Troy Hunt
SEPTEMBER 18, 2020
More IoT, more cyber and more Q&A so yeah, business as usual this week. More specifically, a lot of this week's update talks about VPNs and where they still make sense with so much HTTPS all over the place these days. As I say in the vid, blog posts like the VPN one I did this week are often done to help me get my thoughts on a topic straight and a lot of things became a lot clearer for me in doing that.
Schneier on Security
SEPTEMBER 18, 2020
Matt Blaze discusses an interesting mystery about a Cuban one-time-pad radio station, and a random number generator error that probably helped arrest a pair of Russian spies in the US.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Tech Republic Security
SEPTEMBER 18, 2020
Looking for an easy to use encryption tool to protect data on your Linux servers? Jack Wallen shows you how to install and use gocryptfs to serve that very purpose.
Schneier on Security
SEPTEMBER 18, 2020
Posted three years ago, but definitely appropriate for the times.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Tech Republic Security
SEPTEMBER 18, 2020
Users in the US would be unable to download the two Chinese-owned apps from local app stores, according to the Department of Commerce.
Security Affairs
SEPTEMBER 18, 2020
Chinese hackers have stolen information from Spanish laboratories working on a vaccine for COVID19, El Pais newspaper revealed. The El Pais newspaper reported that Chinese hackers have stolen information from Spanish laboratories working on a vaccine for COVID19. While pharmaceutical companies worldwide are working on the research of a vaccine for the ongoing COVID19 pandemic, threat actors are conducting cyber espionage campaigns in the attempt of stealing information on the work.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Security Affairs
SEPTEMBER 18, 2020
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has been named a Top-Level Root CVE Numbering Authority (CNA). The US Cybersecurity and Infrastructure Security Agency (CISA) has been named a Top-Level Root CVE Numbering Authority (CNA), it will be overseeing CNAs in assigning CVE identifiers for vulnerabilities in industrial control systems (ICS) and medical devices.
WIRED Threat Level
SEPTEMBER 18, 2020
Poll workers, who skew elderly, are in short supply during the pandemic. Meet some of the young people trying to make up the gap.
Security Affairs
SEPTEMBER 18, 2020
Web-phishing targeting various online services almost doubled during the COVID-19 pandemic , it accounted for 46 percent of the total number of fake web pages. Singapore, 09/18/2020 — Group-IB , a global threat hunting and intelligence company headquartered in Singapore, evidenced the transformation of the threat portfolio over the first half of 2020.
Threatpost
SEPTEMBER 18, 2020
As the pandemic drags on and remote workforces stay remote, zero-trust and other lessons learned should come to the fore.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Security Affairs
SEPTEMBER 18, 2020
Security researchers discovered Android malware capable of bypassing 2FA that was developed by an Iran-linked group dubbed Rampant Kitten. Security researchers from Check Point discovered an Android malware, developed by an Iran-linked group dubbed Rampant Kitten, that is able to bypass 2FA. Rampant Kitten has been active at least since 2014 and was involved in ongoing surveillance operations against Iranian minorities, anti-regime organizations, and resistance movements.
Threatpost
SEPTEMBER 18, 2020
Users of the Discount Rules for WooCommerce WordPress plugin are urged to apply a third and (hopefully) final patch.
WIRED Threat Level
SEPTEMBER 18, 2020
Brands are seeking new ways to customize messages. A startup that gathers data on when you pick up your phone, or when you go out on a run, can help.
Dark Reading
SEPTEMBER 18, 2020
One click is all it takes for confidential information to land in the wrong hands. The good news is that there are plenty of ways to teach preventative cybersecurity to remote workers.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Threatpost
SEPTEMBER 18, 2020
Maze continues to adopt tactics from rival cybercrime gangs.
Dark Reading
SEPTEMBER 18, 2020
Nine security researchers share their favorite songs and genres.
Threatpost
SEPTEMBER 18, 2020
Enterprise security teams are "drowning in alerts.".
Dark Reading
SEPTEMBER 18, 2020
A ransomware attack with fatal consequences is attracting notice and comment from around the world.
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Spinone
SEPTEMBER 18, 2020
Office 365 begins with the right plan. But which one is right for your company? We hope the Microsoft Office 365 license comparison will help you to decide. Let’s take a look at the Office 365 license comparison and find out which one fits you best. Also, we’ll touch on how data migration helps to save on Office 365 licenses. How Much Do Office 365 Business Licenses Cost?
Dark Reading
SEPTEMBER 18, 2020
Experts hold out little hope for a robust technical solution in the long term.
The Security Ledger
SEPTEMBER 18, 2020
In this Spotlight Podcast, sponsored by The Trusted Computing Group, we speak with Matthew Areno, a Principal Engineer in the Intel Product Assurance and Security (IPAS) group about the fast-changing landscape of cyber threats including attacks on hardware and software supply chains. The post Spotlight Podcast: Intel’s Matt Areno – Read the whole entry. » Related Stories Spotlight Podcast: CTO Zulfikar Ramzan on RSA’s Next Act: Security Start-Up Spotlight Podcast: Taking a
ForAllSecure
SEPTEMBER 18, 2020
So you’re in your SOC, your security operations center. You spend your time defending all aspects of the organization, then one day this hacker comes in and sees that blindspot, the one you can’t see, that one corner of the network that is exposed, that is vulnerable. For all the time and money spent, you’re still pwned. That’s not good.
Advertisement
The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.
Schneier on Security
SEPTEMBER 18, 2020
SQUID news: Physicists have developed a small, compact superconducting quantum interference device (SQUID) that can detect magnetic fields. The team l focused on the instrument’s core, which contains two parallel layers of graphene. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Security Affairs
SEPTEMBER 18, 2020
The US Department of Justice announced the indictment of three Iranian hackers for hacking US aerospace and satellite companies. Three Iranian hackers residing in Iran have been indicted for stealing data from aerospace and satellite tracking companies. The hackers were employed in a coordinated campaign of identity theft and hacking on behalf of Iran’s Islamic Revolutionary Guard Corps (IRGC), a designated foreign terrorist organization.
Security Affairs
SEPTEMBER 18, 2020
Twitter announced that it will adopt new security measures to protect high-profile accounts during the upcoming election in the United States. Twitter announced new measures to protect high-profile accounts during the upcoming US Presidential election. The types of accounts that are in this designated group are: US Executive Branch and Congress US Governors and Secretaries of State Presidential campaigns, political parties and candidates with Twitter Election Labels running for US House, US Se
Expert insights. Personalized for you.
255 
Let's personalize your content