Facebook is expanding its bug bounty program to third-party apps and websites that might expose user tokens improperly.
Cloudflare has released a gateway and browser extension to make the distributed IPFS network easily and securely accessible.
F-Secure researchers found that modifying the hardware on modern computers make them susceptible to “cold boot” attacks where passwords and encryption keys can be harvested from memory. Hibernate or power off. Don't put the computer in sleep mode.
Five lawmakers have asked the Secretary of State for answers about his agency's failure to implement MFA despite a federal requirement to do so.
The attack group known as Magecart has been stealing payment information from sites for several years and is showing signs of maturation with the BA breach.
A data breach disrupts day-to-day operations and can hurt the company’s reputation, but the fact that stock prices bounce back pretty quickly makes it seem like the stock market doesn't penalize the company. Analysis by UK-based Comparitech found that long-term impact on the company’s stock performance after a breach.
Security strategist, adviser, and author Richard Bejtlich joins the podcast to talk about the evolution of incident response and how the security community has changed over the last 20 years.
The Mirai and Gafgyt IoT botnets recently have begun adding exploits for vulnerabilities in enterprise products.
The Tor Browser, which allows for private web browsing, is now available for the Android platform.
The United States Department of Justice painstakingly laid out the investigative breadcrumbs that identified the tools and techniques used by North Korea in offensive campaigns conducted over a four-year span, which includes the attack against Sony Pictures in 2014, the theft from Bangladesh Bank in 2016, and the devastating WannaCry ransomware outbreak in 2017.
The United States Department of Justice has charged a North Korean programmer for taking part in the attacks as part of its strategy to call out nation-state attackers. While there is no chance of US law enforcement ever making the arrest, the complaint is a way for the government to respond to damaging nation-state sponsored attacks.
Policy experts say that legislation mandating encryption backdoors are not on the horizon in the U.S., but could be a reality soon in the U.K. and Australia.
The Internet relies on BGP, but the protocol doesn't have any security protections to prevent route hijacking. NIST's draft paper outlines techniques for securing BGP for a safer Internet.
The two dominant social media platforms are changing the way they verify users in an effort to fight foreign influence operations.
The governments of the Five Eyes countries say that if tech companies can't help find a way to provide access to encrypted data, laws may be the answer.