Schneier on Security

OCTOBER 30, 2020

Our Guide gives the most comprehensive presentation to date of this landscape of legal risks, with an eye to both legal and technical nuance.

Risk 345

Risk Technology Hacking 345

Jane Frankland

MARCH 27, 2024

And I can’t help but be concerned that technology, especially advancements in artificial intelligence, is not just reshaping our world; it’s actually reshaping our identity and the fabric of trust that binds us. This has led to a new imperative in trust and technology – being human by default.

Technology 130

Technology Artificial Intelligence Authentication Scams 130

Schneier on Security

JANUARY 8, 2024

Modern democracy was invented in the mid-eighteenth century, using mid-eighteenth-century technology. Were democracy to be invented from scratch today, with today’s technologies, it would look very different. Each panel has six speakers, each of whom presents for ten minutes. Representation would look different.

Technology 293

Technology 293

Schneier on Security

DECEMBER 2, 2022

Technology changes the amplitude of the noise. The magnifying effects of technology enable short-term damage to cause long-term planet-wide systemic damage. Our rapid, technologically enabled changes to the atmosphere, compounded through feedback loops and tipping points, may make Earth much less hospitable for the coming centuries.

Risk 304

Risk Technology Hacking 304

SecureWorld News

JULY 17, 2024

The event not only showcases athletic prowess but also presents a significant challenge for cybersecurity professionals. The Olympics are a prime target for cyberattacks due to their high profile, the involvement of numerous stakeholders, and the extensive use of digital technologies.

Cybersecurity 114

Cybersecurity Phishing Mobile Media 114

Schneier on Security

JULY 3, 2023

. “We’re supposed to be able to go about our business in our day-to-day lives without being surveilled unless we are suspected of a crime, and each little bit of this technology strips away that ability.”

Surveillance 358

Surveillance Marketing Technology 358

Schneier on Security

JUNE 24, 2022

But that’s nothing inherent in blockchain technology—that’s just a bunch of bad design choices bitcoin made. In our letter, we write: “By its very design, blockchain technology is poorly suited for just about every purpose currently touted as a present or potential source of public benefit.

Cryptocurrency 364

Cryptocurrency Technology Scams Government 364

Joseph Steinberg

AUGUST 3, 2021

The Global Foundation for Cyber Studies and Research (GFCyber) announced today that it has launched Cyber Insights , a new digital magazine that aims to help readers stay informed about contemporary cyber-related issues and their potential ramifications, from the perspectives of policy, practice, and technology.

Artificial Intelligence 246

Artificial Intelligence Technology Cybersecurity 246

Krebs on Security

JULY 30, 2020

based merchants suggest thieves are exploiting weaknesses in how certain financial institutions have implemented the technology to sidestep key chip card security features and effectively create usable, counterfeit cards. Newer, chip-based cards employ a technology known as EMV that encrypts the account data stored in the chip.

Banking 362

Banking Malware Encryption Accountability 362

The Last Watchdog

MAY 19, 2022

Today, there are two major types of common CMS platforms: •The older “traditional” or “monolithic” CMS platforms include a content repository (usually a multimedia database), the administrative console (where content is added and categorized), the presentation system (which makes nice-looking pages), and the search engine. Gierlinger.

Data breaches 262

Data breaches Encryption Mobile Technology 262

Joseph Steinberg

FEBRUARY 4, 2024

Scammers stole over $25 million from a multinational business by utilizing cutting-edge real-time video deepfake technology to convince an employee in the firm’s accounts-payable department that the worker had properly validated a payment request previously sent to him via email. Million USD at the time of the theft and at present).

Artificial Intelligence 353

Artificial Intelligence Phishing Scams Accountability 353

Schneier on Security

FEBRUARY 2, 2023

The researchers have since commercialized the technology, which is now busily defending networks for customers like the U.S. AIs would improve every year because all of the core technologies are continually improving. A system called Mayhem, created by a team of Carnegie-Mellon computer security researchers, won. Department of Defense.

Artificial Intelligence 329

Artificial Intelligence Technology Software Hacking 329

Joseph Steinberg

JUNE 10, 2022

Many of Gillis’s comments echoed those that I have heard in recent months from CISOs and others within the cybersecurity industry who witness developments from various vantage points quite different from those of a vendor of cybersecurity technologies. Sampling No Longer Works.

Cybersecurity 363

Cybersecurity Artificial Intelligence CISO Wireless 363

Joseph Steinberg

JUNE 7, 2021

Every so often, I encounter an unusual technology device that so well solves a problem that I have encountered many times that I cannot imagine not adding the product to my arsenal of tools, even if it is not something that I would necessarily use every day. The Hushme is one such offering.

Artificial Intelligence 363

Artificial Intelligence Technology Media Cybersecurity 363

Schneier on Security

JUNE 7, 2021

But the confusing part is footnote 8: For present purposes, we need not address whether this inquiry turns only on technological (or “code-based”) limitations on access, or instead also looks to limits contained in contracts or policies. It’s a good ruling, and one that will benefit security researchers.

Technology 228

Technology 228

The Last Watchdog

SEPTEMBER 10, 2024

This cutting-edge innovation combines Post-Quantum Cryptography (PQC)* — designed to withstand the security threats posed by future quantum computing—with the trusted SSL technology that secures websites worldwide. This is achieved through the generation of Face Certificates for specific purposes, such as login, eKYC, and more.

Computers and Electronics 278

Computers and Electronics Encryption Government Authentication 278

Joseph Steinberg

JANUARY 30, 2024

Steinberg and Liwer will analyze the potential impact of emerging technologies, legislative changes, and geopolitical events on the cybersecurity landscape. They will then shift our focus to the future, and help us forecast for 2024 with a forward-thinking exploration of anticipated cybersecurity challenges and advancements.

Artificial Intelligence 269

Artificial Intelligence Cybersecurity Cyber threats Technology 269

Anton on Security

MAY 19, 2022

Finding and confirming malicious activities and presenting them to the security team and/or automatically responding to them constitutes detection and response. This applies to the types of systems you would encounter, technologies, and operational practices. Prevention does improve, but never becomes perfect. So, what to do next?

Threat Detection 299

Threat Detection Technology Backups Data breaches 299

Krebs on Security

SEPTEMBER 8, 2021

Many of those zero-days involve older Microsoft technologies or those that have been retired, like IE11; Microsoft officially retired support for Microsoft Office 365 apps and services on IE11 last month.

Software 355

Software Engineering Internet Internet 355

Krebs on Security

APRIL 14, 2023

Instead, users are presented with a prompt asking if they wish to trust a connected computer before any data transfer can take place. On the other hand, the technology needed to conduct a sneaky juice jacking attack has become far more miniaturized, accessible and cheap. “Also, you can now buy all this stuff over the counter.

Mobile 315

Mobile Software Backups Technology 315

Tech Republic Security

OCTOBER 22, 2024

A study at Rensselaer Polytechnic Institute presented at ISC2 Security Congress compared ChatGPT-written training prompted by security experts and prompt engineers.

Engineering 207

Engineering Artificial Intelligence Technology Cybersecurity 207

The Hacker News

FEBRUARY 8, 2024

However, adopting cloud technologies into your infrastructure presents various cybersecurity risks and Cloud computing has innovated how organizations operate and manage IT operations, such as data storage, application deployment, networking, and overall resource management.

Cybersecurity 136

Cybersecurity Technology Risk 136

The Last Watchdog

APRIL 8, 2024

She serves on the board of several technology companies and also happens to be steeped in cyber risk governance. Thus, presenting a sky-is-falling scenario to justify a fatter security budget, “does not resonate at the board level,” she said in her talk. Here’s that exchange, edited for clarity and length.

CISO 210

CISO Risk Cybersecurity Insurance 210

The Hacker News

JUNE 28, 2024

A group of security researchers from the Graz University of Technology have demonstrated a new side-channel attack known as SnailLoad that could be used to remotely infer a user's web activity. SnailLoad exploits a bottleneck present on all Internet connections," the researchers said in a study released this week.

Internet 138

Internet Internet Technology 138

Krebs on Security

APRIL 28, 2021

Experian says it has plugged the data leak, but the researcher who reported the finding says he fears the same weakness may be present at countless other lending websites that work with the credit bureau.

