Troy Hunt

JANUARY 10, 2018

India's Aadhaar implementation is the largest biometric system in the world, holding about 1.2 billion locals' data. It's operating in an era of increasingly large repositories of personal data held by both private companies and governments alike. It's also an era where this sort of information is constantly leaked to unauthorised parties; last year Equifax lost control of 145.5 million records on US consumers (this started a series events which ultimately led to me testifying in front of Congre

Hacking 278

Hacking Government Encryption Risk 278

Schneier on Security

JANUARY 11, 2018

Deputy Attorney General Rosenstein has given talks where he proposes that tech companies decrease their communications and device security for the benefit of the FBI. In a recent talk , his idea is that tech companies just save a copy of the plaintext: Law enforcement can also partner with private industry to address a problem we call "Going Dark." Technology increasingly frustrates traditional law enforcement efforts to collect evidence needed to protect public safety and solve crime.

Encryption 164

Encryption Government Cyber Attacks Advertising 164

WIRED Threat Level

JANUARY 7, 2018

The uncanny coincidences among the Meltdown and Spectre discoveries raise questions about "bug collisions"—and the safety of the NSA's hidden vulnerability collection.

111

111

Thales Cloud Protection & Licensing

JANUARY 11, 2018

Cindy Provin is a 20-year veteran at Thales. This month, she became the CEO for Thales eSecurity. Previously, she served as the President for Thales eSecurity Americas, and Chief Strategy & Marketing Officer for Thales eSecurity. In her new role as CEO, Cindy will be responsible for leading a world-class organization and delivering a portfolio of security solutions to protect data wherever it is created, shared or stored.

Digital transformation 89

Digital transformation Marketing Cybersecurity 89

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Troy Hunt

JANUARY 11, 2018

It's my last day in the sun ?? Well, at least it's my last day in the sun for a couple of weeks so today I've gone to the sunniest place I know. It's "the boat edition" of my weekly update and I apologise up front for the rocking motion, the occasional wind noise (I lost the fluffy bit off my smartLav mic ) and the gratuitous amount of sunshine and beach.

Internet 115

Internet Internet Hacking 115

Schneier on Security

JANUARY 9, 2018

The Washington Post is reporting that poor morale at the NSA is causing a significant talent shortage. A November New York Times article said much the same thing. The articles point to many factors: the recent reorganization , low pay, and the various leaks. I have been saying for a while that the Shadow Brokers leaks have been much more damaging to the NSA -- both to morale and operating capabilities -- than Edward Snowden.

153

153

Dark Reading

JANUARY 11, 2018

How security practitioners can incorporate expert knowledge into machine learning algorithms that reveal security insights, safeguard data, and keep attackers out.

Cybersecurity 88

Cybersecurity 88

eSecurity Planet

JANUARY 9, 2018

IT experts share some their tips on updating IT systems and business processes to comply with the EU's strict new data privacy regulations.

Data privacy 89

Data privacy 89

Schneier on Security

JANUARY 10, 2018

Susan Landau has written a terrific book on cybersecurity threats and why we need strong crypto. Listening In: Cybersecurity in an Insecure Age. It's based in part on her 2016 Congressional testimony in the Apple/FBI case; it examines how the Digital Revolution has transformed society, and how law enforcement needs to -- and can -- adjust to the new realities.

Cybersecurity 136

Cybersecurity Surveillance 136

WIRED Threat Level

JANUARY 11, 2018

The House of Representatives Thursday strengthened spying powers authorized under Section 702 of the 2008 FISA Amendments Act.

Surveillance 111

Surveillance 111

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Dark Reading

JANUARY 8, 2018

A malware tool for stealthily installing software that mines the Monero virtual currency looks like the handiwork of North Korean threat actors, AlienVault says.

Malware 76

Malware Cryptocurrency Software 76

Thales Cloud Protection & Licensing

JANUARY 9, 2018

Hyperconverged infrastructure adoption has grown tremendously over the past few years, and for good reason. Solutions like Cisco’s HyperFlex can provide cloud-like simplification and savings with on premises data center-like scale, performance, and reliability; the best of both worlds. And, like any enterprise computing environment, the encryption of sensitive data has become a fundamental requirement.

