Schneier on Security

FEBRUARY 12, 2018

There are a lot : The cybersecurity company McAfee recently uncovered a cyber operation, dubbed Operation GoldDragon, attacking South Korean organizations related to the Winter Olympics. McAfee believes the attack came from a nation state that speaks Korean, although it has no definitive proof that this is a North Korean operation. The victim organizations include ice hockey teams, ski suppliers, ski resorts, tourist organizations in Pyeongchang, and departments organizing the Pyeongchang Olympi

Internet 289

Internet Internet Cyber Attacks DDOS 289

Troy Hunt

FEBRUARY 16, 2018

I had plans this week. Monday was going to be full of coding work around Pwned Passwords V2 (and a few other HIBP things) then Texthelp went and got themselves pwned and there went my day writing about the ramifications of that. This is a genuinely important issue and the whole concept of the JavaScript supply chain needs much better thought. We've got the technology, it's just that most people don't know it exists!

Data breaches 131

Data breaches Marketing Passwords Internet 131

WIRED Threat Level

FEBRUARY 16, 2018

In the wake of the Mueller indictment of a Russian troll farm, any attempt to claim that the 2016 election wasn’t affected by Russian meddling is laughable.

112

112

Thales Cloud Protection & Licensing

FEBRUARY 15, 2018

Another day, another breach. It’s sarcastic, it’s comical, but it’s also real. Barely a day goes by where we don’t hear of a data breach. Affecting big companies and small in virtually every vertical and hitting government institutions at the local, state and federal level, sensitive data is routinely exfiltrated, stolen and leveraged with shocking regularity.

Identity Theft 89

Identity Theft IoT Encryption Technology 89

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

Risk

Schneier on Security

FEBRUARY 14, 2018

Everything online is hackable. This is true for Equifax's data and the federal Office of Personal Management's data, which was hacked in 2015. If information is on a computer connected to the Internet, it is vulnerable. But just because everything is hackable doesn't mean everything will be hacked. The difference between the two is complex, and filled with defensive technologies, security best practices, consumer awareness, the motivation and skill of the hacker and the desirability of the data.

Internet 179

Internet Internet Government Hacking 179

Dark Reading

FEBRUARY 14, 2018

In today's environment, a focus on cybersecurity isn't a luxury. It's a necessity, and making sure that focus is achieved starts with the company's culture.

Cybersecurity 79

Cybersecurity 79

eSecurity Planet

FEBRUARY 15, 2018

A look at top vendors in the market for web security gateway solutions, a critical tool for defending against web threats.

Marketing 76

Marketing 76

Schneier on Security

FEBRUARY 13, 2018

Nice profile of Mordechai Guri, who researches a variety of clever ways to steal data over air-gapped computers. Guri and his fellow Ben-Gurion researchers have shown, for instance, that it's possible to trick a fully offline computer into leaking data to another nearby device via the noise its internal fan generates , by changing air temperatures in patterns that the receiving computer can detect with thermal sensors , or even by blinking out a stream of information from a computer hard dr

Cybersecurity 177

Cybersecurity 177

Dark Reading

FEBRUARY 14, 2018

Exploits are getting more sophisticated by the day, and cybersecurity technology just isn't keeping up.

Malware 68

Malware Technology Cybersecurity 68

WIRED Threat Level

FEBRUARY 15, 2018

The "Protect" menu item in Facebook's mobile apps refers users to the company's Onavo Protect VPN, but the tool falls short of basic privacy standards.

VPN 111

VPN Mobile 111

Advertisement

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

Cyber threats

Thales Cloud Protection & Licensing

FEBRUARY 13, 2018

As data breaches continue to plague organisations worldwide, South Africa is taking extra measures to protect its citizens by rolling out new legislation. The country’s Protection of Personal Information (POPI) Act imposes requirements on holders of personal data to guard against unauthorised access and, in the event of a breach, mandates that the organisation notify the Regulator and the impacted data subjects.

Encryption 66

Encryption Government Risk Technology 66

Schneier on Security

FEBRUARY 15, 2018

Good Washington Post op-ed on the need to use voter-verifiable paper ballots to secure elections, as well as risk-limiting audits.

Risk 163

Risk 163

Threatpost

FEBRUARY 16, 2018

Apple said it is working on a fix for the latest text bomb bug that crashes a number of iOS and Mac apps that display specific Telugu language characters. .

Mobile 63

Mobile Hacking 63

WIRED Threat Level

FEBRUARY 16, 2018

Robert Mueller's office has come out with a 37-page indictment that details the extraordinary lengths Russian agents went to influence the 2016 presidential election.

110

110

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

eSecurity Planet

FEBRUARY 12, 2018

Paying security researchers to find vulnerabilities can be a winning formula. Find out more in the first part of this eSecurity Planet series.

63

63

Schneier on Security

FEBRUARY 16, 2018

The National Academies has just published " Decrypting the Encryption Debate: A Framework for Decision Makers." It looks really good, although I have not read it yet. Not much news or analysis yet. Please post any links you find in the comments, and I will summarize them here.

Encryption 141

Encryption 141

Dark Reading

FEBRUARY 16, 2018

These intelligent botnet clusters swarm compromised devices to identify and assault different attack vectors all at once.

61

61

WIRED Threat Level

FEBRUARY 16, 2018

A new Justice Department indictment alleges Russia's disinformation operations created bank and social media accounts using the stolen identities of real US citizens.

Banking 110

Banking Media Accountability 110

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

eSecurity Planet

FEBRUARY 15, 2018

A look at top vendors in the market for web security gateway solutions, a critical tool for defending against web threats.

Marketing 55

Marketing 55

Threatpost

FEBRUARY 15, 2018

Malicious e-mail attachments used in this campaign don’t display any warnings when opened and silently install malware.

Malware 52

Malware Passwords Hacking 52

Dark Reading

FEBRUARY 14, 2018

The launch and growth of new operating systems is mirrored by an increase in reported vulnerabilities.

61

61

WIRED Threat Level

FEBRUARY 15, 2018

From SMS notifications to an egregious number of emails, the social media company's desperation has gone too far.

Media 109

Media 109

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

Scams

Spinone

FEBRUARY 16, 2018

SAN FRANCISCO, CA – January 25, 2018 – Spinbackup, a leading cloud security and cloud-to-cloud backup solutions provider for G Suite, and an API-based CASB (Cloud Access Security Broker) announced today it’s significant growth milestones in 2017, as the company’s customer base exceeded 2,000 SMB’s, educational and enterprise organizations globally. 2017 was another year of continuous progress and achievement for Spinbackup.

Backups 40

Backups Ransomware Cyber threats Marketing 40

Threatpost

FEBRUARY 12, 2018

Emails try to get recipients to share revealing photos of themselves so scammers can later extort them later.

Scams 47

Scams Banking Hacking 47

Dark Reading

FEBRUARY 16, 2018

The new 'Charter of Trust' aims to make security a key element of the digital economy, critical infrastructure.

Cybersecurity 56

Cybersecurity 56

WIRED Threat Level

FEBRUARY 12, 2018

Researchers at Cisco Talos detail a new piece of disruptive, highly infectious malware with a clear target: the Pyeongchang Olympics IT infrastructure.

Malware 105

Malware 105

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Spinone

FEBRUARY 14, 2018

The cloud computing boom has brought many benefits to businesses regarding increased productivity and easier accessibility to corporate online systems. Unfortunately, it has also introduced some new security concerns and an increase in the number of data breaches that occur each year. The main reason for this is that cloud services make it much easier to access and share data from outside the organization.

Cloud Migration 40

Cloud Migration Data breaches Risk Mobile 40

Threatpost

FEBRUARY 14, 2018

Researchers now believe attackers may have had prior access to networks and that malware was more sophisticated than originally believed.

Malware 47

Malware Government Hacking 47

Dark Reading

FEBRUARY 16, 2018

Russian nationals reportedly used stolen American identities and infrastructure to influence the 2016 election outcome.

54

54

WIRED Threat Level

FEBRUARY 12, 2018

Once confined to browsers, hijacking computers to mine cryptocurrency has branched out to dangerous places.

Cryptocurrency 104

Cryptocurrency 104

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!