Security news that informs and inspires

All Articles

984 articles:

Decipher Podcast: Melanie Ensign

Melanie Ensign of Uber joins Dennis Fisher to talk about the challenges and rewards of working in security and privacy communications.

Podcast

Chrome’s Anti-Abuse Feature Blocks Ads on Dodgy Sites

Chrome 71 extends the ad-blocking technology introduced last year to block advertisements on sites with "harmful experiences" on the web.

Chrome Security, Malware

Critical Kubernetes Bug Gives Anyone Full Admin Privileges

With a 9.8 rating on the Common Vulnerability Scoring System, the privilege escalation flaw in container orchestration system Kubernetes is as bad as it can get. Any user will be able to remotely gain full administrator privileges on any node in the cluster.

Vulnerability, Open Source, Patching

Mastercard, Microsoft Team Up on New Digital Identity Platform

Microsoft and Mastercard plan to work together to develop a new platform for verifying identities online that can be used across multiple services and for different purposes.

Identity, Passwords

Decipher Podcast: Katie Moussouris

Katie Moussouris of Luta Security speaks with Dennis Fisher about the security industry's constant cycle of mistakes and the hidden perils of bug bounty programs.

Podcast

Microsoft Open Sources SEAL Homomorphic Encryption Library

Microsoft has made its SEAL homomorphic encryption library open source, a part of an effort to help standardize the encryption scheme.

Encryption

500 Million Affected in Marriott Data Breach

Attackers had access to a portion of the Starwood network for four years, resulting in a data breach at parent company Marriott that affects as many as 500 million people.

Data Breaches

Mapping the Spectral Landscape of IPv6 Networks

Two researchers have developed an open source toolset called ipv666 that helps predict IPv6 addresses and find live hosts.

Ipv6

Decipher Podcast: Mikhail Davidov

Dennis Fisher is joined by Mikhail Davidov of Duo Labs to talk about his detailed research on the Apple T2 security chip.

Podcast, Apple

U.S. Dismantles Massive 3ve Click-Fraud Operation

It's a good day when law enforcement, working with industry partners like Google, Symantec and White Ops dismantle a massive operation designed to steal advertising revenue.

Internet, Fraud

Software Update Led to Microsoft Azure MFA Outage

A trio of problems caused by a software update in some of Microsoft's data centers led to a service outage for customers of the Azure Active Directory MFA service last week.

Mfa, Microsoft

Making the Case for a Botnet-Free Internet

Imagine the internet with no botnets. That's the ambitious vision, with more regulations holding more organizations accountable for botnet activities on their networks, as laid out in a Council on Foreign Relations paper.

Botnet, Internet

Windows Now Supports Password-Less Authentication With Security Keys

Microsoft customers now have the option of logging in to Windows, on desktop or mobile devices, with a FIDO2-compliant security key--and no password.

Microsoft

Apple’s T2 Chip Good for Secure Boot, Still Room for Improvement

Apple’s T2 chip on the new Macs perform a wide array of tasks to secure the machine from various hardware- and software-based attacks. The fact that the T2 chip can do so much is also potentially its weakness, as it opens up the machine’s attack surface.

Labs Research, Apple, Hardware, Firmware Security

U.S. Says Russia, Other Nations, Are Uncooperative on Cybercrime Investigations

A deputy U.S. attorney general said that Russia and other nations stonewall cybercrime investigations and called for international cooperation.

Cybercrime, Privacy