Troy Hunt

JANUARY 10, 2018

India's Aadhaar implementation is the largest biometric system in the world, holding about 1.2 billion locals' data. It's operating in an era of increasingly large repositories of personal data held by both private companies and governments alike. It's also an era where this sort of information is constantly leaked to unauthorised parties; last year Equifax lost control of 145.5 million records on US consumers (this started a series events which ultimately led to me testifying in front of Congre

Hacking 280

Hacking Government Encryption Risk 280

Schneier on Security

JANUARY 12, 2018

Funny.

231

231

Thales Cloud Protection & Licensing

JANUARY 31, 2018

Data breaches are the new normal. According to our 2018 Global Data Threat Report , 67% of enterprises have been breached, with that percentage rate growing every year. Regardless of the security measures and efforts put in place, organizations need to act as if a successful cyberattack is not a question of “if” but “when.”. As organizations continue to embrace digital transformation, greater amounts of sensitive data is created, stored and transferred in digital form putting more data at risk.

Digital transformation 130

Digital transformation Data breaches Encryption Cloud Migration 130

WIRED Threat Level

JANUARY 23, 2018

Thanks to Tinder's patchwork use of HTTPS, researchers found they could reconstruct someone's entire experience in the app.

Encryption 111

Encryption 111

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

Risk

Dark Reading

JANUARY 24, 2018

Major DDoS attacks cost some organizations more than $100,000 in 2017, according to a new NETSCOUT Arbor report.

DDOS 94

DDOS 94

eSecurity Planet

JANUARY 26, 2018

A look at how security vendors that are employing artificial intelligence and machine learning to help IT security teams.

Artificial Intelligence 93

Artificial Intelligence Cybersecurity 93

Schneier on Security

JANUARY 29, 2018

It's really hard to estimate the cost of an insecure Internet. Studies are all over the map. A methodical study by RAND is the best work I've seen at trying to put a number on this. The results are, well, all over the map: " Estimating the Global Cost of Cyber Risk: Methodology and Examples ": Abstract : There is marked variability from study to study in the estimated direct and systemic costs of cyber incidents, which is further complicated by the considerable variation in cyber risk in differe

Internet 219

Internet Internet Cyber Risk Risk 219

Thales Cloud Protection & Licensing

JANUARY 4, 2018

We are in the midst of a digital revolution impacting every aspect of our everyday lives. At the center of the revolution is data, which is available in more forms, volume, depth and complexity since the beginnings of the computer revolution. Earlier this year , IDC predicted the world’s volume of data would expand to 163 zettabytes by 2025 – a tenfold rise in the total.

Digital transformation 95

Digital transformation Artificial Intelligence Mobile Technology 95

WIRED Threat Level

JANUARY 21, 2018

Opinion: Researchers from Yale Privacy Lab argue that the scourge of trackers in Android apps means users should stop using the Google Play store.

Malware 111

Malware 111

Dark Reading

JANUARY 16, 2018

ICEBRG Security Research team's finding highlights an often-overlooked threat.

88

88

Advertisement

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

Cyber threats

eSecurity Planet

JANUARY 9, 2018

IT experts share some their tips on updating IT systems and business processes to comply with the EU's strict new data privacy regulations.

Data privacy 89

Data privacy 89

Troy Hunt

JANUARY 14, 2018

I don't know how many data breaches I'm sitting on that I'm yet to process. 100? 200? It's hard to tell because often I'm sent collections of multiple incidents in a single archive, often there's junk in there and often there's redundancy across those collections. All I really know is that there's hundreds of gigabytes spread across thousands of files.

Data breaches 203

Data breaches Passwords Accountability Media 203

Schneier on Security

JANUARY 18, 2018

Interesting.

217

217

Thales Cloud Protection & Licensing

JANUARY 5, 2018

( Originally posted to CenturyLink’s blog on November 10 ). To help save time and money, a growing number of enterprises are storing sensitive customer data in the public cloud. Increasingly, they’re also leveraging multiple cloud providers. According to IDC, nearly 80% of IT organizations currently deploy multi-cloud or plan to implement multi-cloud environments within 12 months.

Encryption 91

Encryption Technology Media 91

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

WIRED Threat Level

JANUARY 26, 2018

Scouring the blockchain, researchers found years-old evidence tying Silk Road transaction to users' public accounts.

Accountability 111

Accountability 111

Dark Reading

JANUARY 11, 2018

How security practitioners can incorporate expert knowledge into machine learning algorithms that reveal security insights, safeguard data, and keep attackers out.

