Krebs on Security
FEBRUARY 11, 2020
Microsoft today released updates to plug nearly 100 security holes in various versions of its Windows operating system and related software, including a zero-day vulnerability in Internet Explorer (IE) that is actively being exploited. Also, Adobe has issued a bevy of security updates for its various products, including Flash Player and Adobe Reader/Acrobat.
Schneier on Security
FEBRUARY 11, 2020
The Swiss cryptography firm Crypto AG sold equipment to governments and militaries around the world for decades after World War II. They were owned by the CIA: But what none of its customers ever knew was that Crypto AG was secretly owned by the CIA in a highly classified partnership with West German intelligence. These spy agencies rigged the company's devices so they could easily break the codes that countries used to send encrypted messages.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Troy Hunt
FEBRUARY 11, 2020
I don't know exactly why the recent uptick, but lately I've had a bunch of people ask me if I've tried the Brave web browser. Why they'd ask me that is much more obvious: Brave is a privacy-focused browser that nukes ads and trackers. It also has some cool built-in stuff like the ability to create a new private browsing window in Tor rather than just your classic incognito window that might ditch all your cookies and browsing history but still connect to the internet directly from your own IP ad
Adam Levin
FEBRUARY 10, 2020
As if cybersecurity weren’t already a red-letter issue, the United States and, most likely, its allies–in other words, the global economic community–are in Iran’s cyber sites, a major player in cyber warfare and politically divisive disinformation campaigns. The “slap” as Ayatollah Ali Khamenei described it was a ballistic missile attack on a target that had three hours to get out of harm’s way.
Speaker: Erroll Amacker
Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.
Krebs on Security
FEBRUARY 10, 2020
The U.S. Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. DOJ officials said the four men were responsible for carrying out the largest theft of sensitive personal information by state-sponsored hackers ever recorded.
Schneier on Security
FEBRUARY 14, 2020
Interesting collision of real-world and Internet security: The ceremony sees several trusted internet engineers (a minimum of three and up to seven) from across the world descend on one of two secure locations -- one in El Segundo, California, just south of Los Angeles, and the other in Culpeper, Virginia -- both in America, every three months. Once in place, they run through a lengthy series of steps and checks to cryptographically sign the digital key pairs used to secure the internet's root z
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
Adam Shostack
FEBRUARY 11, 2020
My course, “ Repudiation in Depth ” is now live on Linkedin Learning. This is the fourth course I’ve created, starting with “ Learning Threat Modeling “, and courses on “ spoofing “, “ tampering “, and now, repudiation. (You can probably see where this is going, and I’m making great strides towards the goal.
Krebs on Security
FEBRUARY 14, 2020
In May 2013, the U.S. Justice Department seized Liberty Reserve , alleging the virtual currency service acted as a $6 billion financial hub for the cybercrime world. Prompted by assurances that the government would one day afford Liberty Reserve users a chance to reclaim any funds seized as part of the takedown, KrebsOnSecurity filed a claim shortly thereafter to see if and when this process might take place.
Schneier on Security
FEBRUARY 12, 2020
Motherboard has a long article on apps -- Edison, Slice, and Cleanfox -- that spy on your email by scraping your screen, and then sell that information to others: Some of the companies listed in the J.P. Morgan document sell data sourced from "personal inboxes," the document adds. A spokesperson for J.P. Morgan Research, the part of the company that created the document, told Motherboard that the research "is intended for institutional clients.
Tech Republic Security
FEBRUARY 14, 2020
Researchers say hackers can alter, stop, or expose how an individual user has voted through the Voatz app.
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
WIRED Threat Level
FEBRUARY 14, 2020
The encryption app is putting a $50 million infusion from WhatsApp cofounder Brian Acton to good use, building out features to help it go mainstream.
Security Affairs
FEBRUARY 13, 2020
The popular Italian hacktivist collective LulzSec ITA claimed via Twitter to have hacked three Italian universities. The popular Italian hacktivist collective LulzSec ITA has announced via Twitter the hack of three Italian universities, highlighting the importance of the cybersecurity for our society. Abbiamo fatto visita a @UnivRoma3 , nella speranza che oltre alla sicurezza, possa migliorare anche il futuro dei nostri giovani!
Schneier on Security
FEBRUARY 13, 2020
The United States is one of the few democracies without some formal data protection agency, and we need one. Senator Gillibrand just proposed creating one.
Tech Republic Security
FEBRUARY 13, 2020
Hackers are adopting organized crime tactics to make billions from victims all over the globe.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
WIRED Threat Level
FEBRUARY 13, 2020
New research from MIT shows that the Voatz app appears to have some glaring security holes.
Security Affairs
FEBRUARY 13, 2020
Huawei can secretly tap into communications through the networking equipment, states a U.S. official , while White House urge allies to ban the Chinese giant. This week The Wall Street Journal reported that U.S. officials say Huawei can covertly access telecom networks where its equipment is installed. “U.S. officials say Huawei Technologies Co. can covertly access mobile-phone networks around the world through “back doors” designed for use by law enforcement, as Washington tries to persua
Schneier on Security
FEBRUARY 10, 2020
Last month, engineers at Google published a very curious privacy bug in Apple's Safari web browser. Apple's Intelligent Tracking Prevention, a feature designed to reduce user tracking, has vulnerabilities that themselves allow user tracking. Some details : ITP detects and blocks tracking on the web. When you visit a few websites that happen to load the same third-party resource, ITP detects the domain hosting the resource as a potential tracker and from then on sanitizes web requests to that dom
Tech Republic Security
FEBRUARY 13, 2020
A Positive Technologies study finds 82% of web application vulnerabilities lie in the source code.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Daniel Miessler
FEBRUARY 10, 2020
[advanced_iframe src=”[link] width=”100%”]. —. If you get value from this content, you can support it directly by becoming a member. Being a member gets you access to the newsletter every week instead of just twice a month, access to the UL Slack Channel, the UL Book Club, the UL Archives, and access to future member-only content.
Security Affairs
FEBRUARY 14, 2020
A Russian court fined Twitter and Facebook 4 million rubles each for refusing to store the personal data of Russian citizens on local servers. At the end of January, Russia’s telecommunications watchdog Roskomnadzor instituted administrative proceedings against Facebook and Twitter after they refused to store data of Russian users on servers located in the country.
Schneier on Security
FEBRUARY 14, 2020
This is a current list of where and when I am scheduled to speak: I'll be at RSA Conference 2020 in San Francisco. On Wednesday, February 26, at 2:50 PM, I'll be part of a panel on "How to Reduce Supply Chain Risk: Lessons from Efforts to Block Huawei." On Thursday, February 27, at 9:20 AM, I'm giving a keynote on "Hacking Society.". I'm speaking at SecIT by Heise in Hannover, Germany on March 26, 2020.
Tech Republic Security
FEBRUARY 13, 2020
CEOs are generally from a finance/business track, rather than a technology one--why their traditional agenda and practices must change.
Speaker: Sierre Lindgren
Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.
WIRED Threat Level
FEBRUARY 8, 2020
Machine-learning programs are analyzing websites, news reports, and social media posts for signs of symptoms, such as fever or breathing problems. .
Security Affairs
FEBRUARY 9, 2020
Iran comes under cyber-attack again, a massive offensive brought down a large portion of the Iranian access to the Internet. Iran infrastructures are under attack, a massive cyberattack brought down a large portion of the Iranian access to the Internet, according to the experts the national connectivity fell to 75%. The N etBlocks internet observatory, which tracks disruptions and shutdowns, observed yesterday (February 8, 2019) a massive outage of the country’s connectivity to the Interne
Dark Reading
FEBRUARY 13, 2020
What happens when understaffed security teams at home and abroad are sequestered in physical quarantine zones?
Tech Republic Security
FEBRUARY 10, 2020
If you don't follow these Kubernetes deployments security best practices from Portshift, your containers, their underlying technologies, and your data could be at risk.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Threatpost
FEBRUARY 10, 2020
The new tactic used by Emotet allows the malware to infect nearby insecure Wi-Fi networks - and their devices - via brute force loops.
Security Affairs
FEBRUARY 10, 2020
Malaysia’s MyCERT issued a security alert to warn of a hacking campaign targeting government officials that was carried out by the China-linked APT40 group. Malaysia’s Computer Emergency Response Team (MyCERT) warns of a cyber espionage campaign carried out by the China-linked APT40 group aimed at Malaysian government officials. The attackers aimed at stealing confidential documents from government systems after having infected them with malware. “ MyCERT observed an increase i
WIRED Threat Level
FEBRUARY 11, 2020
Equifax. Anthem. Marriott. OPM. The data that China has amassed about US citizens will power its intelligence activities for a generation.
Tech Republic Security
FEBRUARY 11, 2020
Security and compliance are key factors to consider when outsourcing your data center, according to a report from data center provider US Signal.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Expert insights. Personalized for you.
68 
Let's personalize your content