Security news that informs and inspires

All Articles

570 articles:

New Echobot Malware Adds Exploits, Targets Enterprise Apps

A newly discovered version of the Echobot malware, which is tied to the Mirai botnet, contains eight new exploits and targets enterprise applications as well as consumer devices.

Malware, Botnet

Encryption, Privacy in the Internet Trends Report

This is the single most important stat in venture capitalist Mary Meeker’s massive Internet Trends report: 87 percent of Web traffic is now encrypted. Oh, and use of secure messaging apps are on the rise.

Technology, Privacy, Security

Application Attacks Rule the Web

Akamai's State of the Internet security report shows that SQL injection attacks make up more than two-thirds of application layer attacks against organizations.

Application Security

Windows 10 Moves Closer to a Password-less World

No matter what the security zealots say, the password will never fully die. The latest version of Windows 10 is getting closer to the passwordless ideal.

Passwords, Microsoft, Windows, 2 Factor Authentication

Decipher Podcast: Adam O’Donnell

Adam O'Donnell, a longtime security engineer, startup founder, and member of the Cult of the Dead Cow, joins Dennis Fisher to talk about the group, its influence, and his career in security.

Podcast

Large BGP Leak Hits European Mobile Carriers

A BGP route leak by a hosting company affected traffic from several European mobile carriers this week.

BGP

GoldBrute Botnet Is Brute-Forcing Windows RDP

A new botnet is scanning the internet and brute-forcing Remote Desktop Protocol connections to compile a list of vulnerable hosts, usernames, and passwords.

Remote Access, Rdp, Botnet

Odd Bug Haunts Exim Mail Agent

The Exim MTA used in many Linux distributions contains a vulnerability that is trivially exploitable locally and can be exploited remotely in some cases.

Vulnerabilities

Sign In With Apple Makes Privacy a Centerpiece

Sign in with Apple is coming in iOS 13, and the company will allow users to share unique, disposable email addresses with apps to help prevent data collection.

Apple, Ios

NSA Joins Chorus Urging Speedy Patching for BlueKeep

The United States NSA urging enterprises and individuals to install the update addressing the BlueKeep vulnerability on Windows systems as soon as possible.

Patch, Microsoft, Vulnerability

Q&A: Joseph Menn on the Cult of the Dead Cow

In his new book on the Cult of the Dead Cow hacking group, Joseph Menn describes the environment that led to the cDc's creation and why the group remains so influential after more than 35 years.

Hacking

MacOS Mojave Flaw Could Lead to Abuse of Trusted Apps

In macOS Mojave, a problem in the way the OS performs application validation could let an attacker run a modified version of a trusted app, bypassing local security mechanisms.

Apple

Google Turning On Confidential Mode by Default in G Suite

Google is planning to enable confidential mode by default for enterprise G Suite customers in June.

Google

New York Considers Its Own GDPR-Style Data Law

New York’s lawmakers are on the brink of passing a data security law that will give New Yorkers more information about how their data is being used and when it has been compromised.

Government, Data Breach Notification

Decipher Podcast: Joseph Menn

Joseph Menn, author of a new book on the Cult of the Dead Cow hacking group, joins Dennis Fisher to discuss the group, its influence, and why he thinks the cDc has survived so long.

Podcast