Troy Hunt

APRIL 23, 2018

Remember the anti-piracy campaign from years back about "You Wouldn't Steal a Car"? This was the rather sensationalist piece put together by the Motion Picture Association of America in an attempt to draw parallels between digital piracy and what they viewed as IRL ("In Real Life") equivalents. Here's a quick recap: The very premise that the young girl sitting in her bedroom in the opening scene is in any way relatable to the guy in the dark alley sliding a slim jim down the Merc

Internet 209

Internet Internet Penetration Testing Hacking 209

Schneier on Security

APRIL 23, 2018

Russia has banned the secure messaging app Telegram. It's making an absolute mess of the ban -- blocking 16 million IP addresses , many belonging to the Amazon and Google clouds -- and it's not even clear that it's working. But, more importantly, I'm not convinced Telegram is secure in the first place. Such a weird story. If you want secure messaging, use Signal.

Encryption 196

Encryption 196

WIRED Threat Level

APRIL 25, 2018

Researchers didn't have to hack Amazon's Alexa voice assistant to use it for eavesdropping. They just took advantage of the system in place.

Hacking 111

Hacking 111

Elie

APRIL 23, 2018

This post looks at the main challenges that arise when training a classifier to combat fraud and abuse. At a high level, what makes training a classifier to detect fraud and abuse unique is that it deals with data generated by an adversary that actively attempts to evade detection. Sucessfully training a classifier is such adversarial settings requires to overcome the following four challenges: Non stationarity.

Phishing 90

Phishing Accountability Architecture Software 90

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Troy Hunt

APRIL 27, 2018

When I launched Pwned Passwords in August , I honestly didn't know how much it would be used. I made 320M SHA-1 password hashes downloadable and also stood up an API to query the data "as a service" by either a plain text password or a SHA-1 hash. (Incidentally, for anyone about to lose their mind over SHA-1, read that launch post as to why that hashing algorithm is used.

Passwords 200

Passwords 200

Schneier on Security

APRIL 24, 2018

Info on the coded signals used by the Colorado Rockies.

Encryption 187

Encryption 187

Elie

APRIL 23, 2018

This post looks at the four main challenges that arise when training a classifier to combat fraud and abuse. This is the second post of a series of four that is dedicated to provide a concise overview of how to harness AI to build robust anti-abuse protections. The first post. explains why AI is key to build robust anti-defenses that keep up with user expectations and increasingly sophisticated attackers.

Phishing 90

Phishing Data collection Accountability Architecture 90

Troy Hunt

APRIL 27, 2018

This week. I'm tired. A two-day remote workshop on London hours meant very unfriendly times for me here in Aus but hey, it beats jet lag! So just a very short intro this time, I recorded the update this morning whilst I was rather a lot more awake so I'll let that do the talking. Enjoy! iTunes podcast | Google Play Music podcast | RSS podcast. Reference.

Backups 123

Backups 123

Schneier on Security

APRIL 25, 2018

The ISO has rejected two symmetric encryption algorithms: SIMON and SPECK. These algorithms were both designed by the NSA and made public in 2013. They are optimized for small and low-cost processors like IoT devices. The risk of using NSA-designed ciphers, of course, is that they include NSA-designed backdoors. Personally, I doubt that they're backdoored.

IoT 182

IoT Encryption Technology Risk 182

WIRED Threat Level

APRIL 25, 2018

Ray Ozzie thinks his Clear method for unlocking encrypted devices can attain the impossible: It satisfies both law enforcement and privacy purists.

Encryption 111

Encryption 111

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Thales Cloud Protection & Licensing

APRIL 23, 2018

By Peter Galvin, Chief Strategy & Marketing Officer, Thales eSecurity. Today, organizations are rapidly adopting cloud technology. Many organizations have implemented a cloud first philosophy, requiring that any new applications or IT investments start with the cloud. And not just one cloud, but organizations are investing in multiple clouds and SaaS applications.

Digital transformation 75

Digital transformation Encryption Technology Big data 75

Dark Reading

APRIL 26, 2018

As IAM companies try to stretch 'identity context' into all points of the cybersecurity market, identity is becoming 'its own solar system.

Marketing 73

Marketing Cybersecurity 73

Schneier on Security

APRIL 27, 2018

This seems like an absolute disaster: The very short version is that a UK bank, TSB, which had been merged into and then many years later was spun out of Lloyds Bank, was bought by the Spanish bank Banco Sabadell in 2015. Lloyds had continued to run the TSB systems and was to transfer them over to Sabadell over the weekend. It's turned out to be an epic failure, and it's not clear if and when this can be straightened out.

