The attack group known as Magecart has been stealing payment information from sites for several years and is showing signs of maturation with the BA breach.
A data breach disrupts day-to-day operations and can hurt the company’s reputation, but the fact that stock prices bounce back pretty quickly makes it seem like the stock market doesn't penalize the company. Analysis by UK-based Comparitech found that long-term impact on the company’s stock performance after a breach.
Security strategist, adviser, and author Richard Bejtlich joins the podcast to talk about the evolution of incident response and how the security community has changed over the last 20 years.
The Mirai and Gafgyt IoT botnets recently have begun adding exploits for vulnerabilities in enterprise products.
The United States Department of Justice painstakingly laid out the investigative breadcrumbs that identified the tools and techniques used by North Korea in offensive campaigns conducted over a four-year span, which includes the attack against Sony Pictures in 2014, the theft from Bangladesh Bank in 2016, and the devastating WannaCry ransomware outbreak in 2017.
The Tor Browser, which allows for private web browsing, is now available for the Android platform.
The United States Department of Justice has charged a North Korean programmer for taking part in the attacks as part of its strategy to call out nation-state attackers. While there is no chance of US law enforcement ever making the arrest, the complaint is a way for the government to respond to damaging nation-state sponsored attacks.
Policy experts say that legislation mandating encryption backdoors are not on the horizon in the U.S., but could be a reality soon in the U.K. and Australia.
The Internet relies on BGP, but the protocol doesn't have any security protections to prevent route hijacking. NIST's draft paper outlines techniques for securing BGP for a safer Internet.
The two dominant social media platforms are changing the way they verify users in an effort to fight foreign influence operations.
The governments of the Five Eyes countries say that if tech companies can't help find a way to provide access to encrypted data, laws may be the answer.
Mozilla is moving to block all web trackers by default in an upcoming release of Firefox.
There's a flaw in Android that allows an attacker to capture the MAC address and other information to track users.
Windows administrators don't like zero day vulnerabilities. The good news about the new flaw in the TaskScheduler service is that a hotfix, or a micropatch, is available.
Two separate election security bills, with different concepts of how to fix the problem, are both mired in committee in the Senate.