Schneier on Security

OCTOBER 31, 2019

Interesting story. I always recommend using a random number generator like Fortuna , even if you're using a hardware random source. It's just safer.

202

202

Krebs on Security

OCTOBER 30, 2019

Top domain name registrars NetworkSolutions.com , Register.com and Web.com are asking customers to reset their passwords after discovering an intrusion in August 2019 in which customer account information was accessed. A notice to customers at notice.web.com. “On October 16, 2019, Web.com determined that a third-party gained unauthorized access to a limited number of its computer systems in late August 2019, and as a result, account information may have been accessed,” Web.com said i

Passwords 145

Passwords Accountability Encryption Data breaches 145

The Last Watchdog

OCTOBER 29, 2019

If your daily screen time is split between a laptop browser and a smartphone, you may have noticed that a few browser web pages are beginning to match the slickness of their mobile apps. Related: The case for a microservices firewall Netflix and Airbnb are prime examples of companies moving to single-page applications, or SPAs , in order to make their browser webpages as responsive as their mobile apps.

Mobile 140

Mobile Digital transformation Data breaches Firewall 140

Tech Republic Security

NOVEMBER 1, 2019

Capture the Flag challenge encourages women to pursue cybersecurity careers and connects experts with newcomers

Cybersecurity 132

Cybersecurity 132

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Schneier on Security

OCTOBER 28, 2019

In an extraordinary essay , the former FBI general counsel Jim Baker makes the case for strong encryption over government-mandated backdoors: In the face of congressional inaction, and in light of the magnitude of the threat, it is time for governmental authorities­ -- including law enforcement­ -- to embrace encryption because it is one of the few mechanisms that the United States and its allies can use to more effectively protect themselves from existential cybersecurity threats, particularly

Encryption 163

Encryption Cybersecurity Internet Internet 163

Krebs on Security

OCTOBER 29, 2019

Reporting on the exposure of some 26 million stolen credit cards leaked from a top underground cybercrime store highlighted some persistent and hard truths. Most notably, that the world’s largest financial institutions tend to have a much better idea of which merchants and bank cards have been breached than do the thousands of smaller banks and credit unions across the United States.

Banking 124

Banking Cybercrime Accountability Technology 124

Tech Republic Security

OCTOBER 30, 2019

Find out how to better secure your chromebook with these easy tips.

131

131

Schneier on Security

OCTOBER 30, 2019

WhatsApp is suing the Israeli cyberweapons arms manufacturer NSO Group in California court: WhatsApp's lawsuit, filed in a California court on Tuesday, has demanded a permanent injunction blocking NSO from attempting to access WhatsApp computer systems and those of its parent company, Facebook. It has also asked the court to rule that NSO violated US federal law and California state law against computer fraud, breached their contracts with WhatsApp and "wrongfully trespassed" on Facebook's prope

Manufacturing 131

Manufacturing Spyware Hacking 131

Daniel Miessler

NOVEMBER 1, 2019

I was just thinking about the biggest breaches we’ve had in history, from companies like Adobe, LinkedIn, Equifax, Marriott, Target, etc., and wondering how badly they’ve been affected long-term. Stock price doesn’t tell the full story of whether something impacted a company. I’m wondering one specific thing about these top companies with the biggest breaches: What percentage of companies that were top-three in their industry, were dropped out of their top-three spot as a

Marketing 100

Marketing Data breaches InfoSec CISO 100

Adam Shostack

NOVEMBER 1, 2019

Recently, I’ve seen four cybersecurity approaches for medical devices, and we can learn by juxtaposing them. The Principles and Practices for Medical Device Cybersecurity is a process-centered and comprehensive document from the International Medical Device Regulators Forum. It covers pre- and post- market considerations, as well as information sharing and coordinated vuln disclosure.

Manufacturing 100

Manufacturing Marketing Software Cybersecurity 100

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Tech Republic Security

OCTOBER 29, 2019

The ServiceNow and Ponemon study found an average 24% increase in cybersecurity spending and a 17% rise in attacks.

Cybersecurity 122

Cybersecurity 122

Schneier on Security

NOVEMBER 1, 2019

Kathryn Waldron at R Street has collected all of the different resources and methodologies for measuring cybersecurity.

Cybersecurity 125

Cybersecurity 125

Daniel Miessler

OCTOBER 28, 2019

This is UL Member Content Subscribe Already a member? Login No related posts.

Information Security 100

Information Security 100

Adam Shostack

OCTOBER 28, 2019

The Economist Reflects on Liberalism is the sort of in-depth writing and thinking that makes the magazine so great: “ Reinventing Liberalism for the 21st century.” Evading Machine Learning Malware Classifiers , from the winner of the Defcon Machine Learning Static Evasion Competition. The general counsel of the NSA and former general counsel of the FBI have editorials on encryption.

