Schneier on Security
AUGUST 6, 2021
Fascinating research: “ Generating Master Faces for Dictionary Attacks with a Network-Assisted Latent Space Evolution.” Abstract: A master face is a face image that passes face-based identity-authentication for a large portion of the population. These faces can be used to impersonate, with a high probability of success, any user, without having access to any user-information.
Troy Hunt
AUGUST 5, 2021
The greatest gift I can give my kids is a love of technology. I mean after all the usual Maslow's hierarchy of needs stuff , of course, the thing that I (and many of my readers) can instil in our kids is a deep passion for this life-altering and possibly career-defining thing that increasingly defines our everyday being. And without doubt, the best educational technology thing I've ever brought home is my Prusa 3D printer.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Daniel Miessler
AUGUST 5, 2021
I’ve always been fascinated by security that was “just good enough” I think lots of security actually qualifies (see The News), but I think fencing (and maybe bike locks) take first prize. As a kid I used to love breaking into stuff. Nighttime construction sites. Abandoned buildings. Whatever. And the older I got the more I started paying attention to how silly most fences are.
Joseph Steinberg
AUGUST 5, 2021
(I co-wrote this article with Mark Lynd , CISSP, ISSAP & ISSMP, Head of Digital Business at NETSYNC.). While leveraging cyber-liability insurance has become an essential component of cyber-risk mitigation strategy, cyber-liability offerings are still relatively new, and, as a result, many parties seeking to obtain coverage are still unaware of many important factors requiring consideration when selecting a policy.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Schneier on Security
AUGUST 3, 2021
Forbes has the story : Paragon’s product will also likely get spyware critics and surveillance experts alike rubbernecking: It claims to give police the power to remotely break into encrypted instant messaging communications, whether that’s WhatsApp, Signal, Facebook Messenger or Gmail, the industry sources said. One other spyware industry executive said it also promises to get longer-lasting access to a device, even when it’s rebooted. […].
Troy Hunt
JULY 31, 2021
The plan this week was to do a super simple update whilst having some time out. In the back yard, sun shining, iPad, Air Pods, all good. Mostly all good - the sound quality on those Air Pods is absolute rubbish. I don't if that's a general truism or there's just something amiss with mine, but the constant fading out is extremely frustrating and I apologise for the sound quality not being up to expectations.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Joseph Steinberg
AUGUST 3, 2021
The Global Foundation for Cyber Studies and Research (GFCyber) announced today that it has launched Cyber Insights , a new digital magazine that aims to help readers stay informed about contemporary cyber-related issues and their potential ramifications, from the perspectives of policy, practice, and technology. Cyber Insights provides policymakers and tech leaders with guidance and suggestions as to what issues they should ponder, and discusses associated challenges and concerns that might war
Schneier on Security
AUGUST 2, 2021
Of course this is hackable: A sophisticated telecommunications satellite that can be completely repurposed while in space has launched. […]. Because the satellite can be reprogrammed in orbit, it can respond to changing demands during its lifetime. […]. The satellite can detect and characterise any rogue emissions, enabling it to respond dynamically to accidental interference or intentional jamming.
Troy Hunt
AUGUST 6, 2021
I'm back in the office this week and back to decent audio and video quality. There's loads of bits and pieces happening as evidence by almost an entire hour disappearing in this week's vid, ranging from problems with tradies (tradespeople), more lockdown, stats on some projects and then this week's blog post, 3D printing with my 9-year old daughter Elle.
Tech Republic Security
AUGUST 5, 2021
Jack Wallen addresses the challenging question of which browser is best to use for transmitting encrypted data.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
The Last Watchdog
AUGUST 4, 2021
A cornucopia of cybersecurity solutions went on public display today as Black Hat USA 2021 convened once more as a live event in Las Vegas. Related: Kaseya hack raises more supply chain worries. For small- and mid-sized businesses (SMBs) cutting through the marketing hype can be daunting. That said, there is one venerable technology – web application firewalls ( WAFs) – that is emerging as a perfect fit for SMBs in today’s environment, as all companies shift to a deeper reliance on cloud service
Schneier on Security
AUGUST 5, 2021
The facts aren’t news, but Zoom will pay $85M — to the class-action attorneys, and to users — for lying to users about end-to-end encryption, and for giving user data to Facebook and Google without consent. The proposed settlement would generally give Zoom users $15 or $25 each and was filed Saturday at US District Court for the Northern District of California.
Adam Shostack
AUGUST 4, 2021
There’s a really interesting article in MIT Tech Review, Hundreds of AI tools have been built to catch covid. None of them helped. Oops, I think I gave away the ending. But there’s a lot of fascinating details: Many unwittingly used a data set that contained chest scans of children who did not have covid as their examples of what non-covid cases looked like.
