Sat.Jan 13, 2018 - Fri.Jan 19, 2018

article thumbnail

Student Cracks Inca Knot Code

Schneier on Security

Interesting.

206
206
article thumbnail

Streamlining Data Breach Disclosures: A Step-by-Step Process

Troy Hunt

I don't know how many data breaches I'm sitting on that I'm yet to process. 100? 200? It's hard to tell because often I'm sent collections of multiple incidents in a single archive, often there's junk in there and often there's redundancy across those collections. All I really know is that there's hundreds of gigabytes spread across thousands of files.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Meet Antifa's Secret Weapon Against Far-Right Extremists

WIRED Threat Level

Megan Squire doesn’t consider herself to be antifa and pushes digital activism instead, passing along information to those who might put it to real-world use—who might weaponize it.

111
111
article thumbnail

Four Malicious Google Chrome Extensions Affect 500K Users

Dark Reading

ICEBRG Security Research team's finding highlights an often-overlooked threat.

88
article thumbnail

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

article thumbnail

Security Breaches Don't Affect Stock Price

Schneier on Security

Interesting research: " Long-term market implications of data breaches, not ," by Russell Lange and Eric W. Burger. Abstract : This report assesses the impact disclosure of data breaches has on the total returns and volatility of the affected companies' stock, with a focus on the results relative to the performance of the firms' peer industries, as represented through selected indices rather than the market as a whole.

Marketing 381
article thumbnail

Weekly Update 70 (NDC London Edition)

Troy Hunt

It's NDC London! I'm pushing this week's update out a little later due to the different time zones and frankly, due to it being an absolutely non-stop week of events. I talk about those, about how I'm trying to tackle breach disclosures now and about some upcoming events. Next week is Norway and Denmark and I'll be coming to you a little later due to a totally jam-packed Friday, more from me then. iTunes podcast | Google Play Music podcast | RSS podcast.

143
143

LifeWorks

More Trending

article thumbnail

Does Encryption Really Protect My Cloud Data?

Thales Cloud Protection & Licensing

There has always been a battle between business efficiency and security since the invention of shared compute and data resources. Enterprise risk managers continue to swing the pendulum between business risk and security risk, depending on new demands versus new threats. Today’s enterprises have experienced this pendulum shift as cloud has become more relevant.

article thumbnail

Fighting Ransomware

Schneier on Security

No More Ransom is a central repository of keys and applications for ransomware, so people can recover their data without paying. It's not complete, of course, but is pretty good against older strains of ransomware. The site is a joint effort by Europol, the Dutch police, Kaspersky, and McAfee.

article thumbnail

Enterprise Technologies That Tame GDPR Compliance

eSecurity Planet

The IT and software solutions that help businesses meet the EU's tough new data privacy regulation.

article thumbnail

The Astrophysicist Who Wants to Help Solve Baltimore's Urban Blight

WIRED Threat Level

Vacant buildings are more than just an economic threat. They're also a public safety concern. And it turns out they have their own sort of gravitational pull.

111
111
article thumbnail

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

article thumbnail

Where to Find Security Holes in Serverless Architecture

Dark Reading

Serverless architectures take away business responsibility for server management, but security should still be top of mind.

article thumbnail

Article from a Former Chinese PLA General on Cyber Sovereignty

Schneier on Security

Interesting article by Major General Hao Yeli, Chinese People's Liberation Army (ret.), a senior advisor at the China International Institute for Strategic Society, Vice President of China Institute for Innovation and Development Strategy, and the Chair of the Guanchao Cyber Forum. Against the background of globalization and the internet era, the emerging cyber sovereignty concept calls for breaking through the limitations of physical space and avoiding misunderstandings based on perceptions of

article thumbnail

Nine Top Patch Management Solutions

eSecurity Planet

Patch management might be the single most important security tool. We review 9 of the top patch management solutions.

70
article thumbnail

Triton Malware Details Show the Dangers of Industrial System Sabotage

WIRED Threat Level

New details about Triton malware should put industrial systems and critical infrastructure on notice.

Malware 109
article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

Doh!!! The 10 Most Overlooked Security Tasks

Dark Reading

Here's a list of gotchas that often slip past overburdened security pros.

61
article thumbnail

Jim Risen Writes about Reporting Government Secrets

Schneier on Security

Jim Risen writes a long and interesting article about his battles with the US government and the New York Times to report government secrets.

article thumbnail

Flexera Corporate Software Inspector: Overview and Analysis

eSecurity Planet

We review Flexera Corporate Software Inspector, a patch management solution for Windows, Mac OS and Red Hat Linux.

article thumbnail

A Popular Crime-Predicting Algorithms Performed Worse Than Mechanical Turks in One Study

WIRED Threat Level

When researchers put a popular criminal justice algorithm up against a bunch of Mechanical Turks, they came out about even.

107
107
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Lenovo Patches Networking OS Vulnerability Dating Back to 2004

Threatpost

A bug in Lenovo’s Enterprise Networking Operating System could allow an attacker to launch an authentication bypass attack.

article thumbnail

Accelerated Cloud Adoption Creates More Corporate Responsibility

Thales Cloud Protection & Licensing

I have been in the security space for many decades. Although security technologies and processes have vastly improved, it seems that we are losing the battle as more and more data breaches are reported in the news. The wide adoption of the cloud has added to the concern for most enterprise risk officers. Due to increasing risk, favoring business efficiency over security — especially when dealing with cloud services — is no longer an accepted approach.

article thumbnail

Which CISO 'Tribe' Do You Belong To?

Dark Reading

New research categorizes CISOs into four distinct groups based on factors related to workforce, governance, and security controls.

CISO 59
article thumbnail

The 'Doublespeak' of Responsible Encryption

WIRED Threat Level

It's a new name for an old argument: that public agencies fighting crime and terrorism must have access to our private communications—for our own good.

article thumbnail

Next-Level Fraud Prevention: Strategies for Today’s Threat Landscape

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

article thumbnail

Attackers Use Microsoft Office Vulnerabilities to Spread Zyklon Malware

Threatpost

Hackers are exploiting three Microsoft Office vulnerabilities to spread the Zyklon HTTP malware.

Malware 59
article thumbnail

Red Hat Satellite: Patch Management Overview and Analysis

eSecurity Planet

We review Red Hat Satellite, a patch management solution for enterprise Linux systems.

58
article thumbnail

Threats from Russia, North Korea Loom as Geopolitics Spills into Cyber Realm

Dark Reading

Threat actors from both nations ramped up their activities sharply in 2017, Flashpoint says in a new threat intelligence report.

56
article thumbnail

Meltdown, Spectre, Malicious Apps, and More of This Week's Security News

WIRED Threat Level

Meltdown, Spectre, malicious Android apps, and more of the week's top security news.

104
104
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Sprawling Mobile Espionage Campaign Targets Android Devices

Threatpost

A massive mobile espionage campaign has been collecting troves of sensitive personal information since 2012, according to a new report from the Electronic Frontier Foundation and security firm Lookout.

Mobile 52
article thumbnail

Ivanti Patch: Patch Management Overview and Analysis

eSecurity Planet

We review Ivanti Patch, a range of patch management solutions for small companies through large enterprises.

52
article thumbnail

Mental Models & Security: Thinking Like a Hacker

Dark Reading

These seven approaches can change the way you tackle problems.

54
article thumbnail

A New Way to Track Down Bugs Could Help Save IoT

WIRED Threat Level

New research advances techniques for finding and exploiting known vulnerabilities in IoT devices automatically.

IoT 102
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!