchers have discovered Android malware with spy capabilities never seen before such as allowing attackers to capture encrypted WhatsApp chat sessions.

Malware 46

Malware Encryption Mobile Hacking 46

WIRED Threat Level

JANUARY 13, 2018

Meltdown, Spectre, malicious Android apps, and more of the week's top security news.

89

89

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

eSecurity Planet

JANUARY 19, 2018

We review Red Hat Satellite, a patch management solution for enterprise Linux systems.

60

60

Dark Reading

JANUARY 19, 2018

Revenues and reputation have taken a hit in the wake of the US Department of Homeland Security's decision to prohibit use of its products and services by the feds, the company says.

Government 48

Government 48

Threatpost

JANUARY 17, 2018

Hackers are exploiting three Microsoft Office vulnerabilities to spread the Zyklon HTTP malware.

Malware 59

Malware Cryptocurrency Hacking 59

WIRED Threat Level

JANUARY 13, 2018

And where was the federal government?

Government 110

Government 110

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity