Troy Hunt

NOVEMBER 21, 2017

There's a title I never expected to write! But it's exactly what it sounds like and on Thursday next week, I'll be up in front of US congress on the other side of the world testifying about the impact of data breaches. It's an amazing opportunity to influence decision makers at the highest levels of government and frankly, I don't want to stuff it up which is why I'm asking the question - what should I say?

Data breaches 223

Data breaches InfoSec Backups IoT 223

Schneier on Security

NOVEMBER 22, 2017

The security researchers at Princeton are posting. You may know that most websites have third-party analytics scripts that record which pages you visit and the searches you make. But lately, more and more sites use "session replay" scripts. These scripts record your keystrokes, mouse movements, and scrolling behavior, along with the entire contents of the pages you visit, and send them to third-party servers.

Data collection 223

Data collection 223

WIRED Threat Level

NOVEMBER 24, 2017

Like the idea of Amazon Echo and Google Home, but feel uneasy about all that recording? Here's what they listen to—and how to delete it.

111

111

Thales Cloud Protection & Licensing

NOVEMBER 22, 2017

It’s hard to believe that the holiday season is already upon us with both the biggest online and offline shopping events just around the corner. The one-two punch of Black Friday and Cyber Monday are the highest volume shopping days of the year and finding the best deals can be a hobby in itself. In 2016, 108.5 million Americans shopped online over the long weekend.

Risk 90

Risk Retail Digital transformation Authentication 90

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

Troy Hunt

NOVEMBER 24, 2017

This is going to be a couple of weeks of polar opposite updates: This week I'm in Rockhampton, a regional centre in my home state where I'm surrounded by gum trees, chirping birds and a croc-invested river. Next week will be Washington DC where I'll have just finished testifying in front of US Congress. Whoa. That's the big story this week. This year.

Data breaches 165

Data breaches Accountability Hacking Risk 165

Schneier on Security

NOVEMBER 20, 2017

Amazon Key is an IoT door lock that can enable one-time access codes for delivery people. To further secure that system, Amazon sells Cloud Cam, a camera that watches the door to ensure that delivery people don't abuse their one-time access privilege. Cloud Cam has been hacked : But now security researchers have demonstrated that with a simple program run from any computer in Wi-Fi range, that camera can be not only disabled but frozen.

IoT 192

IoT Hacking 192

eSecurity Planet

NOVEMBER 21, 2017

Next-generation firewalls (NGFW) are essential to IT security and make up a $10 billion market. We review ten of the best.

Firewall 84

Firewall Marketing 84

Dark Reading

NOVEMBER 22, 2017

Researcher at Black Hat Europe will show how Samsung Pay's security falls short and ways attackers could potentially bypass it.

Mobile 80

Mobile 80

Schneier on Security

NOVEMBER 21, 2017

Amazon has a cloud for U.S. classified data. The physical and computer requirements for handling classified information are considerable, both in terms of technology and procedure. I am surprised that a company with no experience dealing with classified data was able to do it.

Technology 185

Technology 185

WIRED Threat Level

NOVEMBER 21, 2017

The ridesharing service's latest scandal combines routine security negligence with an "appalling" coverup.

Data breaches 111

Data breaches 111

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Thales Cloud Protection & Licensing

NOVEMBER 21, 2017

Security: moving up the executive stack. The last few years will be remembered for frequent, large and damaging data breaches. They’ve impacted big business and small, private and public organisations, in Australia and around the world. When it comes to data security, hackers don’t discriminate. This has made senior executives everywhere sit up and take notice, with companies concerned about being compromised and becoming tomorrow’s news headline.

Encryption 69

Encryption Data breaches Media Marketing 69

Dark Reading

NOVEMBER 20, 2017

Organizations face an average of eight attempts a day, up from an average of four per day at the beginning of this year.

DDOS 78

DDOS 78

Schneier on Security

NOVEMBER 23, 2017

Mozilla reviews the privacy practices of Internet-connected toys, home accessories, exercise equipment, and more.

Internet 167

Internet Internet 167

WIRED Threat Level

NOVEMBER 20, 2017

Security experts have warned of Intel's Management Engine for years. A new set of confirmed vulnerabilities that impact PCs, servers, and IoT devices shows they may have been right.

