Schneier on Security
OCTOBER 14, 2020
This is a current list of where and when I am scheduled to speak: I’ll be speaking at Cyber Week Online , October 19-21, 2020. I’ll be speaking at the IEEE Symposium on Technology and Society virtual conference, November 12-15, 2020. I’ll be keynoting the 2020 Conference on Cyber Norms on November 12, 2020. I’m speaking at the (ISC)² Security Congress 2020 , November 16, 2020.
Tech Republic Security
OCTOBER 14, 2020
What if you could compare security on IoT devices, similar to nutrition labels, before you buy them? One organization is trying to make that happen.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Schneier on Security
OCTOBER 14, 2020
The Workshop on Economics of Information Security will be online this year. Register here.
Tech Republic Security
OCTOBER 14, 2020
IT managers at organizations hit by ransomware are nearly three times as likely to feel "significantly behind" when it comes to understanding cyberthreats, compared to their peers that have never been hit.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Security Affairs
OCTOBER 14, 2020
Google security researcher discovered Bluetooth vulnerabilities (BleedingTooth) in the Linux kernel that could allow zero-click attacks. Andy Nguyen, a Google security researcher, has found Bluetooth vulnerabilities, referred to as BleedingTooth, in the Linux kernel that could be exploited by attackers to run arbitrary code or access sensitive information.
Tech Republic Security
OCTOBER 14, 2020
Zoom's two-day online conference kicked off with a bevy of new product announcements around security and developer enhancements.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
CTOVision Cybersecurity
OCTOBER 14, 2020
Read Bernard Marr explain the difference between cybersecurity and cyber resilience on Forbes: Cyber threats like hacking, phishing, ransomware, and distributed denial-of-service (DDoS) attacks have the potential to cause enormous […].
Security Affairs
OCTOBER 14, 2020
Earlier this month, German authorities have raided the offices of FinFisher, the German surveillance software firm, accused of providing its software to oppressive regimes. German authorities have raided the offices of FinFisher , the popular German surveillance firm as part of an investigation into the alleged sale of their software to oppressive regimes.
Dark Reading
OCTOBER 14, 2020
As the pandemic continues, security teams still need help they can't get. But the "skills shortage" is only part of the story.
Security Affairs
OCTOBER 14, 2020
Cisco Talos found several remotely exploitable denial-of-service (DoS) vulnerabilities in a Rockwell Automation industrial automation product. A researcher from Cisco Talos released technical details of several remotely exploitable denial-of-service (DoS) vulnerabilities in an industrial automation product made by Rockwell Automation. The product affected by the flaw is the Allen-Bradley 1794-AENT Flex I/O series B adapter, the issue resides in the Ethernet/IP request path port/data/logical segm
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Digital Shadows
OCTOBER 14, 2020
In early October 2020, Europol released their Internet Organized Crime Threat Assessment (IOCTA) 2020, detailing the latest trends and impacts. The post Digital Shadows Analysis of Europol’s Cybercrime Report first appeared on Digital Shadows.
Veracode Security
OCTOBER 14, 2020
Veracode has been officially recognized by Gartner Peer Insights as a 2020 Customers??? Choice for Application Security Testing. The report includes Veracode???s aggregate score of 4.6 out of 5 stars out of 95 independent customer reviews (as of July 31, 2020), and of the reviewers, 92 percent said that they would recommend Veracode???s AST solutions.
Threatpost
OCTOBER 14, 2020
Organizations worldwide – including Travelex – have been sent letters threatening to launch DDoS attacks on their network unless a $230K ransom is paid.
Veracode Security
OCTOBER 14, 2020
We are excited to announce the launch of our new partner training and certification paths, open to all authorized Veracode partners. Based on partner feedback, we have designed these paths to provide a deeper understanding of the Veracode story and technical details around application security (AppSec). By enlisting in our training and certification paths, we enable partners to expand their business and support customers in developing a comprehensive AppSec program.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Dark Reading
OCTOBER 14, 2020
The National Institute of Standards and Technology's first post-quantum cryptography standard will address key issues, approaches, an arms race, and the technology's uncertain future.
Threatpost
OCTOBER 14, 2020
The CVE-2020-5135 stack-based buffer overflow security vulnerability is trivial to exploit, without logging in.
McAfee
OCTOBER 14, 2020
Detrimental lies are not new. Even misleading headlines and text can fool a reader. However, the ability to alter reality has taken a leap forward with “deepfake” technology which allows for the creation of images and videos of real people saying and doing things they never said or did. Deep learning techniques are escalating the technology’s finesse, producing even more realistic content that is increasingly difficult to detect.
Threatpost
OCTOBER 14, 2020
BEC fraudsters now have bases of operation across at least 39 counties and are responsible for $26 billion in losses annually -- and growing.
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Tech Republic Security
OCTOBER 14, 2020
When buying Internet of Things devices, consumers should understand the risks to their privacy. Here's one way to advise them.
Threatpost
OCTOBER 14, 2020
Intel's addition of memory encryption to its upcoming 3rd generation Xeon Scalable processors matches AMD's Secure Memory Encryption (SME) feature.
Dark Reading
OCTOBER 14, 2020
Here's how CISOs and IT security operations teams can best address key challenges to network monitoring that could increase malware dwell time.
Threatpost
OCTOBER 14, 2020
Databases of sensitive, financial and personally identifiable info and documents from Intcomex were leaked on Russian-language hacker forum after a ransomware attack.
Advertisement
The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.
Dark Reading
OCTOBER 14, 2020
London's Hackney Council says some services may be slow or unavailable as it looks into a cyberattack affecting services and IT systems.
WIRED Threat Level
OCTOBER 14, 2020
Despite the operation's short-term effects, it sets new precedents for the scope of Cyber Command's mission.
Dark Reading
OCTOBER 14, 2020
The third-generation Xeon processors build in hardware security features to provide extra protection to data in transit, at rest, and in use.
Threatpost
OCTOBER 14, 2020
The Iranian hacker group is targeting universities in 12 countries.
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
SiteLock
OCTOBER 14, 2020
A type of malware that collects bits of data from a site can be hard to find. SiteLock can pinpoint that type of malware that spreads without human interaction. The post Type Of Malware That Collects Bits Of Data appeared first on The SiteLock Blog.
Threatpost
OCTOBER 14, 2020
Intel and Google are urging users to update the Linux kernel to version 5.9 or later.
Dark Reading
OCTOBER 14, 2020
Phase 1 removes Zoom servers from the key generation and distribution processes.
IT Security Central
OCTOBER 14, 2020
2020 is a uniquely transformative year. Prompted by a global pandemic, we’ve been forced to change many things about how we live, work and relate. For most businesses, this means a rapid and comprehensive shift toward remote work. While more than half of all employees participated in a rapid transition to remote work, it’s clear […].
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Expert insights. Personalized for you.
188 
Let's personalize your content