Banking 180

Banking Accountability 180

WIRED Threat Level

APRIL 23, 2018

Whether to pay ransomware is a complicated—and costly—calculation.

Ransomware 111

Ransomware 111

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Threatpost

APRIL 24, 2018

The Ukrainian Energy Ministry has been hit by a ransomware attack – and for once it looks like this is the work of amateurs, not nation-state attackers bent on making a geopolitical point. However, the bad actors appear to have made use of the recently patched Drupal vulnerability, pointing out yet once again that patch […].

Ransomware 67

Ransomware Government Hacking 67

Dark Reading

APRIL 26, 2018

In an attempt to steal financial data, the attack bribes users with coupons in exchange for taking an online quiz.

Phishing 68

Phishing 68

Schneier on Security

APRIL 26, 2018

It's Lt. Gen. Paul Nakasone. I know nothing about him.

Cybersecurity 134

Cybersecurity 134

WIRED Threat Level

APRIL 22, 2018

The mythical creature's popularity says a lot about the psychology of password creation.

Passwords 111

Passwords 111

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Threatpost

APRIL 25, 2018

Researchers discovered a flaw in Amazon’s Alexa virtual assistant that enabled them to eavesdrop on consumers with smart devices – and automatically transcribe every word said.

Hacking 66

Hacking IoT 66

Thales Cloud Protection & Licensing

APRIL 25, 2018

Jim DeLorenzo, Solutions Marketing Manager, Thales eSecurity. By now, few businesses can be unaware that there is just one month to go until the EU General Data Protection Regulation, better known as the GDPR, comes into force. Perhaps the most comprehensive data privacy standard ever introduced, the GDPR will impact every individual and business that is either a ‘controller’ or ‘processor’ of EU citizens’ personal data.

Encryption 63

Encryption Data breaches Data privacy Risk 63

Schneier on Security

APRIL 23, 2018

This acoustic technology identifies individuals by their ear shapes. No information about either false positives or false negatives.

Technology 134

Technology 134

WIRED Threat Level

APRIL 27, 2018

Joy Reid may have very well been the target of a malicious breach. Or she's just the latest person to blame hackers for her past mistakes.

104

104

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Threatpost

APRIL 24, 2018

A freshly minted attack group dubbed Orangeworm has been uncovered, deploying a custom backdoor in mostly healthcare-related environments. It’s bent on laser-focused, comprehensive corporate espionage, with a noisy attack vector that shows that it’s unlikely to be related to nation-state actors. Researchers first found Orangeworm in the form of an interesting binary in 2016, and […].

Healthcare 65

Healthcare Malware 65

Dark Reading

APRIL 26, 2018

The migration of valuable data to the cloud is piquing the interest of cybercrimimals. But there are ways to fight back.

Healthcare 63

Healthcare 63

Schneier on Security

APRIL 24, 2018

" Do Not Disturb " is a Macintosh app that send an alert when the lid is opened. The idea is to detect computer tampering. Wire article : Do Not Disturb goes a step further than just the push notification. Using the Do Not Disturb iOS app, a notified user can send themselves a picture snapped with the laptop's webcam to catch the perpetrator in the act, or they can shut down the computer remotely.

128

128

WIRED Threat Level

APRIL 21, 2018

Xbox hacking, LinkedIn bugs, and more security news this week.

Hacking 93

Hacking 93

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Elie

APRIL 23, 2018

In-depth research publications, industry talks and blog posts about Google security, research at Google and cybersecurity in general in open-access.

Cybersecurity 62

Cybersecurity 62

Threatpost

APRIL 26, 2018

Microsoft has released new Spectre mitigations for Windows 10, which include Intel microcode fixes for CPUs running on Windows.

58

58

Dark Reading

APRIL 27, 2018

Total fraud against kids amounted to $2.6 billion and more than $540 million in out-of-pocket costs to families, a new report finds.

57

57

Thales Cloud Protection & Licensing

APRIL 23, 2018

RSA 2018 kicked off on a high note with Thales eSecurity’s annual partner/customer happy hour , and the week just got better from there. Our hard-working staff remained energetic and unflappable, as it juggled various roles: guiding conference attendees through the Cyber Escape Room; walking booth visitors through demos of the Thales eSecurity product line; managing giveaways (the URB-E scooter proved highly popular!

Healthcare 48

Healthcare Cyber threats Hacking Cybersecurity 48

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity