Troy Hunt
NOVEMBER 29, 2017
Last week I wrote about my upcoming congressional testimony and wow - you guys are awesome! Seriously, the feedback there was absolutely sensational and it's helped shape what I'll be saying to the US Congress, including lifting specific wording and phrases provided by some of you. Thank you! As I explained in that first blog post, I'm required to submit a written testimony 48 hours in advance of the event.
Schneier on Security
DECEMBER 1, 2017
A Turkish Airlines flight made an emergency landing because someone named his wireless network (presumably from his smartphone) "bomb on board.". In 2006, I wrote an essay titled " Refuse to be Terrorized." (I am also reminded of my 2007 essay, " The War on the Unexpected." A decade later, it seems that the frequency of incidents like the one above is less, although not zero.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
WIRED Threat Level
DECEMBER 1, 2017
The Justice Department has struck a plea deal with Nghia Hoang Pho, a programmer in the NSA's elite operations unit, for taking his highly classified work home with him.
Thales Cloud Protection & Licensing
NOVEMBER 28, 2017
At Thales eSecurity we are always eager to obtain data on how the world perceives threats to personal data, because it has the potential to inform us on how to make our everyday lives more safe and secure. Together with an independent firm, we recently conducted a survey of 1,000 consumers across the U.S. and UK and found that ownership of internet-connected cars is on the rise.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Troy Hunt
NOVEMBER 30, 2017
Last week, I was sitting next to a croc-infested river in the middle of nowhere (relatively speaking). This week, I'm in front of the United States Capital having just spoken to the very people who create the laws that govern not just the US but let's face it, have a significant impact on the rest of the world. Today was just one of those moments that make you go. whoa.
Schneier on Security
NOVEMBER 28, 2017
This is an interesting tactic, and there's a video of it being used: The theft took just one minute and the Mercedes car, stolen from the Elmdon area of Solihull on 24 September, has not been recovered. In the footage, one of the men can be seen waving a box in front of the victim's house. The device receives a signal from the key inside and transmits it to the second box next to the car.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Thales Cloud Protection & Licensing
NOVEMBER 30, 2017
Certifying the full compatibility of the Thales Vormetric Data Security Manager (DSM) with the VMware platform was a critical element in ensuring our mutual customers’ satisfaction. Traditionally, this certification has been a cumbersome, and sometimes expensive task, requiring equipment, time and resources. Now, with the rollout of VMware’s Cloud Certification Platform, those times are over.
eSecurity Planet
DECEMBER 1, 2017
The data is unusually sensitive, including full credit card and bank account numbers as well as images of Social Security cards and driver's licenses.
Schneier on Security
NOVEMBER 29, 2017
The cell phones we carry with us constantly are the most perfect surveillance device ever invented, and our laws haven't caught up to that reality. That might change soon. This week, the Supreme Court will hear a case with profound implications on your security and privacy in the coming years. The Fourth Amendment's prohibition of unlawful search and seizure is a vital right that protects us all from police overreach, and the way the courts interpret it is increasingly nonsensical in our compute
WIRED Threat Level
DECEMBER 1, 2017
Further analysis of North Korea's latest ICBM launch shows that the country can likely land a nuclear weapon anywhere in the continental United States.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Thales Cloud Protection & Licensing
NOVEMBER 29, 2017
In the month of October, I wrote about reducing scope for PCI DSS. In this blog, I take it a step further with a discussion about the options available for securing data. Not all types of encryption give you the coverage and flexibility you need. There’s no one-size-fits-all solution for protecting account data; every organization is different, faces different threats and has different security objectives that (ideally) go beyond PCI DSS compliance.
eSecurity Planet
NOVEMBER 27, 2017
That's a 35 percent increase over the previous quarter.
