Security news that informs and inspires

All Articles

2376 articles:

Securing Access to Data Stored in Amazon S3 Buckets

There have been countless examples of misconfigured access to Amazon S3 buckets containing massive amounts of sensitive data - here’s how you can configure granular access policies and use MFA to protect your data in the cloud.

Cloud, AWS Security, AWS Authentication, Amazon S3 Security, S3 Bucket Security

Cloud Auth - Are You Doing Enough?

What does it take to secure your cloud applications and data? Technology today has made it possible to require stronger authentication controls for access to business-critical applications.

Cloud

Universities Targeted by Increasing Phishing & Ransomware Attacks

Malicious attacks against U.K. universities have doubled in the past year - find out how to protect against ransomware and phishing attacks that target research data.

University Security, Higher Education, Ransomware, Phishing

The State of the Breach in Healthcare: A Look at 2017 So Far

See how many healthcare data breaches have been reported so far in 2017, how many are due to hacking, what areas are lacking in security protection, how many ransomware attacks have targeted healthcare and more.

Healthcare Security, Healthcare Data Breach, Healthit

New Critical Infrastructure Security Recommendations from NIAC

A White House advisory group, The President’s National Infrastructure Advisory Council (NIAC), has released an 11-step report urging the Administration to take action to protect against “a watershed, 9/11-level cyber attack.”

Government, Critical Infrastructure Security

The State of Real-Time Threat Detection

An overview of tracking ransomware payments, tools to fight ransomware attacks, 3D printing security concerns and more from Black Hat 2017 and DEF CON 25 talks this year.

Black Hat, Defcon, Ransomware, 3d Printing Security

NIST’s New Security and Privacy Controls For IoT, MFA and SSO

NIST releases a new version of their Security and Privacy Controls, addressing new risks posed by the latest technology - the Internet of Things, plus guidance on combining single sign-on and multi-factor authentication.

Nist, Iot Security, Privacy, Mfa, Sso

Dissecting Security Hardware at Black Hat and DEF CON

Get insights into how to assess security hardware, including experimentations in counterfeiting U2F authentication tokens, different weaknesses in the hardware components of encrypted USB keys and more.

USB Security, Token, Yubikey, Black Hat, Defcon

Phishing Vulnerability Exposed with Recently Patched Windows Vulnerability

A recently patched, high-severity Windows vulnerability, CVE-2017-0199, is being used in phishing attacks to deliver malware to users - hitting 1.5 million users in Q2 of this year.

Phishing, Microsoft Office Security

Security Anthropology: How Do Organizations Differ?

Different types of organizations have different threat profiles - instead of classic benchmarking, which can be problematic, researching and creating organizational personas can help us better understand how they approach security issues.

Information Security, Security Anthropology

Examining Security Science at Black Hat 2017

Learn about the complexities of conducting security science and phishing tests - the psychological dynamics, validity of security usability studies, ethical issues, hallway testing and more.

Phishing, Black Hat

Hunting Malicious npm Packages

Duo Labs analyzes npm packages and how attackers can use malicious packages to gain access to and control over systems.

Npm Packages

Security Conference OPSEC

Get security conference OPSEC (operational security) tips from a senior security researcher who has seen it all - from trading trust for convenience to unattended personal items, learn how to lock it down when you’re on the road.

OPSEC, Operational Security, Security Conference Tips, Defcon, Black Hat

Key Updates to NIST’s Digital Identity Guidelines: SP 800-63-3

NIST has updated their Digital Identity Guidelines, SP 800-63-3 with final security recommendations - see the new standards that many industries, including government agencies and contractors, need to follow.

Nist, Identity, Mfa

Security Hygiene Tips to Prevent Malware Infection & Stop Lateral Movement

From stopping the initial point of infection to narrowing its path of destruction, here are some tips from the US-CERT (United States Computer Emergency Readiness Team) to help organizations of all sizes stay safe.

Security Hygiene, Security Basics, Malware, Lateral Movement