Schneier on Security
MARCH 14, 2018
One of the effects of GDPR -- the new EU General Data Protection Regulation -- is that we're all going to be learning a lot more about who collects our data and what they do with it. Consider PayPal, that just released a list of over 600 companies they share customer data with. Here's a good visualization of that data. Is 600 companies unusual? Is it more than average?
Elie
MARCH 10, 2018
This series of posts recounts how, in November 2016, we hunted for and took down Gooligan, the infamous Android OAuth stealing botnet. What makes Gooligan special is its weaponization of OAuth tokens, something that was never observed in mainstream crimeware before. At its peak, Gooligan had hijacked over 1M OAuth tokens in an attempt to perform fraudulent Play store installs and reviews.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
WIRED Threat Level
MARCH 16, 2018
The Colombian-American hacker became famous in the early 2000s for breaking into the systems at organizations like *The New York Times*, and later for his role in Chelsea Manning's arrest.
Thales Cloud Protection & Licensing
MARCH 13, 2018
Data encryption has been around almost since the age of computers. In truth, anyone with minimal experience can write a simple script that uses default services built into virtually every OS to encrypt data. In Linux, for instance, it takes four openSSL commands to generate an encryption key and encrypt data. However, simply encrypting data is not a sufficient control when storing data in the cloud.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Schneier on Security
MARCH 15, 2018
Artificial intelligence technologies have the potential to upend the longstanding advantage that attack has over defense on the Internet. This has to do with the relative strengths and weaknesses of people and computers, how those all interplay in Internet security, and where AI technologies might change things. You can divide Internet security tasks into two sets: what humans do well and what computers do well.
Elie
MARCH 10, 2018
This series of posts recounts how, in November 2016, we hunted for and took down Gooligan, the infamous Android OAuth stealing botnet. What makes Gooligan special is its weaponization of OAuth tokens, something that was never observed in mainstream crimeware before. At its peak, Gooligan had hijacked over 1M OAuth tokens in an attempt to perform fraudulent Play store installs and reviews.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
eSecurity Planet
MARCH 13, 2018
Every business uses email, yet many are unaware of email security threats. Here's a look at the threats - and how to secure your business email.
Schneier on Security
MARCH 13, 2018
I don't know what to make of this story : The email was sent on Tuesday by the CEO of Trustico, a UK-based reseller of TLS certificates issued by the browser-trusted certificate authorities Comodo and, until recently, Symantec. It was sent to Jeremy Rowley, an executive vice president at DigiCert, a certificate authority that acquired Symantec's certificate issuance business after Symantec was caught flouting binding industry rules , prompting Google to distrust Symantec certificates in its Chro
Dark Reading
MARCH 16, 2018
Cybercrime funds make up 8-10% of all illegal profits laundered and amount to $80-200 billion each year.
WIRED Threat Level
MARCH 13, 2018
A newly passed bill in the Florida Legislature would bring unprecedented levels of transparency to the criminal justice system.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Thales Cloud Protection & Licensing
MARCH 15, 2018
Permissioned blockchains are growing in popularity as businesses attempt to cash in on the blockchain trend while keeping a firm hand on the tiller. Contrary to their non-permissioned cousins (such as bitcoin or Ethereum), permissioned blockchains are controlled by an authority that grants permission to every node that participates. In this blog ( originally published on Dark Reading), Duncan Jones, Head of Skunkworks at Thales eSecurity, Duncan discusses the characteristics of a perimissioned b
Schneier on Security
MARCH 16, 2018
This is a good article on the complicated story of hacker Marcus Hutchins.
Dark Reading
MARCH 14, 2018
An attack doesn't have to be super high-tech to cause a lot of damage. Make sure your employees know how to spot an old-fashioned phishing campaign.
WIRED Threat Level
MARCH 16, 2018
YouTube and other tech giants have repeatedly turned to Wikipedia to help solve some of their biggest problems—often without giving back.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Spinone
MARCH 11, 2018
Google provides a feature for Google Workspace (former G Suite) users called ‘Two-Step Verification,’ which is designed to improve the security of not only your Google Workspace account, but your entire online presence. If your Google account is ever hacked, a domino effect may ensue. You are particularly vulnerable if you reuse the same password […] The post How to Protect Your Google Workspace Account first appeared on SpinOne.
Schneier on Security
MARCH 12, 2018
Here's another company that claims to unlock phones for a price.
Dark Reading
MARCH 14, 2018
New research shows security leaders have false confidence in their ability to respond to security incidents.
WIRED Threat Level
MARCH 12, 2018
While some major distributed-denial-of-service attacks have been thwarted this month, the threat remains as critical as ever.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Threatpost
MARCH 15, 2018
A Walmart jewelry partners' misconfigured AWS S3 bucket left personal details and contact information of 1.3 million customers in plain sight.
Elie
MARCH 10, 2018
In-depth research publications, industry talks and blog posts about Google security, research at Google and cybersecurity in general in open-access.
Dark Reading
MARCH 16, 2018
As security evolve as a corporate priority, so do the roles and responsibilities of the executive team. These seven titles are already feeling the impact.
WIRED Threat Level
MARCH 16, 2018
Despite warnings and flagged accounts, Zello left accounts with ISIS flag avatars and jihadist descriptions live on its service.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Threatpost
MARCH 15, 2018
Despite setbacks hackers behind GandCrab malware are pushing ahead with lucrative new ransomware strain thanks to quick-and-dirty agile development approach.
The Falcon's View
MARCH 12, 2018
I started my security (post-sysadmin) career heavily focused on security policy frameworks. It took me down many roads, but everything always came back to a few simple notions, such as that policies were a means of articulating security direction, that you had to prescriptively articulate desired behaviors, and that the more detail you could put into the guidance (such as in standards, baselines, and guidelines), the better off the organization would be.
Dark Reading
MARCH 16, 2018
AI automates repetitive tasks and alleviates mundane functions that often haunt decision makers. But it's still not a sure substitute for security best practices.
WIRED Threat Level
MARCH 15, 2018
From election meddling to NotPetya to grid hacking, Russia's digital provocations are no longer being ignored.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
Threatpost
MARCH 12, 2018
As investigations continue about the backdoor that was planted in CCleaner, Avast said it has found that the actors behind the attack were planning to install a third round of malware on compromised computers.
Spinone
MARCH 11, 2018
The Internet blew up with the latest news about Gmail phishing attack. You have probably read tons of material about this issue and how sophisticatedly it was organized. However, all of this news has likely left you frustrated and without a satisfactory answer to these three questions: What was the goal? What can we expect? What should we do next? Our security experts give the answers.
Dark Reading
MARCH 13, 2018
As quantum computing approaches real-world viability, it also poses a huge threat to today's encryption measures.
WIRED Threat Level
MARCH 13, 2018
As an Israeli security firm outlines real flaws in AMD's chips, the security community questions its motivations.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Expert insights. Personalized for you.
224 
Let's personalize your content