Schneier on Security
APRIL 3, 2018
The US Consumer Product Safety Commission is holding hearings on IoT risks: The U.S. Consumer Product Safety Commission (CPSC, Commission, or we) will conduct a public hearing to receive information from all interested parties about potential safety issues and hazards associated with internet-connected consumer products. The information received from the public hearing will be used to inform future Commission risk management work.
Troy Hunt
APRIL 6, 2018
We're in Hawaii! "We" being Scott Helme and myself and we're here for the Loco Moco Sec conference which has been a heap of fun (the location may have played a part in that.) And what a location: Scott joined me for this week's update and we were fresh out of a great talk from the Google Chrome Security PM so have a bit to share there about changes coming to the browser.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
WIRED Threat Level
APRIL 4, 2018
Fin7, also known as JokerStash, Carbanak, and other names, is one of the most successful criminal hacking groups in the world.
Thales Cloud Protection & Licensing
APRIL 4, 2018
Thales eSecurity’s CTO Jon Geater and Peter Carlisle , Thales eSecurity’s VP of Sales, EMEA, were recently featured in major news outlets espousing their opinions about internet-connected devices and the new Cyber Security Export Strategy. Geater, on new UK IoT security guidelines. Earlier this month, the UK government announced guidelines to make internet-connected devices safer.
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
Schneier on Security
APRIL 4, 2018
This is a really interesting research result. This paper proves that two parties can create a secure communications channel using a communications system with a backdoor. It's a theoretical result, so it doesn't talk about how easy that channel is to create. And the assumptions on the adversary are pretty reasonable: that each party can create his own randomness, and that the government isn't literally eavesdropping on every single part of the network at all times.
eSecurity Planet
APRIL 3, 2018
Compare top 10 DDoS vendors on key characteristics such as use cases, delivery, intelligence, and pricing, to help your enterprise choose the best solution for your DDoS security needs.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
Threatpost
APRIL 4, 2018
Intel has halted patches for older chips addressing the Spectre vulnerability, according to a recent microcode update.
eSecurity Planet
APRIL 3, 2018
A look at the strengths and weaknesses of AlienVault and Splunk, two leading SIEM solutions.
WIRED Threat Level
APRIL 6, 2018
DHS this week confirmed that Washington, DC is littered with fake cell tower surveillance devices, but nothing will likely be done to fix it.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Dark Reading
APRIL 5, 2018
Being hit by a cyberattack is going to be painful. But it can be less painful if you're prepared, and these best practices can help.
Threatpost
APRIL 6, 2018
Researchers said a Mirai botnet variant, possibly linked to the IoTroop or Reaper botnet, was leveraged in attacks against the financial sector.
eSecurity Planet
APRIL 3, 2018
We review Akamai's DDoS solution, which handles up to 8 Tbps of network capacity while mitigating DNS-based DDoS attacks and protecting DNS services.
WIRED Threat Level
APRIL 2, 2018
As cryptojacking takes over the web, Google will put a stop to cryptomining extensions that prey on unsuspecting installers.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Dark Reading
APRIL 5, 2018
New studies show how patching continues to dog most organizations - with real consequences.
Threatpost
APRIL 4, 2018
After a cyberattack shut down numerous pipeline communication networks this week experts are stressing the importance of securing third-party systems in supervisory control and data acquisition (SCADA) environments.
Thales Cloud Protection & Licensing
APRIL 3, 2018
RSA Conference 2018 is just under two weeks away, and there isn’t a better moment to talk about data security and privacy. The theme for RSA this year is ‘Now Matters.’ Based on the countless data breaches, hacks and ransomware attacks that occurred in the past year, now certainly matters We saw new forms of ransomware with the WannaCry and Petya attacks that took place in the Spring of 2017 as a result of the Shadow Broker’s NSA data dump.
WIRED Threat Level
APRIL 6, 2018
Insuring against hacks and breaches can be a lucrative business—but also presents unique challenges.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Dark Reading
APRIL 3, 2018
Personal information exposed in plain text for months on Panerabread.com and the company's response failed to rise to the challenge.
Threatpost
APRIL 3, 2018
Google updates its Android OS to address its own OS and component partners Qualcomm and Broadcom.
Thales Cloud Protection & Licensing
APRIL 5, 2018
Key Findings from the 2018 Global Encryption Trends Study. Data is the lifeblood of a successful business in today’s world, but the balance of using it effectively and protecting it properly is pushing enterprises to the brink. With more organizations using multiple cloud providers to store and process their data, while at the same time needing to demonstrate compliance with increasingly stringent regulations, it’s essential to have a data protection strategy that is up to the task.
WIRED Threat Level
APRIL 3, 2018
The appointment of Paul Nakasone raises the question again: Should the NSA and Cyber Command be controlled by one man?
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Dark Reading
APRIL 3, 2018
The massive budgets devoted to cybersecurity need to come with better metrics.
Threatpost
APRIL 5, 2018
Security experts say breaches impacting Delta Air Lines and Sears customers is tied to malware planted on a third-party chat service.
eSecurity Planet
APRIL 3, 2018
We review Cloudflare’s DDoS capabilities, which incorporate machine learning capabilities and can handle attacks as large as 15 Tbps.
WIRED Threat Level
APRIL 6, 2018
It's good that Facebook is addressing its many privacy woes, but reacting rather than planning leaves some fixes feeling half-baked.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Dark Reading
APRIL 5, 2018
Healthcare organizations often overlook the supply chain, which researchers say is their most vulnerable facet.
Threatpost
APRIL 3, 2018
Panera is in hot water after sitting on a massive data leak for eight months on its website - and then trying to downplay the amount of customers impacted by the leak.
eSecurity Planet
APRIL 3, 2018
We review F5’s DDoS solution, which protects against blended attacks that combine volumetric and application-specific attacks.
WIRED Threat Level
MARCH 31, 2018
As always, we’ve rounded up all the news we didn’t break or cover in depth this week.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Expert insights. Personalized for you.
240 
Let's personalize your content