August, 2017

article thumbnail

China sends 'unbreakable code' from quantum satellite to Earth

Tech Republic Security

A new satellite has been able to transmit 'unbreakable' code in an effort to build 'hack-proof' communications, according to Chinese state media.

Media 167
article thumbnail

How to trace ransomware payments end-to-end

Elie

Over the last two years, ransomware has been all over the news. Hardly a week goes by without a report of a large ransomware outbreak or the emergence of a new ransomware family. Despite all this attention, very little is known about how profitable ransomware is and who the criminals are that benefit from it. To answer these questions and expose the inner workings of the ransomware economy, our research team at Google, in partnership with.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Data processors under the GDPR

Privacy and Cybersecurity Law

In our monthly GDPR Updates we discuss various key issues of the General Data Protection Regulation, (EU) 2016/679 (the GDPR), […].

52
article thumbnail

Introducing Behavioral Information Security

The Falcon's View

I recently had the privilege of attending BJ Fogg's Behavior Design Boot Camp. For those unfamiliar with Fogg's work, he started out doing research on Persuasive Technology back in the 90s, which has become the basis for most modern uses of technology to influence people (for example, use of Facebook user data to influence the 2016 US Presidential Election).

article thumbnail

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

article thumbnail

The Weekly Independent: August 28, 2017

eSecurity Planet

News and notes for independent professionals and their clients. This is the August 28, 2017 edition.

40
article thumbnail

NYDFS Cybersecurity Regulations: Key Deadlines

NopSec

The first traditional deadline is coming to a close this month for compliance with the NYDFS Cybersecurity Regulations. Please note that situations vary from one organization to another and I urge you to consult an NY DFS expert to help you get the right information for your team and determine which requirements apply exactly to you. For example, the initial 30 day period for filing Notices of Exemption under 23 NYCRR 500.19(e) ends on August 28, 2017.

LifeWorks

More Trending

article thumbnail

Understanding the Mirai Botnet

Elie

The Mirai botnet, composed primarily of embedded and IoT devices, took the Internet by storm in late 2016 when it overwhelmed several high-profile targets with massive distributed denial-of-service (DDoS) attacks. In this paper, we provide a seven-month retrospective analysis of Mirai’s growth to a peak of 600k infections and a history of its DDoS victims.

DDOS 86
article thumbnail

Data processors under the GDPR

Privacy and Cybersecurity Law

In our monthly GDPR Updates we discuss various key issues of the General Data Protection Regulation, (EU) 2016/679 (the GDPR ), which applies from 25 May 2018. With the introduction of the GDPR, the existing Directive 95/46/EC and its implementation in the local laws of the various EU Member States will be repealed. The GDPR will bring significant and substantial changes with respect to the processing of personal data.

Risk 40
article thumbnail

Detect and Prevent Data Exfiltration Webinar with Infoblox

Andrew Hay

Please join SANS Institute Instructor and LEO Cyber Security Co-Founder & CTO Andrew Hay and Infoblox Security Product Marketing’s Sam Kumarsamy on Thursday, August 17th, 2017 at 1:00 PM EDT (17:00:00 UTC) as they present a SANS Institute webinar entitled Detect & Prevent Data Exfiltration: A Unique Approach. Overview. Data is the new currency in the modern digital enterprise and protecting data is a strategic imperative for every organization.

DNS 40
article thumbnail

On Titles, Jobs, and Job Descriptions (Not All Roles Are Architects)

The Falcon's View

Folks: Please stop calling every soup-to-nuts, everything-but-the-kitchen-sink security job a "security architect" role. It's harmful to the industry and it's doing you no favors trying to find the right resources. In fact, please stop posting these "one role does everything security under the sun" positions altogether. It's hurting your recruitment efforts, and it makes it incredibly difficult to find positions that are a good fit.

article thumbnail

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

article thumbnail

DevOps Risk Management: Vulnerability Risk Management as DevOps Practice

NopSec

Silos exist in all levels and all types of organizations. Different teams naturally have different priorities, methodologies, and more, though it can be argued that more collaboration can improve the efficiency and effectiveness of the company as a whole. This can be seen especially within IT Teams as well, particularly the development and operations teams.

