SEARCH
All Articles
Microsoft’s Bug Bounty Covers OpenID Flaws
Microsoft will do more than pay researchers bounties for finding and reporting vulnerabilities in Microsoft Account and Microsoft Entra ID in its Microsoft Identity Bounty Program. The company also wants vulnerabilities in select OpenID standards.
FTC Wants More Security and Privacy Authority
Two months into his job, FTC Chairman Joseph Simons says the commission needs more authority to enforce data security privacy violations.
Wyden, Rubio Ask Google and Amazon to Restore Domain Fronting
Two powerful senators have asked executives at Google and Amazon to rethink their decisions to end the use of domain fronting on their cloud networks to help protect at-risk users.
Microsoft Wants Federal Regulation of Facial Recognition Technology
Microsoft President Brad Smith is asking Congress to step in and regulate the use of facial recognition technology to help prevent abuse.
The Rise and Rise of Business Email Compromise Scams
The FBI estimates that BEC scams have cost victims nearly $13 billion in the last year and a half, a major increase that shows no signs of being an anomaly.
Attacking Internet of Things: A Means to an End
Why are attackers interested in compromising the Internet of Things? In this Decipher video, security experts discuss what attackers are looking for when they go after Internet-connected doorbells and other smart devices.
A Buyers’ Market: Healthcare Data in Underground Markets
Bundles of personal data records are referred to as fullz on the underground marketplaces by criminals. The data can include names, addresses, phone numbers, social security numbers (SSNs) and date of birth, all of which can be used for medical fraud, impersonation or even extortion. Stolen healthcare information is valued the highest.
Dude, Where’s My Car With My Lunch?
"If it bleeds, it leads..." We have a perverse fascination with autonomous vehicles, especially when they fail, and even more so when there is a fatality.
Google Rolls Out New Defense Against Spectre and Meltdown
Chrome now includes a new feature called Site Isolation that can help defend against speculative execution attacks in the browser.
How iOS 11.4.1 Stops USB Attacks and Bad Emojis
In its latest release of iOS, Apple has included a new feature called Restricted Mode that can prevent USB-based attacks.
Biometric Privacy on the Line in Illinois Case
A case before the Illinois Supreme Court is looking like a key test of how companies are allowed to collect and use consumers' biometric information.
DNC Security Checklist a Good First Step for Defense
For organizations worried about phishing attacks and the prospect of losing control over their files the checklist from the Democratic National Committee is a good starting point to improve baseline security practices.
Facebook Says It’s Ending Most Integration Partnerships
Facebook said in a long response to lawmakers that it had so-called integration partnerships with 52 companies, but it has ended most of them already.
New CA Focus on EV Certs Won’t Stop Phishing
The CA Security Council's London Protocol attempts to address the problem of phishing sites with legitimate SSL/TLS certificates, but the initiative perpetuates the myth that the pricier EV certificates are more secure than DV certificates.
California Privacy Law Is the New Standard
The new privacy bill in California allows consumers to control what data companies collect from them and how that information is used.