SEARCH
All Articles
Facebook Brings Bug Bounty to Developer Ecosystem
Facebook is expanding its bug bounty program to third-party apps and websites that might expose user tokens improperly.
Cloudflare Makes InterPlanetary File System Globally Accessible
Cloudflare has released a gateway and browser extension to make the distributed IPFS network easily and securely accessible.
No Sleep for Computers: Cold Boot Attacks are Back
F-Secure researchers found that modifying the hardware on modern computers make them susceptible to “cold boot” attacks where passwords and encryption keys can be harvested from memory. Hibernate or power off. Don't put the computer in sleep mode.
Senators Question Lack of MFA at State Department
Five lawmakers have asked the Secretary of State for answers about his agency's failure to implement MFA despite a federal requirement to do so.
BA Breach Another Step in Magecart Group’s Evolution
The attack group known as Magecart has been stealing payment information from sites for several years and is showing signs of maturation with the BA breach.
Data Breaches Have Long-Term Impact on Stock Price
A data breach disrupts day-to-day operations and can hurt the company’s reputation, but the fact that stock prices bounce back pretty quickly makes it seem like the stock market doesn't penalize the company. Analysis by UK-based Comparitech found that long-term impact on the company’s stock performance after a breach.
Decipher Podcast: Richard Bejtlich
Security strategist, adviser, and author Richard Bejtlich joins the podcast to talk about the evolution of incident response and how the security community has changed over the last 20 years.
IoT Botnets Turn Attention to Enterprises
The Mirai and Gafgyt IoT botnets recently have begun adding exploits for vulnerabilities in enterprise products.
Tor Browser Comes to Android
The Tor Browser, which allows for private web browsing, is now available for the Android platform.
Justice Department Describes North Korea’s Attack Arsenal
The United States Department of Justice painstakingly laid out the investigative breadcrumbs that identified the tools and techniques used by North Korea in offensive campaigns conducted over a four-year span, which includes the attack against Sony Pictures in 2014, the theft from Bangladesh Bank in 2016, and the devastating WannaCry ransomware outbreak in 2017.
US Calls Out North Korea for Sony, Bangladesh Bank, WannaCry Attacks
The United States Department of Justice has charged a North Korean programmer for taking part in the attacks as part of its strategy to call out nation-state attackers. While there is no chance of US law enforcement ever making the arrest, the complaint is a way for the government to respond to damaging nation-state sponsored attacks.
Crypto Backdoor Law Unlikely Soon
Policy experts say that legislation mandating encryption backdoors are not on the horizon in the U.S., but could be a reality soon in the U.K. and Australia.
NIST Outlines How to Secure BGP
The Internet relies on BGP, but the protocol doesn't have any security protections to prevent route hijacking. NIST's draft paper outlines techniques for securing BGP for a safer Internet.
Facebook and Twitter Move to Fight Disinformation Campaigns
The two dominant social media platforms are changing the way they verify users in an effort to fight foreign influence operations.
Five Eyes Countries Press for Encryption Laws
The governments of the Five Eyes countries say that if tech companies can't help find a way to provide access to encrypted data, laws may be the answer.