Risk 40
article thumbnail

Women in cybersecurity: IBM wants to send you to a hacker conference for free

Tech Republic Security

A new IBM scholarship will cover 100% of the entry fees for any woman interested in attending EC-Council's Hacker Halted conference. Here's how to take advantage of the offer.

article thumbnail

How to trace ransomware payments end-to-end - an overview

Elie

In-depth research publications, industry talks and blog posts about Google security, research at Google and cybersecurity in general in open-access.

article thumbnail

How to build security into your company's IoT plan

Tech Republic Security

As the IoT market booms, it's essential your company develops long-term cybersecurity solutions. These tips will help you prepare.

IoT 166
article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

Musk, tech leaders urge UN to ban AI-powered lethal autonomous weapons

Tech Republic Security

A group of 116 tech executives recently penned an open letter urging the UN to double its efforts protecting against autonomous weapons, which some have called 'killer robots.

165
165
article thumbnail

How to use Secure Copy for file transfer

Tech Republic Security

FTP was the popular protocol for file transfer but short of using FTPS, it doesn't provide the security required these days. Here's how to use Secure Copy (SCP) for file transfer.

163
163
article thumbnail

Stop treating users as the enemy when it comes to cybersecurity

Tech Republic Security

Users get a bad rap for cybersecurity. Find out why making them part of your organization's cybersecurity solution is critical to staying secure.

article thumbnail

10 bad habits cybersecurity professionals must break

Tech Republic Security

Cybersecurity workers face many challenges on the job. Here are 10 bad habits they must avoid in order to be most effective.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Hacker claims to have decrypted Apple's Secure Enclave, destroying key piece of iOS mobile security

Tech Republic Security

iOS users beware: A hacker has just published a decryption key for the Apple Secure Enclave, which is responsible for processing Touch ID transactions.

Mobile 160
article thumbnail

What do macOS and Android have in common? Both are booming malware markets

Tech Republic Security

A new report from Malwarebytes reveals Android ransomware rose 137.8% from Q1 to Q2 2017, and macOS malware is at its highest levels ever. Here are the threats the two platforms face.

Malware 150
article thumbnail

How to prevent phishing attacks in Microsoft Outlook and Office 365: 3 methods

Tech Republic Security

Phishing attacks are a major source of worry for businesses. Here are a few tips on keeping malicious messages out of your users' inboxes and minimizing the risk when they make it there.

Phishing 150
article thumbnail

Report: The US government has a massive footprint on the darknet

Tech Republic Security

Like commercial entities, government agencies have a tendency to find their secrets leaked to the dark web. Unfortunately, US government secrets are leaked at a much higher rate.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Researchers can now hack a PC with malware stored on synthetic DNA

Tech Republic Security

University of Washington researchers successfully stored malware in synthetic DNA strands, and used it to gain control of the computer analyzing it.

Malware 144
article thumbnail

AI vs AI: New algorithm automatically bypasses your best cybersecurity defenses

Tech Republic Security

Researchers have created an AI that tweaks malware code, and it easily bypassed an anti-malware AI undetected. Is machine learning ready to face down cybersecurity threats?

article thumbnail

If you're really concerned about browser security, Incognito isn't enough

Tech Republic Security

If you assume your browsing is private and secure, think again. Jack Wallen offers up what he believes is your best bet to safeguard your browsing sessions and data.

141
141
article thumbnail

Hundreds of IoT smart locks bricked by bad update, leaving customers stranded

Tech Republic Security

A botched wireless update for certain LockState locks has left them unable to be locked or unlocked without the physical backup key and highlighting the dangers associated with IoT.

IoT 141
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Raspberry Pi owners: Update now to block this Wi-Fi hack

Tech Republic Security

The update from the old Debian Jessie-based version of Raspbian includes various security fixes, including a patch for the Broadpwn Wi-Fi vulnerability.

Hacking 140
article thumbnail

How to scan and clean malware from a Linux server

Tech Republic Security

Just because your shares are served up via Linux, doesn't mean you shouldn't be scanning for malicious files. Here's how to do that with Maldet.

Malware 138
article thumbnail

iOS users beware: You're the biggest target for mobile phishing attacks

Tech Republic Security

Phishing continues to be a problem, and attacks are moving away from the email inbox. A new report found that iOS is the biggest target, with most attacks coming from game apps.

Phishing 138
article thumbnail

Video: How IBM plans to use Watson and AI to protect the connected car

Tech Republic Security

IBM Security recently announced new testing focused on cars security and IoT. The services will focus on backend processes, apps, and physical hardware used to control smart systems.

IoT 135
article thumbnail

Next-Level Fraud Prevention: Strategies for Today’s Threat Landscape

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.