Encryption 100

Encryption Malware 100

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Tech Republic Security

OCTOBER 31, 2019

Locating and blocking unwanted open ports in Linux should be a task every network admin knows how to do.

118

118

Schneier on Security

OCTOBER 29, 2019

The Carnegie Endowment for Peace published a comprehensive report on ICT (information and communication technologies) supply-chain security and integrity. It's a good read, but nothing that those who are following this issue don't already know.

Technology 120

Technology 120

Daniel Miessler

OCTOBER 27, 2019

[advanced_iframe src=”[link] width=”100%” height=”7000px”] No related posts.

Information Security 100

Information Security 100

Security Affairs

OCTOBER 31, 2019

Two hackers have pleaded guilty to hacking Uber and LinkedIn’s Lynda.com service in 2016 and attempted to extort money from the two companies. Brandon Charles Glover and Vasile Mereacre are two hackers that have pleaded guilty to hacking Uber and LinkedIn’s Lynda.com service in 2016. The defendants have also attempted to extort money from the companies requesting them to pay ‘bug bounties’ to avoid publicly disclose the data breaches.

Data breaches 99

Data breaches Hacking Advertising Accountability 99

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Tech Republic Security

OCTOBER 29, 2019

Learn how to make specific folders and files on OneDrive more secure by using Personal Vault.

116

116

Thales Cloud Protection & Licensing

OCTOBER 31, 2019

We’ve all watched a horror film and said “why are you doing that?!” as the main characters walk aimlessly down to a basement filled with chain saws or shouted, “are you stupid?!!” as they decide that it’s a good idea to hitchhike alone in the dark. While these fictional horror stories are created simply to frighten the audience, real-world businesses are just as guilty of making naïve decisions when it comes to protecting sensitive data, but with very scary consequences that exist.

Encryption 88

Encryption Backups Authentication Data privacy 88

WIRED Threat Level

OCTOBER 29, 2019

Alexa, Siri, and Google Assistant now all give you ways to opt out of human transcription of your voice snippets. Do it.

Artificial Intelligence 75

Artificial Intelligence 75

Security Affairs

OCTOBER 26, 2019

asty PHP7 remote code execution bug exploited in the wild. Experts warn of a remote code execution vulnerability in PHP7, tracked as CVE-2019-11043, has been exploited in attacks in the wild. A remote code execution vulnerability in PHP7, tracked as CVE-2019-11043, has been exploited in attacks in the wild. On October 22, the security expert Omar Ganiev announced via Twitter the availability of a “freshly patched” remote code execution vulnerability in PHP-FPM , the FastCGI Process Manager

Hacking 95

Hacking Advertising Information Security 95

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Tech Republic Security

OCTOBER 30, 2019

Jack Wallen offers up his best advice for avoiding malware on Android.

Malware 116

Malware 116

Thales Cloud Protection & Licensing

OCTOBER 29, 2019

Today, I’m excited to share that Ground Labs , a market leader in data discovery has entered a strategic partnership with Thales. Our joint objective is to empower the discovery and remediation of sensitive data. Unlike alternative solutions that can leave sensitive data exposed or compromised, the joint solution will enable organizations to automatically find and classify sensitive data across heterogeneous environments, understand the risks, and mitigate them through policy-based remediation…a

Risk 86

Risk Big data Technology Data privacy 86

WIRED Threat Level

OCTOBER 28, 2019

Fancy Bear has attacked 16 anti-doping agencies around the world, indicating that its Olympics grudge is far from over.

Hacking 76

Hacking 76

Security Affairs

NOVEMBER 1, 2019

One of the two flaws in Chrome addressed by Google, CVE-2019-13720, was exploited in a campaign that experts attribute to Korea-linked threat actors. This week Google released security updates to address two high severity vulnerabilities in the Chrome browser, one of which is a zero-day flaw actively exploited in attacks in the wild to hijack computers.

Advertising 84

Advertising Encryption Hacking Information Security 84

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Tech Republic Security

OCTOBER 28, 2019

A new report from IntSights details the many ways cybercriminals break into a new generation of highly digitized cars.

Software 113

Software 113

Dark Reading

OCTOBER 28, 2019

The database was open for approximately one week before the problem was discovered.

66

66

WIRED Threat Level

OCTOBER 28, 2019

As data hijackers continue to target local governments and hospitals, legislators remain stymied over how best to address the problem.

Ransomware 70

Ransomware Government 70

Security Affairs

NOVEMBER 1, 2019

Google released security updates to address two high severity flaws in Chrome, one of which is actively exploited in attacks in the wild to hijack computers. Google released security updates to address two high severity vulnerabilities in the Chrome browser, one of which is a zero-day flaw actively exploited in attacks in the wild to hijack computers.

Advertising 77

Advertising Hacking Information Security 77

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity