Tech Republic Security

NOVEMBER 23, 2016

We work hard to provide in-depth investigative tech journalism. Here's what we've reported in 2016.

Hacking

Scary Beasts Security

NOVEMBER 21, 2016

Overview A powerful heap corruption vulnerability exists in the gstreamer decoder for the FLIC file format. Presented here is an 0day exploit for this vulnerability. This decoder is generally present in the default install of modern Linux desktops, including Ubuntu 16.04 and Fedora 24. Gstreamer classifies its decoders as “good”, “bad” or “ugly”. Despite being quite buggy, and not being a format at all necessary on a modern desktop, the FLIC decoder is classified as “good”, almost guaranteeing i

Media

Privacy and Cybersecurity Law

NOVEMBER 23, 2016

On November 10, 2016, the U.S. Federal Trade Commission (FTC) released new guidance for businesses and consumers on the impact […].

Ransomware

Spinone

NOVEMBER 23, 2016

As more and more companies move to cloud services to increase productivity and reduce costs, we are seeing a shift in how businesses are working with digital technologies and their needs and requirements are also changing to fit these new ways of working. The adoption of cloud computing for storage and other services continues to grow, and with it comes new concerns about security and privacy.

Consumer Services

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

Risk

Tech Republic Security

NOVEMBER 23, 2016

Microsoft has been granted more time to change how Windows 10 collects data about users in order to comply with the French data protection act.

Data collection

Scary Beasts Security

NOVEMBER 24, 2016

Overview Recently (Nov 21st, 2016), I published an 0day exploit against the gstreamer FLIC decoder, here on my blog. The response time from gstreamer upstream was impressive: a patch in 1 day or so that fixed not only the immediate issue but also some similar bugs in other functions in the decoder. More on those other bugs in another post. Here is the git commit.

Accountability

Tech Republic Security

NOVEMBER 22, 2016

Attacks on IoT devices are an increasing threat. Here are a few expert tactics to ensure your company's data and networks are safe.

IoT

Tech Republic Security

NOVEMBER 22, 2016

Online shopping is easy and convenient, and more people are doing it than ever before. The rise in e-commerce also gives cybercriminals more opportunities to rob you blind. Here's how to stay safe.

Tech Republic Security

NOVEMBER 23, 2016

In a recent blog post, the social media company clarified the acceptable use of its public APIs, pushing back against tweets being used to track protesters and activists.

Surveillance

Tech Republic Security

NOVEMBER 21, 2016

The Dark Web isn't all bad news. A study by security firm Terbium Labs found that over half of the encrypted internet consists of legal traffic, and instances of hacking and fraud were shockingly low.

Encryption

Advertisement

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

Cyber threats

Tech Republic Security

NOVEMBER 22, 2016

Discover how software analytics tools help lawyers and courts determine whether software infringement cases have merit.

Software

Tech Republic Security

NOVEMBER 22, 2016

Cisco's Senior Director of Security and Trust explains the high stakes of enterprise security, the next wave of corporate cyber-attacks, and best practices for raising risk awareness.

Cyber Risk

Tech Republic Security

NOVEMBER 21, 2016

If you want a password manager tool that will work without a GUI, here's a solution that you shouldn't pass on.

Password Management

Privacy and Cybersecurity Law

NOVEMBER 22, 2016

In 2013, President Obama issued Executive Order 13636 and directed the Director of the National Institute of Standards and Technology […].

Cybersecurity

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity