Troy Hunt
FEBRUARY 6, 2018
I've been giving a bunch of thought to passwords lately. Here we have this absolute cornerstone of security - a paradigm that every single person with an online account understands - yet we see fundamentally different approaches to how services handle them. Some have strict complexity rules. Some have low max lengths. Some won't let you paste a password.
Schneier on Security
FEBRUARY 9, 2018
In " The House that Spied on Me ," Kashmir Hill outfits her home to be as "smart" as possible and writes about the results.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
WIRED Threat Level
FEBRUARY 9, 2018
Polisis, a machine-learning-trained tool, automatically produces readable charts of where your data ends up for any online service.
eSecurity Planet
FEBRUARY 7, 2018
Industry experts from Coalfire, IEEE and more discuss how AI is shaping the future of IT security.
Speaker: Erroll Amacker
Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.
Troy Hunt
FEBRUARY 9, 2018
I'm not entirely sure how I've gotten to the end of the week feeling completely wrung out whilst having only written the one thing, but here we are. In fairness though, I've put a heap of work into Pwned Passwords version 2 and finally completed the data set. There's some coding work and other logistics to complete before it goes live, but the plan for now is week after next so I'm looking forward to that.
Schneier on Security
FEBRUARY 5, 2018
A CNN reporter found.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
Thales Cloud Protection & Licensing
FEBRUARY 9, 2018
With organizations around the world now deploying ever-increasing amounts of encryption solutions in an effort to ward off cybercrime, businesses are facing a combination of challenges. Whether it’s varying protection levels, differing operational techniques and policies, or juggling multiple keys, managing more than one encryption system can quickly turn into a complex web that demands time, expertise and money to manage effectively.
eSecurity Planet
FEBRUARY 6, 2018
Learn about this emerging attack method and how it's impacting organizations around the world in this eSecurityPlanet series.
Schneier on Security
FEBRUARY 8, 2018
A water utility in Europe has been infected by cryptocurrency mining software. This is a relatively new attack : hackers compromise computers and force them to mine cryptocurrency for them. This is the first time I've seen it infect SCADA systems, though. It seems that this mining software is benign, and doesn't affect the performance of the hacked computer.
WIRED Threat Level
FEBRUARY 7, 2018
A new twist on the classic Nigerian Prince scheme has jumped from gaming communities to Twitter. And now it's spreading.
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
Thales Cloud Protection & Licensing
FEBRUARY 8, 2018
The 2018 Thales Data Threat Report (DTR) has great information on Big Data use and security. We surveyed more than 1,200 senior security executives from around the world, and virtually all (99%) report they plan to use Big Data this year. Top Big Data Security Concerns. But they rightly have concerns. As the report notes: The top Big Data security issue is that sensitive data can be anywhere – and therefore everywhere – a concern expressed by 34% of global and U.S. respondents.
Dark Reading
FEBRUARY 9, 2018
The aliases, geographies, famous attacks, and behaviors of some of the most prolific threat groups.
Schneier on Security
FEBRUARY 7, 2018
This story of leaked Australian government secrets is unlike any other I've heard: It begins at a second-hand shop in Canberra, where ex-government furniture is sold off cheaply. The deals can be even cheaper when the items in question are two heavy filing cabinets to which no-one can find the keys. They were purchased for small change and sat unopened for some months until the locks were attacked with a drill.
WIRED Threat Level
FEBRUARY 7, 2018
Researcher Mordechai Guri has spent the last four years exploring practically every method of stealthily siphoning data off of a disconnected computer.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Thales Cloud Protection & Licensing
FEBRUARY 6, 2018
This past month, CEOs, elected leaders and academics from around the globe gathered at the World Economic Forum (WEF) in Davos, Switzerland, to discuss the world’s most pressing problems including technological change, global trade, education, sustainability, and gender equality. As in previous years, digital transformation remained a key theme at the event as well as discussions around artificial intelligence (AI) and IoT technologies impacting the workforce.
Dark Reading
FEBRUARY 5, 2018
Many businesses are ill-equipped to deal with potential risks posed by billions of connected devices, exponential data growth, and an unprecedented number of cyber threats. Here's how to prepare.
Schneier on Security
FEBRUARY 6, 2018
The Guardian is reporting that "every NHS trust assessed for cyber security vulnerabilities has failed to meet the standard required.". This is the same NHS that was debilitated by WannaCry.
WIRED Threat Level
FEBRUARY 3, 2018
The memo release, Olympics hacking, and more of the week's top security news.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
eSecurity Planet
FEBRUARY 9, 2018
While both SIEM solutions are popular industry leaders, each has its strengths and weaknesses. We take a close look at both.
Dark Reading
FEBRUARY 9, 2018
The irony behind just about every headline-grabbing data breach we've seen in recent years is that they all could have been prevented with simple cyber hygiene.
Schneier on Security
FEBRUARY 9, 2018
Research shows that what a food is called affects how we think about it. Research paper. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.
WIRED Threat Level
FEBRUARY 7, 2018
Infraud may not have been as famous as dark web markets like the Silk Road and Alphabay, but it far outlasted both.
Speaker: Sierre Lindgren
Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.
Threatpost
FEBRUARY 9, 2018
Lenovo issued a security bulletin Friday warning customers of two previously disclosed critical Broadcom vulnerabilities impacts 25 models of its popular ThinkPad laptops.
Dark Reading
FEBRUARY 7, 2018
Shurl0ckr, a form of Gojdue ransomware, was not detected on SharePoint or Google Drive.
NopSec
FEBRUARY 9, 2018
On Monday, March 19th, NopSec’s Co-founder & CTO, Michelangelo Sidagni will be speaking at this year’s IANS New York Information Security Forum. The Information Security Forum delivers an immersive curriculum with over 30+ sessions led by esteemed IANS Faculty, global information security thought leaders and solution providers. Attend the two-day Forum to gain actionable technical solutions and leadership insights focused on current and emerging challenges facing enterprise secur
WIRED Threat Level
FEBRUARY 9, 2018
The first primary for the 2018 midterm elections takes place March 6—and many states are still woefully underprepared.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Threatpost
FEBRUARY 9, 2018
Cisco has issued patches for the vulnerability, which could be up to seven years old.
Dark Reading
FEBRUARY 7, 2018
Recent Adobe Flash exploit discovered against South Korean targets likely purchased, not developed by the hacking group.
NopSec
FEBRUARY 7, 2018
I have always been fascinated by lateral movement attacks possible within Windows Active Directory environments. Hosts are compromised; credentials extracted; lateral movement achieved until the final price for Windows Domain domination is captured: the credentials of one of the members of the Domain Admin Group. All these are techniques used most commonly by Red Teamers in large enterprises.
Kali Linux
FEBRUARY 5, 2018
Welcome to our first release of 2018, Kali Linux 2018.1. This fine release contains all updated packages and bug fixes since our 2017.3 release last November. This release wasn’t without its challenges–from the Meltdown and Spectre excitement (patches will be in the 4.15 kernel) to a couple of other nasty bugs , we had our work cut out for us but we prevailed in time to deliver this latest and greatest version for your installation pleasure.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Expert insights. Personalized for you.
242 
Let's personalize your content