Schneier on Security
FEBRUARY 7, 2018
This story of leaked Australian government secrets is unlike any other I've heard: It begins at a second-hand shop in Canberra, where ex-government furniture is sold off cheaply. The deals can be even cheaper when the items in question are two heavy filing cabinets to which no-one can find the keys. They were purchased for small change and sat unopened for some months until the locks were attacked with a drill.
Troy Hunt
FEBRUARY 6, 2018
I've been giving a bunch of thought to passwords lately. Here we have this absolute cornerstone of security - a paradigm that every single person with an online account understands - yet we see fundamentally different approaches to how services handle them. Some have strict complexity rules. Some have low max lengths. Some won't let you paste a password.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Thales Cloud Protection & Licensing
FEBRUARY 9, 2018
With organizations around the world now deploying ever-increasing amounts of encryption solutions in an effort to ward off cybercrime, businesses are facing a combination of challenges. Whether it’s varying protection levels, differing operational techniques and policies, or juggling multiple keys, managing more than one encryption system can quickly turn into a complex web that demands time, expertise and money to manage effectively.
WIRED Threat Level
FEBRUARY 5, 2018
We speak about the “Mueller probe” as a single entity, but it’s important to understand that there are no fewer than five separate investigations under the broad umbrella of the special counsel’s office.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Schneier on Security
FEBRUARY 8, 2018
A water utility in Europe has been infected by cryptocurrency mining software. This is a relatively new attack : hackers compromise computers and force them to mine cryptocurrency for them. This is the first time I've seen it infect SCADA systems, though. It seems that this mining software is benign, and doesn't affect the performance of the hacked computer.
Troy Hunt
FEBRUARY 9, 2018
I'm not entirely sure how I've gotten to the end of the week feeling completely wrung out whilst having only written the one thing, but here we are. In fairness though, I've put a heap of work into Pwned Passwords version 2 and finally completed the data set. There's some coding work and other logistics to complete before it goes live, but the plan for now is week after next so I'm looking forward to that.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
WIRED Threat Level
FEBRUARY 7, 2018
Researcher Mordechai Guri has spent the last four years exploring practically every method of stealthily siphoning data off of a disconnected computer.
Schneier on Security
FEBRUARY 6, 2018
The Guardian is reporting that "every NHS trust assessed for cyber security vulnerabilities has failed to meet the standard required.". This is the same NHS that was debilitated by WannaCry.
Dark Reading
FEBRUARY 5, 2018
Many businesses are ill-equipped to deal with potential risks posed by billions of connected devices, exponential data growth, and an unprecedented number of cyber threats. Here's how to prepare.
Thales Cloud Protection & Licensing
FEBRUARY 6, 2018
This past month, CEOs, elected leaders and academics from around the globe gathered at the World Economic Forum (WEF) in Davos, Switzerland, to discuss the world’s most pressing problems including technological change, global trade, education, sustainability, and gender equality. As in previous years, digital transformation remained a key theme at the event as well as discussions around artificial intelligence (AI) and IoT technologies impacting the workforce.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
WIRED Threat Level
FEBRUARY 9, 2018
Polisis, a machine-learning-trained tool, automatically produces readable charts of where your data ends up for any online service.
Schneier on Security
FEBRUARY 9, 2018
Research shows that what a food is called affects how we think about it. Research paper. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.
eSecurity Planet
FEBRUARY 7, 2018
Industry experts from Coalfire, IEEE and more discuss how AI is shaping the future of IT security.
Dark Reading
FEBRUARY 9, 2018
The irony behind just about every headline-grabbing data breach we've seen in recent years is that they all could have been prevented with simple cyber hygiene.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
WIRED Threat Level
FEBRUARY 7, 2018
A new twist on the classic Nigerian Prince scheme has jumped from gaming communities to Twitter. And now it's spreading.
Schneier on Security
FEBRUARY 9, 2018
In " The House that Spied on Me ," Kashmir Hill outfits her home to be as "smart" as possible and writes about the results.
eSecurity Planet
FEBRUARY 6, 2018
Learn about this emerging attack method and how it's impacting organizations around the world in this eSecurityPlanet series.
Threatpost
FEBRUARY 9, 2018
Lenovo issued a security bulletin Friday warning customers of two previously disclosed critical Broadcom vulnerabilities impacts 25 models of its popular ThinkPad laptops.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
WIRED Threat Level
FEBRUARY 7, 2018
Infraud may not have been as famous as dark web markets like the Silk Road and Alphabay, but it far outlasted both.
Schneier on Security
FEBRUARY 5, 2018
A CNN reporter found.
Dark Reading
FEBRUARY 9, 2018
The aliases, geographies, famous attacks, and behaviors of some of the most prolific threat groups.
NopSec
FEBRUARY 9, 2018
On Monday, March 19th, NopSec’s Co-founder & CTO, Michelangelo Sidagni will be speaking at this year’s IANS New York Information Security Forum. The Information Security Forum delivers an immersive curriculum with over 30+ sessions led by esteemed IANS Faculty, global information security thought leaders and solution providers. Attend the two-day Forum to gain actionable technical solutions and leadership insights focused on current and emerging challenges facing enterprise secur
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
WIRED Threat Level
FEBRUARY 9, 2018
The first primary for the 2018 midterm elections takes place March 6—and many states are still woefully underprepared.
Kali Linux
FEBRUARY 5, 2018
Welcome to our first release of 2018, Kali Linux 2018.1. This fine release contains all updated packages and bug fixes since our 2017.3 release last November. This release wasn’t without its challenges–from the Meltdown and Spectre excitement (patches will be in the 4.15 kernel) to a couple of other nasty bugs , we had our work cut out for us but we prevailed in time to deliver this latest and greatest version for your installation pleasure.
Dark Reading
FEBRUARY 6, 2018
But the response to the new hacking tool, now readily available to the masses of script kiddies, has been a mix of outrage, fear, some applause, and more than a few shrugs.
NopSec
FEBRUARY 7, 2018
I have always been fascinated by lateral movement attacks possible within Windows Active Directory environments. Hosts are compromised; credentials extracted; lateral movement achieved until the final price for Windows Domain domination is captured: the credentials of one of the members of the Domain Admin Group. All these are techniques used most commonly by Red Teamers in large enterprises.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
WIRED Threat Level
FEBRUARY 3, 2018
The memo release, Olympics hacking, and more of the week's top security news.
eSecurity Planet
FEBRUARY 9, 2018
While both SIEM solutions are popular industry leaders, each has its strengths and weaknesses. We take a close look at both.
Dark Reading
FEBRUARY 7, 2018
Recent Adobe Flash exploit discovered against South Korean targets likely purchased, not developed by the hacking group.
Threatpost
FEBRUARY 8, 2018
Researchers have identified a new ransomware strain that went undetected by built-in malware protection used by cloud heavyweights Microsoft and Google as recently as January.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Expert insights. Personalized for you.
279 
Let's personalize your content