Tech Republic Security
AUGUST 2, 2021
Leading a team is kind of like when a burglar alarm goes off and "you're the police," says the head of cybersecurity at ExpressVPN.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
The Last Watchdog
AUGUST 4, 2021
Human beings remain the prime target in the vast majority of malicious attempts to breach company networks. Related: Stealth tactics leveraged to weaponize email. Cybersecurity awareness training is valuable and has its place. Yet as Black Hat USA 2021 returns today as a live event in Las Vegas, it remains so true that we can always be fooled — and that the prime vehicle for hornswoggling us remains phishing messages sent via business email.
Schneier on Security
AUGUST 6, 2021
It’s sold out , but the pictures are cute. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.
CyberSecurity Insiders
AUGUST 6, 2021
By Natalie Hays, Mailgun by Pathwire. Phishing is pretty awful, whether you fall for a phishing attempt or have phishers pose as you. But how does phishing really happen and, even more importantly, how do you protect yourself? The first 48 hours – phishing edition. Phishing starts with well… the phishing. Someone sends out the attempt, sometimes posing as us, sometimes as a long-lost relative who just got a massive sum of money from an inheritance.
Tech Republic Security
AUGUST 3, 2021
As more companies are considering the shift to a fully or hybrid remote workforce, accelerating plans to acquire digital and cloud services to address increasing cybersecurity risks is necessary.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
The Last Watchdog
AUGUST 3, 2021
Software developers have become the masters of the digital universe. Related: GraphQL APIs pose new risks. Companies in the throes of digital transformation are in hot pursuit of agile software and this has elevated developers to the top of the food chain in computing. There is an argument to be made that agility-minded developers, in fact, are in a terrific position to champion the rearchitecting of Enterprise security that’s sure to play out over the next few years — much more so than me
We Live Security
AUGUST 6, 2021
The first in our series on IIS threats looks at a malicious IIS extension that intercepts server transactions to steal credit card information. The post IIStealer: A server‑side threat to e‑commerce transactions appeared first on WeLiveSecurity.
Graham Cluley
AUGUST 6, 2021
Apple announces its plan for detecting child sexual abuse images on users' iPhones and Macs. But it's unlikely to be welcomed by those who hold privacy close to their hearts.
Tech Republic Security
AUGUST 3, 2021
Jack Wallen walks you through the steps to join Ubuntu Desktop to Active Directory domains.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
The Last Watchdog
AUGUST 2, 2021
In less than a decade, SOAR — security orchestration, automation and response — has rapidly matured into an engrained component of the security technology stack in many enterprises. Related: Equipping SOCs for the long haul. SOAR has done much since it entered the cybersecurity lexicon to relieve the cybersecurity skills shortage. SOAR leverages automation and machine learning to correlate telemetry flooding in from multiple security systems.
Zero Day
AUGUST 5, 2021
No matter how stalkerware is marketed, it is part of a wider problem: the use of technology in coercive control.
The Hacker News
AUGUST 5, 2021
On the surface, Salesforce seems like a classic Software-as-a-Service (SaaS) platform. Someone might even argue that Salesforce invented the SaaS market. However, the more people work with the full offering of Salesforce, the more they realize that it goes beyond a traditional SaaS platform's capabilities.
Tech Republic Security
AUGUST 5, 2021
New analysis includes salary data, cost of living and how easy it is to find a job and identifies cities with the best pay and the most open positions.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Malwarebytes
AUGUST 4, 2021
By releasing an information sheet that provides guidance on securing wireless devices while in public (pdf) —for National Security System, Department of Defense, and Defense Industrial Base teleworkers—the NSA has provided useful information on malicious techniques used by cyber actors, and ways to protect against them. And anyone that does not belong to that group of teleworkers can still take advantage of the knowledge it has shared!
We Live Security
AUGUST 6, 2021
ESET researchers publish a white paper putting IIS web server threats under the microscope. The post Anatomy of native IIS malware appeared first on WeLiveSecurity.
Security Affairs
AUGUST 4, 2021
The American venture capital firm Advanced Technology Ventures (ATV) disclosed a ransomware attack, crooks also stole data of some private investors. Advanced Technology Ventures (ATV) is an American venture capital firm with more than $1.8 billion in capital under management. The venture capital firm this week disclosed a ransomware attack, threat actors have also stolen the personal information of some of its private investors.
Tech Republic Security
AUGUST 4, 2021
Companies are pulling out all of the stops to attract top talent in a tight labor market. These tips could help companies attract and retain cybersecurity pros in the months ahead.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
Expert insights. Personalized for you.
363 
Let's personalize your content