Schneier on Security
APRIL 3, 2018
The US Consumer Product Safety Commission is holding hearings on IoT risks: The U.S. Consumer Product Safety Commission (CPSC, Commission, or we) will conduct a public hearing to receive information from all interested parties about potential safety issues and hazards associated with internet-connected consumer products. The information received from the public hearing will be used to inform future Commission risk management work.
Troy Hunt
APRIL 6, 2018
We're in Hawaii! "We" being Scott Helme and myself and we're here for the Loco Moco Sec conference which has been a heap of fun (the location may have played a part in that.) And what a location: Scott joined me for this week's update and we were fresh out of a great talk from the Google Chrome Security PM so have a bit to share there about changes coming to the browser.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
WIRED Threat Level
APRIL 5, 2018
Cambridge researchers point to an 1816 precedent that could fundamentally change how "dirty" Bitcoins are tracked.
Thales Cloud Protection & Licensing
APRIL 4, 2018
Thales eSecurity’s CTO Jon Geater and Peter Carlisle , Thales eSecurity’s VP of Sales, EMEA, were recently featured in major news outlets espousing their opinions about internet-connected devices and the new Cyber Security Export Strategy. Geater, on new UK IoT security guidelines. Earlier this month, the UK government announced guidelines to make internet-connected devices safer.
Speaker: Erroll Amacker
Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.
Schneier on Security
APRIL 4, 2018
This is a really interesting research result. This paper proves that two parties can create a secure communications channel using a communications system with a backdoor. It's a theoretical result, so it doesn't talk about how easy that channel is to create. And the assumptions on the adversary are pretty reasonable: that each party can create his own randomness, and that the government isn't literally eavesdropping on every single part of the network at all times.
eSecurity Planet
APRIL 3, 2018
Compare top 10 DDoS vendors on key characteristics such as use cases, delivery, intelligence, and pricing, to help your enterprise choose the best solution for your DDoS security needs.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
Threatpost
APRIL 4, 2018
Intel has halted patches for older chips addressing the Spectre vulnerability, according to a recent microcode update.
Dark Reading
APRIL 5, 2018
Being hit by a cyberattack is going to be painful. But it can be less painful if you're prepared, and these best practices can help.
WIRED Threat Level
APRIL 6, 2018
DHS this week confirmed that Washington, DC is littered with fake cell tower surveillance devices, but nothing will likely be done to fix it.
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
eSecurity Planet
APRIL 3, 2018
A look at the strengths and weaknesses of AlienVault and Splunk, two leading SIEM solutions.
Threatpost
APRIL 6, 2018
Researchers said a Mirai botnet variant, possibly linked to the IoTroop or Reaper botnet, was leveraged in attacks against the financial sector.
Dark Reading
APRIL 5, 2018
New studies show how patching continues to dog most organizations - with real consequences.
WIRED Threat Level
APRIL 6, 2018
It's good that Facebook is addressing its many privacy woes, but reacting rather than planning leaves some fixes feeling half-baked.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
eSecurity Planet
APRIL 3, 2018
We review Akamai's DDoS solution, which handles up to 8 Tbps of network capacity while mitigating DNS-based DDoS attacks and protecting DNS services.
Threatpost
APRIL 4, 2018
After a cyberattack shut down numerous pipeline communication networks this week experts are stressing the importance of securing third-party systems in supervisory control and data acquisition (SCADA) environments.
Dark Reading
APRIL 3, 2018
Personal information exposed in plain text for months on Panerabread.com and the company's response failed to rise to the challenge.
WIRED Threat Level
APRIL 3, 2018
The appointment of Paul Nakasone raises the question again: Should the NSA and Cyber Command be controlled by one man?
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Thales Cloud Protection & Licensing
APRIL 3, 2018
RSA Conference 2018 is just under two weeks away, and there isn’t a better moment to talk about data security and privacy. The theme for RSA this year is ‘Now Matters.’ Based on the countless data breaches, hacks and ransomware attacks that occurred in the past year, now certainly matters We saw new forms of ransomware with the WannaCry and Petya attacks that took place in the Spring of 2017 as a result of the Shadow Broker’s NSA data dump.
Threatpost
APRIL 3, 2018
Google updates its Android OS to address its own OS and component partners Qualcomm and Broadcom.
Dark Reading
APRIL 3, 2018
The massive budgets devoted to cybersecurity need to come with better metrics.
WIRED Threat Level
MARCH 31, 2018
As always, we’ve rounded up all the news we didn’t break or cover in depth this week.
Speaker: Sierre Lindgren
Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.
Privacy and Cybersecurity Law
APRIL 4, 2018
via Anca Sattler, Dentons Canada LLP. The federal government released an Order in Council , dated March 26, 2018, announcing that the mandatory data-breach notification rules will come into force on November 1, on the recommendation of Navdeep Bains, Minister of Industry, Science and Economic Development. After nearly three years, sections 10, 11, and 14, subsections 17(1) and (4) and sections 19 and 22 to 25 of the Digital Privacy Act, Chapter 32 will come into effect to amend the Personal Info
Threatpost
APRIL 5, 2018
Security experts say breaches impacting Delta Air Lines and Sears customers is tied to malware planted on a third-party chat service.
Dark Reading
APRIL 5, 2018
Healthcare organizations often overlook the supply chain, which researchers say is their most vulnerable facet.
WIRED Threat Level
APRIL 2, 2018
As cryptojacking takes over the web, Google will put a stop to cryptomining extensions that prey on unsuspecting installers.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Privacy and Cybersecurity Law
APRIL 4, 2018
The federal government released an Order in Council, dated March 26, 2018, announcing that the mandatory data-breach notification rules will […].
Threatpost
APRIL 3, 2018
Panera is in hot water after sitting on a massive data leak for eight months on its website - and then trying to downplay the amount of customers impacted by the leak.
Dark Reading
APRIL 6, 2018
Only 29% of respondents in a new IoT security survey say they actively monitor the risk of connected devices used by third parties.
WIRED Threat Level
APRIL 6, 2018
Insuring against hacks and breaches can be a lucrative business—but also presents unique challenges.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Expert insights. Personalized for you.
229 
Let's personalize your content