Insurance 363

Insurance Identity Theft Accountability Technology 363

The Hacker News

FEBRUARY 21, 2024

With SaaS applications now making up the vast majority of technology used by employees in most organizations, tasks related to identity governance need to happen across a myriad of individual SaaS apps.

Government 136

Government Technology 136

Joseph Steinberg

JULY 20, 2022

There is little doubt that quantum computing will ultimately undermine the security of most of today’s encryption systems , and, thereby, render vulnerable to exposure nearly every piece of data that is presently protected through the use of encryption. Clearly, there is a need to act in advance – and acting takes time.

Risk 338

Risk Encryption Government Artificial Intelligence 338

Schneier on Security

JULY 26, 2023

The European Telecommunications Standards Institute (ETSI), an organization that standardizes technologies across the industry, first created TETRA in 1995. Since then, TETRA has been used in products, including radios, sold by Motorola, Airbus, and more. Crucially, TETRA is not open-source.

Telecommunications 244

Telecommunications Encryption Technology Software 244

Schneier on Security

JUNE 3, 2024

Technology was once simply a tool—and a small one at that—used to amplify human intent and capacity. That was the story of the industrial revolution: we could control nature and build large, complex human societies, and the more we employed and mastered technology, the better things got.

Technology 316

Technology Government Engineering Internet 316

The Last Watchdog

JANUARY 9, 2024

Augmented reality (AR) and virtual reality (VR) technologies provide intriguing opportunities for immersive and interactive experiences in cybersecurity training. Related: GenAI’ impact on DevSecOps Here’s how these technologies can bridge learning gaps in cybersecurity awareness and enhance the overall training experience.

Technology 203

Technology Cybersecurity Risk Mobile 203

The Last Watchdog

JULY 10, 2023

Related: Using ‘Big Data’ to improve health and well-being But there’s yet another towering technology mountain to climb: we must also overcome the limitations of Moore’s Law. Optical technology can enable us to control energy consumption so we can support increasing capacity and increasing bandwidth,” Gomi summarizes.

Energy and Utilities 246

Energy and Utilities Technology Internet Internet 246

The Last Watchdog

MAY 24, 2022

Passwordless technology is certainly ready for prime time; innovative solutions from suppliers like Cisco’s Duo, Hypr, OneLogin and Veridium have been steadily gaining traction in corporate settings for the past few years. For a full drill down on our wide-ranging discussion, please give a listen to the accompanying podcast.

Authentication 342

Authentication Passwords Banking Digital transformation 342

Schneier on Security

APRIL 25, 2024

Technology companies developed automated models to take on this massive task of filtering content, ushering in the era of the algorithmic publisher. In response, scammers built link farms and spammed comment sections, falsely presenting their trashy pages as authoritative. The most familiar, and powerful, of these publishers is Google.

Engineering 359

Engineering Internet Internet Artificial Intelligence 359

Joseph Steinberg

APRIL 7, 2021

This list is not in any particular order, nor is it even remotely comprehensive (I am personally aware of well over 100 privately-held Israeli cybersecurity companies) – it is, however, illustrative of some of the areas of risk and of innovation that are presently on my mind. The firm has also expanded into cybersecurity systems for aircraft.

Cybersecurity 246

Cybersecurity Small Business IoT Computers and Electronics 246

The Last Watchdog

JUNE 3, 2022

Findings released this week by ReversingLabs show 87 percent of security and technology professionals view software tampering as a new breach vector of concern, yet only 37 percent say they have a way to detect it across their software supply chain. It’s encouraging that the technology to do that is available.

Software 255

Software Internet Internet System Administration 255

Joseph Steinberg

JANUARY 4, 2023

Zero Trust Network Architecture, on the other hand, is not conceptual; it refers to an actual information technology architecture – including hardware, software, data, and workflow – that employs the principles of Zero Trust in its design so as to enforce a Zero Trust model.

Architecture 361

Architecture Artificial Intelligence Encryption Cybersecurity 361

Anton on Security

FEBRUARY 22, 2022

To me, the answer is I need clarity in technologies that we deploy. The slogan of “consolidate while slicing complexity” will probably have a lot more fans then “extend the endpoint technology to, well, not endpoint” … This view of XDR is not my invention, even though the framing probably is. What do you think?

Threat Detection 246

Threat Detection Technology Risk Media 246