Schneier on Security
JUNE 4, 2018
Last week, researchers disclosed vulnerabilities in a large number of encrypted email clients: specifically, those that use OpenPGP and S/MIME, including Thunderbird and AppleMail. These are serious vulnerabilities : An attacker who can alter mail sent to a vulnerable client can trick that client into sending a copy of the plaintext to a web server controlled by that attacker.
Troy Hunt
JUNE 8, 2018
I don't normally do back-to-back blog posts, but this was no normal week! I just posted about how I won the European Security Blogger Award Grand Prix Prize for the Best Overall Security Blog and per the title of this post, a couple of hours later Scott Helme and I backed it up with this at the SC Awards : To us! ?? #SCAwards2018 pic.twitter.com/Gv7hhzT9T2 — Report URI (@reporturi) June 5, 2018.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Dark Reading
JUNE 5, 2018
IOActive researcher will demonstrate at Black Hat USA how satellite equipment can be 'weaponized.
WIRED Threat Level
JUNE 7, 2018
Encyclopedia Britannica released a Chrome extension designed to fix Google's sometimes inaccurate "featured snippets.".
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
Schneier on Security
JUNE 5, 2018
Ross Anderson has a new paper on cryptocurrency exchanges. From his blog : Bitcoin Redux explains what's going wrong in the world of cryptocurrencies. The bitcoin exchanges are developing into a shadow banking system, which do not give their customers actual bitcoin but rather display a "balance" and allow them to transact with others. However if Alice sends Bob a bitcoin, and they're both customers of the same exchange, it just adjusts their balances rather than doing anything on the blockchain
eSecurity Planet
JUNE 6, 2018
Vulnerabilities abound and cybercriminals are more aggressive than ever, but enterprises and security vendors are responding.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
WIRED Threat Level
JUNE 4, 2018
The next version of Safari takes on ad-trackers more aggressively than ever.
Schneier on Security
JUNE 6, 2018
We all know that it happens: when we see a security warning too often -- and without effect -- we start tuning it out. A new paper uses fMRI, eye tracking, and field studies to prove it.
Threatpost
JUNE 8, 2018
A Facebook glitch in May set millions of posts that users composed to “public" for ten days.
Dark Reading
JUNE 5, 2018
A researcher found email addresses and hashed passwords of nearly 92.3 million users stored on a server outside MyHeritage.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
WIRED Threat Level
JUNE 5, 2018
The tech giant will officially acquire the legendary developer platform. The question now is what happens to some of the code it hosts.
Lenny Zeltser
JUNE 2, 2018
If you’re in the business of safeguarding data and the systems that process it, what do you call your profession? Are you in cybersecurity? Information security? Computer security, perhaps? The words we use, and the way in which the meaning we assign to them evolves, reflects the reality behind our language. If we examine the factors that influence our desire to use one security title over the other, we’ll better understand the nature of the industry and its driving forces.
Thales Cloud Protection & Licensing
JUNE 5, 2018
A few years ago, the term cryptocurrency was only used among the tech elite and the only type available for purchase was Bitcoin. Fast forward to 2018 when the average consumer is able to invest and has a pick of over 1,800 different kinds of cryptocurrencies to choose from. It doesn’t come as much of surprise that people are eager to learn more about this new space and profitable industry.
Dark Reading
JUNE 2, 2018
Most home office users need to simply power cycle their routers and disable remote access; enterprises with work-at-home employees should move NAS behind the firewall.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
WIRED Threat Level
JUNE 3, 2018
Beyond big data, officers are increasingly turning to software and predictive analytics from companies like Palantir to anticipate when and where misdeeds are likely to occur.
Threatpost
JUNE 5, 2018
An analysis of 10,000 mobile apps has found that a significant portion of them are open to web API hijacking – thanks to inconsistencies between app and server logic in web APIs.
Kali Linux
JUNE 5, 2018
UPDATE NOV 2019 This post is out of date as of 2019 as powershell has been added to the primary repos. Just do a: apt update && apt -y install powershell And you will have powershell on your system. Old Post You may already be aware that you can safely add external repositories to your Kali Linux installation but you may not be aware that one of the many repositories available online includes one from Microsoft that includes PowerShell.
Dark Reading
JUNE 4, 2018
Soccer-themed emails and Web pages target fans with fake giveaways and the chance to snag overpriced, illegitimate 'guest tickets.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
WIRED Threat Level
JUNE 7, 2018
In late May, millions of Facebook users had new posts set to public by default.
Threatpost
JUNE 7, 2018
Pen Test Partners demonstrates how to send vessels off-course or even onto a path to collision -- fairly easily.
Spinone
JUNE 8, 2018
Organizations are having difficult times trying to keep up with the security levels needed to eliminate or at least minimize modern cyber security problems. As technologies evolve, so do the skills of cyber criminals. The main goal of advanced mechanisms to combat the growing numbers of attacks is to identify the weak points before the hackers do. From identity theft to credit card numbers being taken away, Machine Learning and Artificial Intelligence play an instrumental role in establishing ne
Dark Reading
JUNE 4, 2018
Previously known threat actor Group 123 likely behind NavRAT malware, security vendor says.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
WIRED Threat Level
JUNE 8, 2018
By expanding the case against Marcus Hutchins, the Department of Justice has signaled a troubling interpretation of cybersecurity law.
Threatpost
JUNE 7, 2018
Adobe patched the Flash Player vulnerability (CVE-2018-5002) earlier on Thursday.
Schneier on Security
JUNE 8, 2018
When Marc Zuckerberg testified before both the House and the Senate last month, it became immediately obvious that few US lawmakers had any appetite to regulate the pervasive surveillance taking place on the internet. Right now, the only way we can force these companies to take our privacy more seriously is through the market. But the market is broken.
Dark Reading
JUNE 4, 2018
Cloud-based WAFs protect applications without the costs and complexity of on-prem hardware. Here's what to keep in mind as you browse the growing market.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
WIRED Threat Level
JUNE 6, 2018
Alexander Nix testified before Parliament, but provided more bluster than answers.
Threatpost
JUNE 6, 2018
The incident is another reminder that third-party software and services are an easy way for attackers to steal sensitive data.
Troy Hunt
JUNE 8, 2018
I'm not sure how I found myself in a European award program, maybe it's like Australians in Eurovision ? But somehow, I wiggled my way into The European Security Blogger Awards and before even having a chance to come down off the high that was last week's Award for Information Security Excellence at the AusCERT conference in Australia , this happened: @troyhunt hey mate, you just won the EU security blogger of the year.
Dark Reading
JUNE 5, 2018
To be held in Chicago Oct.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Expert insights. Personalized for you.
174 
Let's personalize your content