Schneier on Security
APRIL 3, 2018
The US Consumer Product Safety Commission is holding hearings on IoT risks: The U.S. Consumer Product Safety Commission (CPSC, Commission, or we) will conduct a public hearing to receive information from all interested parties about potential safety issues and hazards associated with internet-connected consumer products. The information received from the public hearing will be used to inform future Commission risk management work.
Troy Hunt
APRIL 6, 2018
We're in Hawaii! "We" being Scott Helme and myself and we're here for the Loco Moco Sec conference which has been a heap of fun (the location may have played a part in that.) And what a location: Scott joined me for this week's update and we were fresh out of a great talk from the Google Chrome Security PM so have a bit to share there about changes coming to the browser.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Thales Cloud Protection & Licensing
APRIL 4, 2018
Thales eSecurity’s CTO Jon Geater and Peter Carlisle , Thales eSecurity’s VP of Sales, EMEA, were recently featured in major news outlets espousing their opinions about internet-connected devices and the new Cyber Security Export Strategy. Geater, on new UK IoT security guidelines. Earlier this month, the UK government announced guidelines to make internet-connected devices safer.
WIRED Threat Level
APRIL 4, 2018
Fin7, also known as JokerStash, Carbanak, and other names, is one of the most successful criminal hacking groups in the world.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Schneier on Security
APRIL 4, 2018
This is a really interesting research result. This paper proves that two parties can create a secure communications channel using a communications system with a backdoor. It's a theoretical result, so it doesn't talk about how easy that channel is to create. And the assumptions on the adversary are pretty reasonable: that each party can create his own randomness, and that the government isn't literally eavesdropping on every single part of the network at all times.
eSecurity Planet
APRIL 3, 2018
Compare top 10 DDoS vendors on key characteristics such as use cases, delivery, intelligence, and pricing, to help your enterprise choose the best solution for your DDoS security needs.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
WIRED Threat Level
APRIL 5, 2018
Cambridge researchers point to an 1816 precedent that could fundamentally change how "dirty" Bitcoins are tracked.
eSecurity Planet
APRIL 3, 2018
We review Akamai's DDoS solution, which handles up to 8 Tbps of network capacity while mitigating DNS-based DDoS attacks and protecting DNS services.
Threatpost
APRIL 4, 2018
After a cyberattack shut down numerous pipeline communication networks this week experts are stressing the importance of securing third-party systems in supervisory control and data acquisition (SCADA) environments.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
WIRED Threat Level
APRIL 6, 2018
DHS this week confirmed that Washington, DC is littered with fake cell tower surveillance devices, but nothing will likely be done to fix it.
Dark Reading
APRIL 5, 2018
Being hit by a cyberattack is going to be painful. But it can be less painful if you're prepared, and these best practices can help.
Thales Cloud Protection & Licensing
APRIL 5, 2018
Key Findings from the 2018 Global Encryption Trends Study. Data is the lifeblood of a successful business in today’s world, but the balance of using it effectively and protecting it properly is pushing enterprises to the brink. With more organizations using multiple cloud providers to store and process their data, while at the same time needing to demonstrate compliance with increasingly stringent regulations, it’s essential to have a data protection strategy that is up to the task.
Threatpost
APRIL 4, 2018
Intel has halted patches for older chips addressing the Spectre vulnerability, according to a recent microcode update.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
WIRED Threat Level
APRIL 6, 2018
It's good that Facebook is addressing its many privacy woes, but reacting rather than planning leaves some fixes feeling half-baked.
Dark Reading
APRIL 2, 2018
The infamous Carbanak/FIN7 cybercrime syndicate breached Saks and Lord & Taylor and is now selling some of the stolen credit card accounts on the Dark Web.
eSecurity Planet
APRIL 3, 2018
A look at the strengths and weaknesses of AlienVault and Splunk, two leading SIEM solutions.
Threatpost
APRIL 6, 2018
Researchers said a Mirai botnet variant, possibly linked to the IoTroop or Reaper botnet, was leveraged in attacks against the financial sector.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
WIRED Threat Level
APRIL 2, 2018
As cryptojacking takes over the web, Google will put a stop to cryptomining extensions that prey on unsuspecting installers.
Dark Reading
APRIL 3, 2018
Personal information exposed in plain text for months on Panerabread.com and the company's response failed to rise to the challenge.
eSecurity Planet
APRIL 3, 2018
We review Imperva Incapsula's DDoS protection capabilities, which filter traffic through a series of progressive challenges that block attacks without slowing legitimate traffic.
Threatpost
APRIL 6, 2018
Privacy advocates are up in arms after Facebook CEO Mark Zuckerberg said most of the two billion users of the social network may have had their data scraped by malicious actors using a reverse search tool.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
WIRED Threat Level
APRIL 3, 2018
The appointment of Paul Nakasone raises the question again: Should the NSA and Cyber Command be controlled by one man?
Dark Reading
APRIL 4, 2018
Attackers and malware can easily move laterally through an organization, thanks to inadequate access controls on file systems and a proliferation of inactive but enabled users.
eSecurity Planet
APRIL 3, 2018
We review Verisign’s DDoS mitigation capabilities, which include monitoring and mitigation services, as well as the ability to ingest threat data from an enterprise’s existing security systems.
Threatpost
APRIL 3, 2018
Panera is in hot water after sitting on a massive data leak for eight months on its website - and then trying to downplay the amount of customers impacted by the leak.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
WIRED Threat Level
APRIL 6, 2018
Insuring against hacks and breaches can be a lucrative business—but also presents unique challenges.
Dark Reading
APRIL 2, 2018
With an ever-growing list of security and compliance requirements, security can hinder or slow business initiatives. Is your security department stuck in slow gear or can it go faster?
eSecurity Planet
APRIL 3, 2018
We review Cloudflare’s DDoS capabilities, which incorporate machine learning capabilities and can handle attacks as large as 15 Tbps.
Threatpost
APRIL 4, 2018
Intel said it is lights out for its Remote Keyboard app just as security researchers find three vulnerabilities that let local attackers inject keystrokes in sessions.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Expert insights. Personalized for you.
204 
Let's personalize your content