Cybersecurity 88

Cybersecurity 88

eSecurity Planet

JANUARY 19, 2018

The IT and software solutions that help businesses meet the EU's tough new data privacy regulation.

Technology 82

Technology Data privacy Software 82

Troy Hunt

JANUARY 31, 2018

This is probably the most self-explanatory blog post title I've ever written! But be that as it may, it deserves some explanation as to how I've arrived at this point and like many great ideas, it began over some beers. I've just arrived home to the Gold Coast in Australia which I frequently describe to people as "the sunny part of the sunny country" I'm literally sitting on a beach writing this blog post and frankly, I'd like to spend more time here.

Hacking 189

Hacking Media 189

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Schneier on Security

JANUARY 26, 2018

On January 3, the world learned about a series of major security vulnerabilities in modern microprocessors. Called Spectre and Meltdown, these vulnerabilities were discovered by several different researchers last summer, disclosed to the microprocessors' manufacturers, and patched­ -- at least to the extent possible. This news isn't really any different from the usual endless stream of security vulnerabilities and patches, but it's also a harbinger of the sorts of security problems we're going t

Manufacturing 212

Manufacturing Software Banking Advertising 212

Thales Cloud Protection & Licensing

JANUARY 11, 2018

Cindy Provin is a 20-year veteran at Thales. This month, she became the CEO for Thales eSecurity. Previously, she served as the President for Thales eSecurity Americas, and Chief Strategy & Marketing Officer for Thales eSecurity. In her new role as CEO, Cindy will be responsible for leading a world-class organization and delivering a portfolio of security solutions to protect data wherever it is created, shared or stored.

Digital transformation 89

Digital transformation Marketing Cybersecurity 89

WIRED Threat Level

JANUARY 16, 2018

Megan Squire doesn’t consider herself to be antifa and pushes digital activism instead, passing along information to those who might put it to real-world use—who might weaponize it.

111

111

Dark Reading

JANUARY 22, 2018

Latest version targets systems running ARC processors.

IoT 87

IoT Malware 87

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Threatpost

JANUARY 21, 2018

Russian authorities have broken up a crime ring involving a hacker and willing gas-station employees who have used malicious software to cheat customers of gas.

Software 76

Software Government Malware Hacking 76

Troy Hunt

JANUARY 1, 2018

I look back a lot more than what I suspect people realise. Not in a reminiscent way, but rather because I find it helps me put things in perspective. A lot of people like to set personal goals or objectives so that there's something specific they're setting out to achieve but for me personally, I just want to see progress. I want to be able to do these retrospectives - not just on Jan 1 but every day - and say to myself "yeah, I'm happy with how far I've moved ahead" And believe me when

Hacking 148

Hacking Encryption 148

Schneier on Security

JANUARY 22, 2018

Kaspersky Labs is reporting on a new piece of sophisticated malware: We observed many web landing pages that mimic the sites of mobile operators and which are used to spread the Android implants. These domains have been registered by the attackers since 2015. According to our telemetry, that was the year the distribution campaign was at its most active.

Malware 210

Malware Government Spyware Hacking 210

Thales Cloud Protection & Licensing

JANUARY 18, 2018

There has always been a battle between business efficiency and security since the invention of shared compute and data resources. Enterprise risk managers continue to swing the pendulum between business risk and security risk, depending on new demands versus new threats. Today’s enterprises have experienced this pendulum shift as cloud has become more relevant.

Encryption 88

Encryption Risk Phishing Authentication 88

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

WIRED Threat Level

JANUARY 10, 2018

German researchers say that a flaw in the app's group-chat feature undermines its end-to-end encryption promises.

Encryption 112

Encryption 112

Dark Reading

JANUARY 2, 2018

The retailer found signs of unauthorized access and malware installed on point-of-sale devices during an investigation into last year's data breach.

Malware 79

Malware Retail Encryption Data breaches 79

Threatpost

JANUARY 25, 2018

Dueling browsers, Mozilla Firefox and Google Chrome, have patched bugs and beefed up security.

73

73

Troy Hunt

JANUARY 19, 2018

It's NDC London! I'm pushing this week's update out a little later due to the different time zones and frankly, due to it being an absolutely non-stop week of events. I talk about those, about how I'm trying to tackle breach disclosures now and about some upcoming events. Next week is Norway and Denmark and I'll be coming to you a little later due to a totally jam-packed Friday, more from me then. iTunes podcast | Google Play Music podcast | RSS podcast.

144

144

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

Scams