Schneier on Security

DECEMBER 25, 2017

Funny.

Surveillance 214

Surveillance 214

Troy Hunt

DECEMBER 28, 2017

It's Xmas! Well, it was Xmas but I (and hopefully you too) am still in that Xmas period haze where it's hard to tell one day from the next. Apparently, it's also hard to remember to hit record before talking about this week's updates so yeah, good one Troy! But I did eventually record a full update and in an otherwise slow news week, I thought I'd talk a little bit about Xmas down under in Australia.

151

151

WIRED Threat Level

DECEMBER 29, 2017

The practice of using a website visitor's device to mine cryptocurrency has expanded—and evolved—at an alarming rate.

Cryptocurrency 112

Cryptocurrency 112

Threatpost

DECEMBER 28, 2017

Researchers warn of copycat type attacks as exploit code used in Mirai variant goes public.

IoT 85

IoT Malware 85

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Schneier on Security

DECEMBER 28, 2017

Matthew Green wrote a fascinating blog post about the NSA's efforts to increase the amount of random data exposed in the TLS protocol, and how it interacts with the NSA's backdoor into the DUAL_EC_PRNG random number generator to weaken TLS.

206

206

Troy Hunt

DECEMBER 28, 2017

Regular readers will know I create a lot of Pluralsight courses. It's now 5 years ago I started writing my first one which incidentally, is still my highest rated course every month (apparently the OWASP Top 10 as it relates to ASP.NET is still a big thing). Most of the time, the courses I create are on topics I know well, primarily on security but occasionally with a bit of cloud and development practices sprinkled in for variety.

123

123

eSecurity Planet

DECEMBER 28, 2017

And just 11 percent plan to add one in the coming year.

Healthcare 84

Healthcare 84

Schneier on Security

DECEMBER 26, 2017

Interesting destructive attack: " Acoustic Denial of Service Attacks on HDDs ": Abstract : Among storage components, hard disk drives (HDDs) have become the most commonly-used type of non-volatile storage due to their recent technological advances, including, enhanced energy efficacy and significantly-improved areal density. Such advances in HDDs have made them an inevitable part of numerous computing systems, including, personal computers, closed-circuit television (CCTV) systems, medical bedsi

Technology 188

Technology 188

Threatpost

DECEMBER 27, 2017

Ancestry.com closes parts of its community-driven genealogy site RootsWeb as it investigates a leaky server that exposed thousands of passwords, email addresses and usernames to the public internet.

Passwords 76

Passwords Internet Internet Information Security 76

WIRED Threat Level

DECEMBER 23, 2017

As the debate over Section 702 continues, those deciding its fate don't know basic facts about how it works.

Surveillance 110

Surveillance 110

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

eSecurity Planet

DECEMBER 27, 2017

And almost half of those breaches were caused by a third-party vendor or contractor.

72

72

Schneier on Security

DECEMBER 27, 2017

NIST has organized a competition for public-key algorithms secure against a quantum computer. It recently published all of its Round 1 submissions. (Details of the NIST efforts are here. A timeline for the new algorithms is here.).

150

150

Dark Reading

DECEMBER 29, 2017

Company to pay US Department of Health and Human Services over potential HIPAA violations after patient medical data was stolen by cyberthieves.

53

53

WIRED Threat Level

DECEMBER 23, 2017

A fake *Cuphead*, a WhatsApp privacy blow-up, and more of the week's top security news.

108

108

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

eSecurity Planet

DECEMBER 29, 2017

As we inch closer to the end of the year, all brands have their eyes on the evolving marketing trends for 2018. To prepare, teams often start by brainstorming answers. The post The One Content Trend Essential to a Marketing Strategy in 2018 appeared first on Kapost Content Marketing Blog.

Marketing 58

Marketing 58

Schneier on Security

DECEMBER 29, 2017

New York Magazine published an excellent profile of the single-document leaker Reality Winner.

124

124

Threatpost

DECEMBER 26, 2017

Mozilla has patched one critical vulnerability in its Thunderbird email client along with two bugs rated high.

Hacking 51

Hacking 51

WIRED Threat Level

DECEMBER 29, 2017

Numerous tales of hacking and breaches proves just how permeable the digital membrane can be.

Hacking 96

Hacking 96

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Dark Reading

DECEMBER 29, 2017

The government says its rules are to protect security and stability, but some say they are repressive.

Internet 48

Internet Internet Government 48

eSecurity Planet

DECEMBER 29, 2017

The overall number of attacks rose by 15.6 percent over the previous quarter.

DDOS 47

DDOS 47

Spinone

DECEMBER 24, 2017

Computer software is often prone to attacks. This could be due to internal or external reasons. One of such attacks is caused by a security hole which is then exploited by hackers. A zеrо dау vulnerability is a hоlе in computer ѕоftwаrе thаt iѕ not fixed by the vеndоr.

Software 40

Software Malware System Administration Spyware 40

WIRED Threat Level

DECEMBER 27, 2017

Here’s a six-month old essay about online media that resonated with me for a couple of reasons. Firstly, because I was an early-ish analyst blogger in the learning space (2006) and blogged the same way the writer did back then (quick commentary vs in-depth analysis) and secondly, it’s a sad and accurate story of how we got to where we are today – from WordPress-powered “Hello World” reflective blogs to memes and to trolls on Reddit – basically, a whole bunch o

Media 40

Media Education Internet Internet 40

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Dark Reading

DECEMBER 29, 2017

Micro-segmentation is very achievable. While it can feel daunting, you can succeed by proactively being aware of and avoiding these roadblocks.

44

44

Troy Hunt

DECEMBER 23, 2017

Lord Lansdowne. Henry Charles Keith Petty-Fitzmaurice (1845 – 1927), the 5th Marquess of Lansdowne, was a distinguished British statesman who held senior positions in both Liberal Party and Conservative Party governments. He had served as the fifth Governor General of Canada, Viceroy of India, Secretary of State for War, and Secretary of State for Foreign Affairs.

Government 95

Government 95

Schneier on Security

DECEMBER 29, 2017

New research : "Global proliferation of cephalopods" Summary : Human activities have substantially changed the world's oceans in recent decades, altering marine food webs, habitats and biogeochemical processes. Cephalopods (squid, cuttlefish and octopuses) have a unique set of biological traits, including rapid growth, short lifespans and strong life-history plasticity, allowing them to adapt quickly to changing environmental conditions.

128

128

eSecurity Planet

DECEMBER 29, 2017

Good news for the employment market and recruiting industry moving into 2018 with employers in all US regions and industry sectors expected to increase staff. The manufacturing and construction industries in particular are experiencing a rejuvenation leading to a marked increase in job openings within those sectors. The overall unemployment rate is expected to continue to drop over the next two years.

Marketing 45

Marketing Manufacturing 45

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Dark Reading

DECEMBER 29, 2017

When you think of bocce or pétanque, it is hard not to think of groups of retired men, sipping on cool drinks and tossing balls in the shade of a park. It’s as though the casual sport is stuck in the past—in a good way, to be sure.

42

42

WIRED Threat Level

DECEMBER 28, 2017

From Donald Trump to Russian hackers, these are the dangerous characters we’ve been watching online in 2017.

Internet 111

Internet Internet 111