Security news that informs and inspires

All Articles

959 articles:

No Easy Fix for BGP Leaks

We forget that the Internet is pretty fragile and when something breaks, there is collateral damage. DNS hijacking and BGP leaks are two of the problems we haven't fixed yet, and there aren't any easy solutions.

Internet, Networking

Uber Evolves Bug Bounty Program to Reassure Researchers

Uber has updated its bounty program to provide security researchers with clarity on what good faith research looks like.

Bug Bounty

Manage Third-Party Suppliers with Personality Tests

Every supplier and third party vendor has different behaviors, abilities and knowledge. Developing a personality profile for each supplier can help organizations decide how much effort they need to spend managing that relationship as part of an effective infosec and privacy assurance program.

Supply Chain, Ciso

The Rise and Rise of Cryptocurrency Related Crime

Cryptocurrencies such as Bitcoin and Monero have become favorites of cyberminals associated with ransomware and malicious coinmining, but there's much more going on beneath the surface.

Cryptocurrency

Hacker History: How Dan Kaminsky Almost Broke the Internet

In this illustrated Hacker History video, security researcher Dan Kaminsky goes back to 2008 and describes how he found the vulnerability in DNS and almost broke the Internet. Unfortunately, DNS still needs to be fixed.

Hacker History, Dns Security, Network Security

‘Saying I Can’t Is Always Easier Than Saying I Won’t’

In the face of increased threats to user privacy, companies such as Apple, Google, and others have moved to encrypt more and more channels.

Encryption

The Blockchain Won’t Save You

Blockchain technology has uses in security, but experts say it's not the universal answer to security problems.

Encryption

New Process Needed for Disclosing Hardware Flaws

Security experts are pushing for a new process to disclose hardware vulnerabilities.

Encryption

LinkedIn CISO: Bringing Diversity into Security with the Stories We Tell

Everyone has their own story about who they are and what they do. LinkedIn CISO Cory Scott describes how to use people's personal narratives to put together security teams that have a diverse set of skills, problem-solving, and experiences.

Ciso

Digital Security Exchange Forges Connections to Protect Those in Need

The Digital Security Exchange is helping to connect at-risk groups with security experts who can help protect them.

Privacy

AMD Releases Spectre Mitigations

AMD has released mitigations for the Spectre vulnerability that affects some of its processors.

Vulnerability

WebAuthn Offers a Glimpse Into a Potentially Password-Less Future

The WebAuthn specification from the W3C could make password-free authentication a reality in the near future.

Multifactor Authentication

In the Cellular ‘Cesspool,’ Spies and Crooks Have Their Way

The Internet is a hostile environment for many users, and cellular networks, unfortunately, are simply an extension of that.

Privacy

How a Researcher Found the Panera Data Leak

Security researcher Dylan Houlihan discovered an issue that leaked data from the Panera Bread site, including customer names, phone numbers, and other information.

Data Breaches

Web Application Bugs, From Disclosure to Exploit

Just because a vulnerability exists doesn’t automatically mean it will get exploited. It turns out the popularity of the software matters, but so does where the vulnerability information is published.

Web App Security, Web App Attacks