Schneier on Security

JANUARY 18, 2018

Interesting.

187

187

Troy Hunt

JANUARY 14, 2018

I don't know how many data breaches I'm sitting on that I'm yet to process. 100? 200? It's hard to tell because often I'm sent collections of multiple incidents in a single archive, often there's junk in there and often there's redundancy across those collections. All I really know is that there's hundreds of gigabytes spread across thousands of files.

Data breaches 160

Data breaches Passwords Accountability Media 160

WIRED Threat Level

JANUARY 16, 2018

Megan Squire doesn’t consider herself to be antifa and pushes digital activism instead, passing along information to those who might put it to real-world use—who might weaponize it.

112

112

Dark Reading

JANUARY 16, 2018

ICEBRG Security Research team's finding highlights an often-overlooked threat.

88

88

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Schneier on Security

JANUARY 19, 2018

Interesting research: " Long-term market implications of data breaches, not ," by Russell Lange and Eric W. Burger. Abstract : This report assesses the impact disclosure of data breaches has on the total returns and volatility of the affected companies' stock, with a focus on the results relative to the performance of the firms' peer industries, as represented through selected indices rather than the market as a whole.

Marketing 348

Marketing Financial Services Data breaches Healthcare 348

Troy Hunt

JANUARY 19, 2018

It's NDC London! I'm pushing this week's update out a little later due to the different time zones and frankly, due to it being an absolutely non-stop week of events. I talk about those, about how I'm trying to tackle breach disclosures now and about some upcoming events. Next week is Norway and Denmark and I'll be coming to you a little later due to a totally jam-packed Friday, more from me then. iTunes podcast | Google Play Music podcast | RSS podcast.

118

118

Thales Cloud Protection & Licensing

JANUARY 18, 2018

There has always been a battle between business efficiency and security since the invention of shared compute and data resources. Enterprise risk managers continue to swing the pendulum between business risk and security risk, depending on new demands versus new threats. Today’s enterprises have experienced this pendulum shift as cloud has become more relevant.

Encryption 88

Encryption Risk Phishing Authentication 88

Schneier on Security

JANUARY 15, 2018

No More Ransom is a central repository of keys and applications for ransomware, so people can recover their data without paying. It's not complete, of course, but is pretty good against older strains of ransomware. The site is a joint effort by Europol, the Dutch police, Kaspersky, and McAfee.

Ransomware 165

Ransomware Encryption 165

Dark Reading

JANUARY 17, 2018

Serverless architectures take away business responsibility for server management, but security should still be top of mind.

Architecture 78

Architecture 78

WIRED Threat Level

JANUARY 13, 2018

And where was the federal government?

Government 111

Government 111

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

eSecurity Planet

JANUARY 19, 2018

The IT and software solutions that help businesses meet the EU's tough new data privacy regulation.

Technology 67

Technology Data privacy Software 67

Schneier on Security

JANUARY 17, 2018

Interesting article by Major General Hao Yeli, Chinese People's Liberation Army (ret.), a senior advisor at the China International Institute for Strategic Society, Vice President of China Institute for Innovation and Development Strategy, and the Chair of the Guanchao Cyber Forum. Against the background of globalization and the internet era, the emerging cyber sovereignty concept calls for breaking through the limitations of physical space and avoiding misunderstandings based on perceptions of

Government 155

Government Internet Internet Firewall 155

Dark Reading

JANUARY 16, 2018

Here's a list of gotchas that often slip past overburdened security pros.

61

61

WIRED Threat Level

JANUARY 18, 2018

New details about Triton malware should put industrial systems and critical infrastructure on notice.

Malware 110

Malware 110

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Threatpost

JANUARY 16, 2018

A bug in Lenovo’s Enterprise Networking Operating System could allow an attacker to launch an authentication bypass attack.

Authentication 60

Authentication 60

Schneier on Security

JANUARY 16, 2018

Jim Risen writes a long and interesting article about his battles with the US government and the New York Times to report government secrets.

Government 128

Government 128

Thales Cloud Protection & Licensing

JANUARY 16, 2018

I have been in the security space for many decades. Although security technologies and processes have vastly improved, it seems that we are losing the battle as more and more data breaches are reported in the news. The wide adoption of the cloud has added to the concern for most enterprise risk officers. Due to increasing risk, favoring business efficiency over security — especially when dealing with cloud services — is no longer an accepted approach.

Encryption 59

Encryption Risk Data breaches Technology 59

WIRED Threat Level

JANUARY 17, 2018

When researchers put a popular criminal justice algorithm up against a bunch of Mechanical Turks, they came out about even.

108

108

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Threatpost

JANUARY 17, 2018

Hackers are exploiting three Microsoft Office vulnerabilities to spread the Zyklon HTTP malware.

Malware 59

Malware Cryptocurrency Hacking 59

Dark Reading

JANUARY 17, 2018

New research categorizes CISOs into four distinct groups based on factors related to workforce, governance, and security controls.

CISO 59

CISO Government 59

eSecurity Planet

JANUARY 19, 2018

We review Flexera Corporate Software Inspector, a patch management solution for Windows, Mac OS and Red Hat Linux.

Software 55

Software 55

WIRED Threat Level

JANUARY 14, 2018

It's a new name for an old argument: that public agencies fighting crime and terrorism must have access to our private communications—for our own good.

Encryption 108

Encryption 108

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Threatpost

JANUARY 18, 2018

A massive mobile espionage campaign has been collecting troves of sensitive personal information since 2012, according to a new report from the Electronic Frontier Foundation and security firm Lookout.

Mobile 52

Mobile Government Malware 52

Dark Reading

JANUARY 17, 2018

Threat actors from both nations ramped up their activities sharply in 2017, Flashpoint says in a new threat intelligence report.

56

56

eSecurity Planet

JANUARY 19, 2018

Patch management might be the single most important security tool. We review 9 of the top patch management solutions.

54

54

WIRED Threat Level

JANUARY 13, 2018

Meltdown, Spectre, malicious Android apps, and more of the week's top security news.

107

107

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Threatpost

JANUARY 17, 2018

Enterprise applications from Oracle and others could be becoming juicier targets for attackers.

Hacking 52

Hacking 52

Dark Reading

JANUARY 16, 2018

These seven approaches can change the way you tackle problems.

54

54

eSecurity Planet

JANUARY 19, 2018

We review Ivanti Patch, a range of patch management solutions for small companies through large enterprises.

49

49

WIRED Threat Level

JANUARY 18, 2018

New research advances techniques for finding and exploiting known vulnerabilities in IoT devices automatically.

IoT 104

IoT 104

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity