Schneier on Security

FEBRUARY 12, 2018

There are a lot : The cybersecurity company McAfee recently uncovered a cyber operation, dubbed Operation GoldDragon, attacking South Korean organizations related to the Winter Olympics. McAfee believes the attack came from a nation state that speaks Korean, although it has no definitive proof that this is a North Korean operation. The victim organizations include ice hockey teams, ski suppliers, ski resorts, tourist organizations in Pyeongchang, and departments organizing the Pyeongchang Olympi

Internet 246

Internet Internet Cyber Attacks DDOS 246

Troy Hunt

FEBRUARY 16, 2018

I had plans this week. Monday was going to be full of coding work around Pwned Passwords V2 (and a few other HIBP things) then Texthelp went and got themselves pwned and there went my day writing about the ramifications of that. This is a genuinely important issue and the whole concept of the JavaScript supply chain needs much better thought. We've got the technology, it's just that most people don't know it exists!

Data breaches 110

Data breaches Marketing Passwords Internet 110

WIRED Threat Level

FEBRUARY 16, 2018

Robert Mueller's office has come out with a 37-page indictment that details the extraordinary lengths Russian agents went to influence the 2016 presidential election.

109

109

Thales Cloud Protection & Licensing

FEBRUARY 15, 2018

Another day, another breach. It’s sarcastic, it’s comical, but it’s also real. Barely a day goes by where we don’t hear of a data breach. Affecting big companies and small in virtually every vertical and hitting government institutions at the local, state and federal level, sensitive data is routinely exfiltrated, stolen and leveraged with shocking regularity.

Identity Theft 89

Identity Theft IoT Technology Encryption 89

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Schneier on Security

FEBRUARY 14, 2018

Everything online is hackable. This is true for Equifax's data and the federal Office of Personal Management's data, which was hacked in 2015. If information is on a computer connected to the Internet, it is vulnerable. But just because everything is hackable doesn't mean everything will be hacked. The difference between the two is complex, and filled with defensive technologies, security best practices, consumer awareness, the motivation and skill of the hacker and the desirability of the data.

Internet 150

Internet Internet Government Hacking 150

Dark Reading

FEBRUARY 14, 2018

In today's environment, a focus on cybersecurity isn't a luxury. It's a necessity, and making sure that focus is achieved starts with the company's culture.

Cybersecurity 79

Cybersecurity 79

Thales Cloud Protection & Licensing

FEBRUARY 13, 2018

As data breaches continue to plague organisations worldwide, South Africa is taking extra measures to protect its citizens by rolling out new legislation. The country’s Protection of Personal Information (POPI) Act imposes requirements on holders of personal data to guard against unauthorised access and, in the event of a breach, mandates that the organisation notify the Regulator and the impacted data subjects.

Encryption 66

Encryption Government Risk Technology 66

Schneier on Security

FEBRUARY 13, 2018

Nice profile of Mordechai Guri, who researches a variety of clever ways to steal data over air-gapped computers. Guri and his fellow Ben-Gurion researchers have shown, for instance, that it's possible to trick a fully offline computer into leaking data to another nearby device via the noise its internal fan generates , by changing air temperatures in patterns that the receiving computer can detect with thermal sensors , or even by blinking out a stream of information from a computer hard dr

Cybersecurity 148

Cybersecurity 148

eSecurity Planet

FEBRUARY 15, 2018

A look at top vendors in the market for web security gateway solutions, a critical tool for defending against web threats.

Marketing 82

Marketing 82

WIRED Threat Level

FEBRUARY 16, 2018

A new Justice Department indictment alleges Russia's disinformation operations created bank and social media accounts using the stolen identities of real US citizens.

Banking 105

Banking Media Accountability 105

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Threatpost

FEBRUARY 16, 2018

Apple said it is working on a fix for the latest text bomb bug that crashes a number of iOS and Mac apps that display specific Telugu language characters. .

Mobile 63

Mobile Hacking 63

Schneier on Security

FEBRUARY 16, 2018

The National Academies has just published " Decrypting the Encryption Debate: A Framework for Decision Makers." It looks really good, although I have not read it yet. Not much news or analysis yet. Please post any links you find in the comments, and I will summarize them here.

Encryption 122

Encryption 122

eSecurity Planet

FEBRUARY 12, 2018

Paying security researchers to find vulnerabilities can be a winning formula. Find out more in the first part of this eSecurity Planet series.

74

74

WIRED Threat Level

FEBRUARY 15, 2018

The "Protect" menu item in Facebook's mobile apps refers users to the company's Onavo Protect VPN, but the tool falls short of basic privacy standards.

VPN 110

VPN Mobile 110

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Dark Reading

FEBRUARY 14, 2018

Exploits are getting more sophisticated by the day, and cybersecurity technology just isn't keeping up.

Malware 68

Malware Technology Cybersecurity 68

Schneier on Security

FEBRUARY 15, 2018

Good Washington Post op-ed on the need to use voter-verifiable paper ballots to secure elections, as well as risk-limiting audits.

Risk 136

Risk 136

eSecurity Planet

FEBRUARY 15, 2018

A look at top vendors in the market for web security gateway solutions, a critical tool for defending against web threats.

Marketing 69

Marketing 69

WIRED Threat Level

FEBRUARY 15, 2018

In the wake of Wednesday's Parkland, Florida school shooting Russian bots have taken to Twitter to stoke the gun control debate.

112

112

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Dark Reading

FEBRUARY 16, 2018

These intelligent botnet clusters swarm compromised devices to identify and assault different attack vectors all at once.

61

61

Threatpost

FEBRUARY 15, 2018

Malicious e-mail attachments used in this campaign don’t display any warnings when opened and silently install malware.

Malware 52

Malware Passwords Hacking 52

Spinone

FEBRUARY 16, 2018

SAN FRANCISCO, CA – January 25, 2018 – Spinbackup, a leading cloud security and cloud-to-cloud backup solutions provider for G Suite, and an API-based CASB (Cloud Access Security Broker) announced today it’s significant growth milestones in 2017, as the company’s customer base exceeded 2,000 SMB’s, educational and enterprise organizations globally. 2017 was another year of continuous progress and achievement for Spinbackup.

Backups 40

Backups Ransomware Education Marketing 40

WIRED Threat Level

FEBRUARY 12, 2018

Researchers at Cisco Talos detail a new piece of disruptive, highly infectious malware with a clear target: the Pyeongchang Olympics IT infrastructure.

Malware 93

Malware 93

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Dark Reading

FEBRUARY 13, 2018

Google's new mobility management framework makes great strides in addressing security and device management concerns while offering diverse deployment options. Here are the pros and cons.

Mobile 48

Mobile 48

Threatpost

FEBRUARY 14, 2018

Researchers now believe attackers may have had prior access to networks and that malware was more sophisticated than originally believed.

Malware 47

Malware Government Hacking 47

Spinone

FEBRUARY 14, 2018

The cloud computing boom has brought many benefits to businesses regarding increased productivity and easier accessibility to corporate online systems. Unfortunately, it has also introduced some new security concerns and an increase in the number of data breaches that occur each year. The main reason for this is that cloud services make it much easier to access and share data from outside the organization.

Cloud Migration 40

Cloud Migration Data breaches Risk Mobile 40

WIRED Threat Level

FEBRUARY 15, 2018

From SMS notifications to an egregious number of emails, the social media company's desperation has gone too far.

Media 100

Media 100

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Dark Reading

FEBRUARY 12, 2018

By understanding how cybercriminals use bitcoin, threat analysts can connect the dots between cyber extortion, wallet addresses, shared infrastructure, TTPs, and attribution.

Ransomware 47

Ransomware 47

Threatpost

FEBRUARY 12, 2018

The attack could have been averted through a technique called subresource integrity, according to researcher Scott Helme.

Cryptocurrency 46

Cryptocurrency Government Hacking 46

Schneier on Security

FEBRUARY 16, 2018

There's a squid pin on Kickstarter. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.

111

111

WIRED Threat Level

FEBRUARY 12, 2018

By bringing the Snap Map out of the app and onto the web, Snap hopes to bring Snapchat to the masses like never before.

87

87

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity