Expert insights. Personalized for you.
Krebs on Security
OCTOBER 31, 2021
Virtually all compilers — programs that transform human-readable source code into computer-executable machine code — are vulnerable to an insidious attack in which an adversary can introduce targeted vulnerabilities into any software without being detected, new research released today warns.
Lohrman on Security
OCTOBER 10, 2021
By almost any measure, the breadth, depth and impact of data breaches have dramatically increased during the COVID-19 pandemic. Here’s a roundup of the numbers
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Schneier on Security
OCTOBER 21, 2021
Roger Grimes on why multifactor authentication isn’t a panacea : The first time I heard of this issue was from a Midwest CEO. His organization had been hit by ransomware to the tune of $10M. Operationally, they were still recovering nearly a year later.
Joseph Steinberg
OCTOBER 27, 2021
A hospital suffering through a ransomware attack failed to provide proper care for an expectant mother and her newborn child, leading to the child’s death, according to a lawsuit filed in the US State of Alabama.
Speaker: William Hord, Vice President of ERM Services
Join us as we discuss the various tangents of data and the change management process that will help you make better risk-based business decisions to save time and money for your organization.
Troy Hunt
OCTOBER 20, 2021
We choose this photo for the cover because this was when it all started. 18-year old Troy, having just discovered the web in early 1995 and chomping at the bit to do something with it.
The Last Watchdog
OCTOBER 21, 2021
First released in the late 1920s, the novel “All Quiet on the Western Front” was publicly burned, banned, derided and censored for its “anti-war” and “unpatriotic” messages. Set in the final weeks of World War 1, the story swings heavily on the contrast between false security and the realities of war. Related: We’re in the golden era of cyber espionage. Today, we are talking about a different war dynamically morphing between a physical war and cyber war. President Joe Biden just told U.S.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Lohrman on Security
OCTOBER 31, 2021
What’s hot right now in the federal government cybersecurity space? What can we expect from the Biden White House as we move into 2022 and face new threats
Schneier on Security
OCTOBER 12, 2021
I feel sorry for the accused : The “security incident” that forced a New-York bound flight to make an emergency landing at LaGuardia Airport on Saturday turned out to be a misunderstanding — after an airline passenger mistook another traveler’s camera for a bomb, sources said Sunday.
Javvad Malik
OCTOBER 21, 2021
I’ve been thinking of the best way to write this post for several days. Many drafts have ended up being deleted. Which, to be honest, doesn’t have the same visual satisfaction as seeing pages crumpled up into balls and tossed across the room into the bin. But here we are. Last week, KnowBe4, OneLogin, and Eskenzi PR partnered up to attempt to set the Guinness World Record for the Most views of A Cybersecurity Lesson Video on YouTube in 24 hours.
Troy Hunt
OCTOBER 9, 2021
A lot of cyber things this week: loads of data breach (or "scrape", In LinkedIn's case) incidents, Windows 11 upgrade experiences and then bricking my house courtesy of a Home Assistant update that fundamentally changed the Tuya integration.
Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster
In this webinar, Ronald Eddings, Cybersecurity Expert, will outline the relationship between SaaS apps and IT & security teams, along with several actionable solutions to overcome the new difficulties facing your organization.
The Last Watchdog
OCTOBER 11, 2021
Software today is built on a combination of open source and proprietary software packages. Developers can reuse and build on the packages created by others, which results in the rapid creation of new capabilities and technologies. Related: How SBOM factors into DevSecOps. This reuse creates dependencies, all of which don’t necessarily stay updated at the same pace.
Krebs on Security
OCTOBER 13, 2021
A recent phishing campaign targeting Coinbase users shows thieves are getting cleverer about phishing one-time passwords (OTPs) needed to complete the login process.
Lohrman on Security
OCTOBER 24, 2021
Public- and private-sector organizations are facing staffing shortages, especially in technical positions. But don’t forget to take care of your current staff, who may be struggling with burnout
Schneier on Security
OCTOBER 22, 2021
Someone has been hacking telecommunications networks around the world: LightBasin (aka UNC1945) is an activity cluster that has been consistently targeting the telecommunications sector at a global scale since at least 2016, leveraging custom tools and an in-depth knowledge of telecommunications network architectures.
Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP
Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.
Joseph Steinberg
OCTOBER 4, 2021
Cybersecurity Awareness Month is Here! In October, people across America commemorate Cybersecurity Awareness Month, a national observance jointly established in 2004 by the U.S. Department of Homeland Security (DHS) and the National Cyber Security Alliance.
Troy Hunt
OCTOBER 23, 2021
Well this is a totally different office view! I'm properly getting into working more on the acoustics and aesthetics to make this the most productive environment possible which means this week things are in a bit of disarray due to ongoing works.
The Last Watchdog
OCTOBER 26, 2021
Our Public Key Infrastructure is booming but also under a strain that manual certificate management workflows are not keeping up with. Related: A primer on advanced digital signatures. PKI and digital certificates were pivotal in the formation of the commercial Internet, maturing in parallel with ecommerce.
Krebs on Security
OCTOBER 14, 2021
On Wednesday, the St. Louis Post-Dispatch ran a story about how its staff discovered and reported a security vulnerability in a Missouri state education website that exposed the Social Security numbers of 100,000 elementary and secondary teachers. In a press conference this morning, Missouri Gov.
Speaker: P. Andrew Sjogren, Sr. Product Marketing Manager at Very Good Security, Matt Doka, Co-Founder and CTO of Fivestars, and Steve Andrews, President & CEO of the Western Bankers Association
In this webinar, we have a great set of panelists who will take you through how Zero Data strategies can be used as part of a well-rounded compliance and security approach, and get you to market much sooner by also allowing for payment optimization. They’ll share how to grow your business faster and minimize costs for both security and compliance
Lohrman on Security
OCTOBER 3, 2021
The Cyber Incident Notification Act of 2021 would require reporting cyber incidents impacting critical infrastructure to the Cybersecurity and Infrastructure Security Agency (CISA) within 24 hours
Schneier on Security
OCTOBER 11, 2021
It’s not actually banned in the EU yet — the legislative process is much more complicated than that — but it’s a step: a total ban on biometric mass surveillance.
Javvad Malik
OCTOBER 6, 2021
October is National Cyber Security Awareness Month. . Delivering effective cyber security awareness is an ongoing process, and not one that can be solved in one month a year. But that doesn’t mean we shouldn’t try. Staying safe online has many similarities with staying safe on the line aka tightrope walking. It involves a delicate mix of courage, foolhardiness, balance, poise, and the threat of falling to a horrible death.
Troy Hunt
OCTOBER 15, 2021
I had a bunch of false starts with this one. I don't know if it was just OBS or something else, but we got there after several failed attempts and me resorting to reading Gov Parson's nutty tweets until it all started working. "Nutty"
Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies
Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.
The Last Watchdog
OCTOBER 19, 2021
Most of the people I know professionally and personally don’t spend a lot of time contemplating the true price we pay for the amazing digital services we’ve all become addicted to. Related: Blockchain’s role in the next industrial revolution. I’ll use myself as a prime example. My professional and social life revolve around free and inexpensive information feeds and digital tools supplied by Google, Microsoft, Amazon, LinkedIn, Facebook and Twitter. I’m productive.
Lohrman on Security
OCTOBER 17, 2021
The National Association of State Chief Information Officers (NASCIO) Annual Conference was held this past week as a live event in Seattle for the first time in two years. What happened, and what’s next
Schneier on Security
OCTOBER 18, 2021
The Missouri governor wants to prosecute the reporter who discovered a security vulnerability in a state’s website, and then reported it to the state.
Anton on Security
OCTOBER 21, 2021
My admittedly epic (but dated) post “Security Correlation Then and Now: A Sad Truth About SIEM” mentioned the issue of TRUST as it applies to SIEM. Specifically, as a bit of a throwaway comment, I said “people write stupid string-matching and regex-based content because they trust it. They do not?—?en en masse?—?trust trust the event taxonomies if their lives and breach detections depend on it.” This post is an exploration of that theme.
Tech Republic Security
OCTOBER 26, 2021
Supply chain attacks, misinformation campaigns, mobile malware and larger scale data breaches are just some of the threats to watch for next year, Check Point Software says
The Last Watchdog
OCTOBER 28, 2021
Over the past five years, cryptocurrency exchanges have been the target of increasingly damaging “ 51% attacks ” resulting in the theft of over $30 million worth of cryptocurrency to date. Related: Wildland restores control of data to individuals. However, these attacks aren’t due to exchange security flaws; malicious actors are exploiting the underlying consensus protocols of blockchains themselves.
Krebs on Security
OCTOBER 12, 2021
Microsoft today issued updates to plug more than 70 security holes in its Windows operating systems and other software, including one vulnerability that is already being exploited. This month’s Patch Tuesday also includes security fixes for the newly released Windows 11 operating system.
Troy Hunt
OCTOBER 29, 2021
Now this office is starting to look good! New wallpaper is in and brackets for the shelf are ready, just waiting for it to be made and fitted now.
Schneier on Security
OCTOBER 15, 2021
Even before Apple made its announcement , law enforcement shifted their battle for backdoors to client-side scanning. The idea is that they wouldn’t touch the cryptography, but instead eavesdrop on communications and systems before encryption or after decryption.
285 
Let's personalize your content