Security experts are pushing for a new process to disclose hardware vulnerabilities.
The Digital Security Exchange is helping to connect at-risk groups with security experts who can help protect them.
Everyone has their own story about who they are and what they do. LinkedIn CISO Cory Scott describes how to use people's personal narratives to put together security teams that have a diverse set of skills, problem-solving, and experiences.
AMD has released mitigations for the Spectre vulnerability that affects some of its processors.
The WebAuthn specification from the W3C could make password-free authentication a reality in the near future.
The Internet is a hostile environment for many users, and cellular networks, unfortunately, are simply an extension of that.
Security researcher Dylan Houlihan discovered an issue that leaked data from the Panera Bread site, including customer names, phone numbers, and other information.
Just because a vulnerability exists doesn’t automatically mean it will get exploited. It turns out the popularity of the software matters, but so does where the vulnerability information is published.
Facebook is making privacy changes designed to restrict apps' access to user data.
Malicious cryptominers are taking over for ransomware, thanks to quicker ROI and less attention from law enforcement.
Recent reports have highlighted Chrome Cleanup, a lesser-known security feature in Chrome that looks for potentially harmful software that can potentially hijack the web browser. While good for user security, Google should make information about the tool easier to understand and easier to find.
Whenever there is a breach or security incident, the infosec quarterbacks are out in full force, speculating what went wrong and pointing out what "should" have been done. Empathy is needed to share what worked and what didn't, not smug superiority. Security is for everyone.
Facebook is severing ties with data brokers, those companies that sit on piles of user data such as voter rolls, property records, purchase histories, and other databases. It's bad news for advertisers, but will it improve user privacy?
Much like Spectre, BranchScope is an attack that focuses on the processor's branch prediction system. That doesn't mean the processors are hopelessly vulnerable. It just means that as more researchers start exploring various features in modern CPUs, more issues will be found.
Many Internet of Things manufacturers handled security by disabling hardware debugging and locking down the firmware. Security researchers need to bypass these barriers so that they can find and help fix the actual security issues. A researcher talks about a technique gets researchers down to the silicon level.