Security news that informs and inspires

All Articles

839 articles:

Phishing Frameworks and Toolkits Continue to Mature

New tools such as Modlishka and frameworks such as Gophish enable organizations to test their awareness and resilience to phishing campaigns.

Phishing, 2fa

BlackBerry Turns Focus to IoT Security

BlackBerry is offering a new set of services for IoT manufacturers to help them build more secure devices.

Iot Security

Marriott Breach Included 5 Million Passport Numbers

More than five million passport numbers were stolen as part of the Marriott data breach, which the company says affected as many as 383 million people.

Data Breaches

Google Patches Old Chrome Flaw on Android That Disclosed Device Info

Google has patched a three-year0old bug in Chrome on Android that disclosed vital device and firmware information that could be used in attacks.

Google

Deciphering Office Space

Office Space mixes the ennui of the late '90s tech industry and the pain of a dead-end job like no other movie. This is Deciphering Office Space.

Podcast

Open Source Software Needs Funding, Not Bug Bounty Programs

Bug bounty programs fill a need, but the European Union's offer to pay bug bounties for vulnerabilities in open source forgets one thing: projects don't need more flaws. Open source projects need people to fix the flaws.

Software Security, Open Source, Bug Bounty

Government Shutdown Impacts Enterprise Security

The government shutdown isn't impacting just security professionals working for the federal government. Corporate security teams have to pay attention to what public services are available and what aren't during this time period.

Government, Enterprise Security, Ciso

A Note to All the Holiday IT Folks

The next time you are asked to weigh in on tech questions, turn them into learning opportunities. Share information security awareness over appetizers and privacy knowledge over dessert. Make your corner of the world just a little bit more secure.

Security Awareness, User Education, Security Training

Misconfigured Backup Servers Potentially Exposing Data

Project Sonar data reveals that thousands of rsync servers on the internet do not require authentication, potentially exposing the files and servers stored on those servers to anyone curious enough to take a look.

Networking, Data Protection, Server Security

FBI Takes DDoS-For-Hire Sites Offline

The Justice Department and FBI targeted 15 sites that offer DDoS-for-hire services and charged three men with running some of the sites.

Ddos

Microsoft Fixes IE Flaw Already Under Attack

Even with a regular software update cadence, some vulnerabilities are serious enough to warrant an emergency fix. Microsoft has released an out-of-band update addressing a remote code execution flaw in Internet Explorer.

Microsoft, Patch, Internet Explorer

Deciphering Hackers

The movie Hackers has become a cult classic more than 20 years after its release and helped introduce hacking to the general public.

Podcast

The True Test of GDPR is Still Coming

More than six months after the European data privacy regulation went into effect, we still don’t know how effective GDPR will be at protecting data privacy.

Gdpr, Data Breaches, Privacy, Regulation

Malicious Cryptomining Remains a Threat Despite Currency Crashes

The threat of malicious cryptomining has not waned even as the value of Bitcoin and other cryptocurrencies has plummeted in recent months.

Malware

Developers Worry About Long-Term Effects of Anti-Encryption Law

Developers of secure messaging apps say there could be unforeseen long-range effects of anti-encryption laws in Australia and elsewhere.

Privacy, Encryption