Engineering 111

Engineering IoT 111

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Threatpost

NOVEMBER 22, 2017

HP said dozens of enterprise-class printer models will receive a patch for an arbitrary code execution vulnerability sometime this week.

Malware 66

Malware Hacking 66

Dark Reading

NOVEMBER 21, 2017

As the mega-shopping day approaches, here's a look at six examples of phishing attacks - and ways to avoid taking the bait.

Phishing 77

Phishing 77

Andrew Hay

NOVEMBER 20, 2017

I’ve had a lot of positive feedback from my first post which explained how to create the Trello board to track your Call For Paper (CFP) due dates, submissions, and results. In this post, I’ll explain how to create the cards and populate them with the required data to better manage your CFP pipeline. To start your first card click the ‘Add a card…’ link in the CFP Open swim lane.

65

65

WIRED Threat Level

NOVEMBER 22, 2017

Former staffers of the State Department's Global Engagement Center, tasked with fighting propaganda, say that 'administrative incompetence' has hamstrung efforts.

108

108

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

eSecurity Planet

NOVEMBER 18, 2017

Threat Intelligence Firm ThreatQuotient gets the attention of Cisco and Japanese telecommunications company NTT Docomo.

Telecommunications 64

Telecommunications 64

Dark Reading

NOVEMBER 22, 2017

The ride-sharing company has confirmed an October 2016 data breach that compromised 57 million accounts.

Data breaches 72

Data breaches Accountability 72

Thales Cloud Protection & Licensing

NOVEMBER 20, 2017

Security: moving up the executive stack. The last few years will be remembered for frequent, large and damaging data breaches. They’ve impacted big business and small, private and public organisations, in Australia and around the world. When it comes to data security, hackers don’t discriminate. This has made senior executives everywhere sit up and take notice, with companies concerned about being compromised and becoming tomorrow’s news headline.

Encryption 59

Encryption Data breaches Media Marketing 59

WIRED Threat Level

NOVEMBER 21, 2017

Teaching deep learning algorithms to find surface-to-air missile sites and much more in satellite images.

Artificial Intelligence 107

Artificial Intelligence 107

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

eSecurity Planet

NOVEMBER 21, 2017

Another 22 percent are unsure.

63

63

Dark Reading

NOVEMBER 22, 2017

Another big firmware security issue affecting Intel processors, requires OEM updates.

Firmware 67

Firmware 67

Thales Cloud Protection & Licensing

NOVEMBER 21, 2017

“I did not plan my foray into security,” says Ashvin Kamaraju who, to date, has racked up an impressive seven-year tenure at Thales eSecurity. With a background in operating systems, file systems and storage, Ashvin was initially hired to help scale products in those areas. In the process, he developed an interest and expertise in data security. Ashvin has certainly traveled an unconventional path into a leadership role in enterprise security (believe it or not, he holds undergraduate and gradua

Engineering 54

Engineering Cyber Attacks Technology Cybersecurity 54

WIRED Threat Level

NOVEMBER 20, 2017

US consumers suffer 80 million robocalls a day. But a new crackdown—along with some clever apps—could help put a lid on your biggest mobile nuisance.

Mobile 106

Mobile 106

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

eSecurity Planet

NOVEMBER 21, 2017

We review Cisco Firepower NGFW, an integrated next-gen firewall that works with a broad set of security services.

Firewall 56

Firewall 56

Dark Reading

NOVEMBER 22, 2017

Strong enterprise cybersecurity programs must be a built on a framework that incorporates strategic, operational, and tactical leadership and goals.

Cybersecurity 61

Cybersecurity 61

Threatpost

NOVEMBER 21, 2017

Intel released eight patches for vulnerabilities in remote management software and firmware that could allow local adversaries to elevate privileges, run arbitrary code, crash systems and eavesdrop on communications.

Firmware 54

Firmware Software IoT Engineering 54

WIRED Threat Level

NOVEMBER 21, 2017

Months after tormenting HBO with the release of unaired episodes and *Game of Thrones* spoilers, the alleged hacker has been indicted.

Hacking 88

Hacking 88

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software