Schneier on Security
NOVEMBER 27, 2017
Uber was hacked, losing data on 57 million driver and rider accounts. The company kept it quiet for over a year. The details are particularly damning : The two hackers stole data about the company's riders and drivers Â-- including phone numbers, email addresses and names -- from a third-party server and then approached Uber and demanded $100,000 to delete their copy of the data, the employees said.
WIRED Threat Level
NOVEMBER 29, 2017
Opinion: The US argues that police can access cell phone records freely because customers volunteer that data. But cell phones are no longer optional.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Threatpost
NOVEMBER 28, 2017
A major bug in Apple’s macOS High Sierra gives anyone with physical access to a system running the latest version of the OS root access simply by putting "root" in the user name field.
eSecurity Planet
NOVEMBER 29, 2017
Amazon doesn't want a repeat of the Mirai botnet, so it has launched a new service to help monitor and protect against IoT device risks.
Schneier on Security
NOVEMBER 30, 2017
ZDNet is reporting about another data leak, this one from US Army's Intelligence and Security Command (INSCOM), which is also within to the NSA. The disk image, when unpacked and loaded, is a snapshot of a hard drive dating back to May 2013 from a Linux-based server that forms part of a cloud-based intelligence sharing system, known as Red Disk. The project, developed by INSCOM's Futures Directorate, was slated to complement the Army's so-called distributed common ground system (DCGS), a legacy
WIRED Threat Level
NOVEMBER 28, 2017
The FCC's net neutrality public comment period was overrun with bots, making it all but impossible for any one voice to be heard. That's not how this is supposed to work.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Threatpost
NOVEMBER 30, 2017
A Cisco Systems security advisory is urges users of its WebEx platform to patch six vulnerabilities that could allow attackers to execute remote code.
Dark Reading
NOVEMBER 30, 2017
Washington AG files multimillion-dollar consumer protection lawsuit; multiple states also confirm they are investigating the Uber breach, which means more lawsuits may follow.
Schneier on Security
NOVEMBER 28, 2017
By David Gurteen I've just spent a few days in Riyadh where I gave a talk and run a Knowledge Café as part of a KM Forum entitled "Knowledge Management Utilization in Realizing Saudi Vision 2030" organized by the Naseej Academy. Saudi Vision 2030 is a plan to reduce Saudi Arabia's dependence on oil, diversify its economy, and develop public service sectors such as health, education, infrastructure, recreation, and tourism.
WIRED Threat Level
NOVEMBER 28, 2017
A Turkish company found a glaring flaw in Apple's desktop operating system that gives anyone deep access, no password required.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Threatpost
NOVEMBER 28, 2017
For the second time in ten days, researchers at UpGuard released sensitive data belonging to the United States Defense Department that was stored insecurely online.
Dark Reading
NOVEMBER 29, 2017
Greg Touhill's advice for security leaders includes knowing the value of information, hardening their workforce, and prioritizing security by design.
eSecurity Planet
NOVEMBER 29, 2017
The exposed data includes information on the Army's Distributed Common Ground System and its cloud component, Red Disk.
WIRED Threat Level
DECEMBER 1, 2017
Opinion: Two senators from opposing parties argue that voting machines should be considered critical infrastructure, and funded accordingly.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
Threatpost
NOVEMBER 30, 2017
Researchers say a new remote access Trojan dubbed UBoatRAT is targeting individuals or organizations linked to South Korea or video games industry.
Dark Reading
NOVEMBER 28, 2017
The rise of artificial intelligence, machine learning, hivenets, and next-generation morphic malware is leading to an arms race that enterprises must prepare for now.
eSecurity Planet
NOVEMBER 28, 2017
Fortinet reports that 35 percent of organizations it monitored were attacked with the Apache Struts vulnerability in the third quarter of 2017.
WIRED Threat Level
NOVEMBER 29, 2017
A new analysis of the FCC's net neutrality comment period shows millions of fake or duplicate email addresses and other alarming absurdities.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Expert insights. Personalized for you.
220 
Let's personalize your content