Encryption 66

Encryption Backups 66

Schneier on Security

JANUARY 9, 2018

Daniel Miessler criticizes my writings about IoT security: I know it's super cool to scream about how IoT is insecure, how it's dumb to hook up everyday objects like houses and cars and locks to the internet, how bad things can get, and I know it's fun to be invited to talk about how everything is doom and gloom. I absolutely respect Bruce Schneier a lot for what he's contributed to InfoSec, which makes me that much more disappointed with this kind of position from him.

IoT 130

IoT InfoSec Risk Internet 130

WIRED Threat Level

JANUARY 9, 2018

A new report from Human Rights Watch sheds light on a troubling law enforcement practice called “parallel construction.”.

Surveillance 111

Surveillance Government 111

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Dark Reading

JANUARY 12, 2018

A recent survey finds a number of attributes women seek in their careers can be found in a cybersecurity profession - the dots just need to be connected.

Cybersecurity 78

Cybersecurity 78

Andrew Hay

JANUARY 10, 2018

Whether we like it or not, the way we architect, utilize, and secure the networks and systems under our control has changed. When servers were safely tucked away behind corporate firewalls and perimeter-deployed intrusion prevention controls, organizations became complacent and dependent on their host security. Unfortunately, inadequately architected security controls that rely solely on broad network-based protection can make the migration of an organization’s systems to private, public, and hy

Architecture 68

Architecture Technology Firewall 68

Schneier on Security

JANUARY 11, 2018

In this era of electronic leakers, remember that zero-width spaces and homoglyph substitution can fingerprint individual instances of files.

139

139

WIRED Threat Level

JANUARY 10, 2018

German researchers say that a flaw in the app's group-chat feature undermines its end-to-end encryption promises.

Encryption 111

Encryption 111

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Dark Reading

JANUARY 8, 2018

WPA2 protocol enhancements bring stronger security protection and best practices, while new WPA3 protocol offers new security capabilities.

79

79

Threatpost

JANUARY 10, 2018

The debate over the government's authority to access private encrypted data on digital devices was amplified when the Federal Bureau of Investigation Director Christopher Wray called unbreakable encryption an 'urgent public safety issue.'.

Encryption 62

Encryption Government Mobile 62

Schneier on Security

JANUARY 10, 2018

Commentaries on the 2017 US national security strategy by Michael Sulmeyer and Ben Buchanan.

Cybersecurity 134

Cybersecurity 134

WIRED Threat Level

JANUARY 12, 2018

Opinion: Google, Twitter, and Signal should take steps to ensure their tools aren’t restricting Iranian’s free speech.

107

107

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Dark Reading

JANUARY 10, 2018

Survey finds 'lack of competent in-house staff' outranks all other forms of cybersecurity worry, including data breaches to ransomware attacks.

CISO 74

CISO Data breaches Ransomware Cybersecurity 74

Kali Linux

JANUARY 9, 2018

Update : This post is outdated. For a better way of getting Kali Linux on Windows 10, install Kali Linux from the App store. We’re always on the prowl for novel environments to run Kali on, and with the introduction of the Windows Subsystem for Linux (WSL) in Windows 10, new and exciting possibilities have surfaced. After all, if the WSL can support Ubuntu, it shouldn’t be too hard to incorporate another Debian-like distribution, right?

Penetration Testing 52

Penetration Testing 52

Schneier on Security

JANUARY 8, 2018

A comprehensive list. Most are old and obvious, but there are some clever variants.

Scams 136

Scams 136

WIRED Threat Level

JANUARY 6, 2018

Meltdown and Spectre Fixes Arrive—But Don't Solve Everything.

132

132

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Dark Reading

JANUARY 11, 2018

Before letting an IoT device into your business or home, consider what data is being collected and where it is going.

Internet 79

Internet Internet IoT 79

eSecurity Planet

JANUARY 12, 2018

The U.S. government is moving ahead with broad adoption of DMARC to help improve email security, and other organizations should take note.

Government 54

Government 54

Schneier on Security

JANUARY 12, 2018

Funny.

195

195

WIRED Threat Level

JANUARY 12, 2018

A quirk of video compression lets spy targets see what the drone watching them sees.

111

111

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity