Security news that informs and inspires

All Articles

2262 articles:

DuckDuckGo Releases Tracker Radar Tool

DuckDuckGo's new Tracker Radar tool protects users against pervasive third-party tracking across the web.

Privacy

Internet Standards Emphasize User Privacy At Expense of Enterprise Security

New Internet technologies bring more privacy to the network, but they have the side effect of breaking security in enterprise networks, Internet pioneer Paul Vixie said at RSA Conference 2020.

DNS

Let’s Encrypt Delays Revoking Some Certificates

Let's Encrypt has delayed revoking some of the certificates affected by a server bug in order to ensure stability on those sites.

Encryption

EARN IT Act Not Earning Much Support

The EARN IT Act has not yet made it to the Senate floor amid a lack of enthusiasm from legislators, but that may change.

Encryption

Bug Forces Let’s Encrypt to Revoke Millions of Certificates

Let's Encrypt will revoke three million certificates because of a subtle bug in its server software that affected the way domain records were checked.

SSL

DoJ on Criminal Marketplaces and Not Breaking the Law

Security researchers, law enforcement, and analysts lurk in criminal marketplaces and forums collecting information which may indicate a possible data breach or data theft. It’s a tricky balancing act—blending in among criminals while not engaging in criminal activity that could get them arrested.

Government, Cybercrime, Penetration Testing

Deciphering Enemy of the State

Dennis Fisher is joined by Chris Brook and Brian Donohue to revisit Enemy of the State, the 1998 techno-paranoia thriller that foretold much of what's happening in today's surveillance society.

Podcast, Hacker Movies

The Hidden Joys of Security Through Obscurity

Security through obscurity isn't always a bad thing, at least in the esoteric world of ICS security.

ICS Security

‘Building Side Doors Is Not Going to Help’

Encryption back doors will make matters worse, not better, crypto pioneers say.

Encryption, Rsa2020

Decipher Podcast: Wendy Nather

Wendy Nather, head of advisory CISOs at Duo, joins Dennis Fisher to discuss her RSA keynote speech on democratizing security and making security more usable and collaborative.

Podcast

Review Finds Downgrade Attack in Solokey Firmware

A review of the SoloKey firmware found a serious downgrade attack flaw, which an attacker could use to install an older, vulnerable version. The bug has been fixed.

2fa

Decipher Podcast: Rick Altherr

Rick Altherr of Eclypsium joins Dennis Fisher to talk about the company's new research on unsigned device firmware.

Podcast

Changes in Kernel Code Created New Security Bugs in Android Devices

Code changes intended to prevent attacks can wind up creating even more security issus, Google Project Zero warned.

Android

Ransomware Attack Hit Gas Pipeline Facility

A gas compression facility was the victim of a ransomware attack that took its operations offline for two days and required replacement equipment.

Ransomware

Microsoft Pulls Buggy UEFI Security Update

Microsoft has removed the Windows security update addressing issues with third-party boot managers after users complained the updates caused their systems to stop working.

Microsoft, Hardware, Windows