Security news that informs and inspires

All Articles

959 articles:

Facebook Moves to Restrict Access to User Data

Facebook is making privacy changes designed to restrict apps' access to user data.

Privacy, Facebook

Here Come the Malicious Cryptominers

Malicious cryptominers are taking over for ransomware, thanks to quicker ROI and less attention from law enforcement.

Cryptomining, Cryptocurrency

Here’s Why Chrome is Scanning Your Computer for Malware

Recent reports have highlighted Chrome Cleanup, a lesser-known security feature in Chrome that looks for potentially harmful software that can potentially hijack the web browser. While good for user security, Google should make information about the tool easier to understand and easier to find.

Google

Empathy for Security Victims, Not Blame

Whenever there is a breach or security incident, the infosec quarterbacks are out in full force, speculating what went wrong and pointing out what "should" have been done. Empathy is needed to share what worked and what didn't, not smug superiority. Security is for everyone.

Internet

Data Brokers, Social Media, User Privacy

Facebook is severing ties with data brokers, those companies that sit on piles of user data such as voter rolls, property records, purchase histories, and other databases. It's bad news for advertisers, but will it improve user privacy?

Privacy

BranchScope: Another Processor-Based Attack

Much like Spectre, BranchScope is an attack that focuses on the processor's branch prediction system. That doesn't mean the processors are hopelessly vulnerable. It just means that as more researchers start exploring various features in modern CPUs, more issues will be found.

Hardware, Security Research

New DIY Method Lets Researchers Recover Data from Hardware Chips

Many Internet of Things manufacturers handled security by disabling hardware debugging and locking down the firmware. Security researchers need to bypass these barriers so that they can find and help fix the actual security issues. A researcher talks about a technique gets researchers down to the silicon level.

Hardware Hacking, Security Research

Washington, Facebook, and the Privacy Reckoning

Federal legislators are asking Facebook, Google, and Twitter executives to come to Washington to discuss privacy concerns.

Privacy, Facebook

Georgia Bill Casts a Chill on Security Research

A bill in the Georgia senate would criminalize some activities that security researchers commonly perform.

Legislation

GitHub Alerts Help Fix Bugs in Ruby, JavaScript Code

When GitHub unveiled its Security Alerts scanning feature last November, it was betting that if project owners knew which software components they were using had vulnerabilities, they would update them with patched versions. GitHub said that by Dec. 1, 450,000 vulnerabilities had been resolved, either by removing the dependency entirely or swapping out with a more recent, patched version. That's a little over 10 percent of the vulnerabilities addressed, right off the bat.

App Security, Vulnerability, Software Security

Be Careful Using Machine Learning in Security

Recent advances in artificial intelligence, especially in deep learning and other machine learning approaches, are really exciting for the future of security. In the rush to roll out AI in security technology, it is easy to forget that machine learning is just a tool, and that like any tool, is the most effective when used by an expert.

Machine Learning, Ai

CLOUD Act Grants Broad New Data-Gathering Powers to Governments

The CLOUD Act gives governments new powers to seize data stored in other countries, raising privacy concerns.

Government

Understanding the Virtual CSO

Organizations don't have to decide between hiring a CSO/CISO or not having a security leader at all. They can tap the CISO's security expertise by working with a virtual CSO. Gal Shpantzer and Wim Remes talk about the challenges of being an intricate part of the organization's security but still an outsider.

Ciso

The Encryption Storm on the Horizon

The issues over encrypted data faced by Telegram in Russia and Apple in China could portend a conflict in the U.S. soon.

Encryption

Andy Ellis Has Your Back

Akamai CSO Andy Ellis takes an uncommon approach to his job, distributing responsibility for security across the organization.

Network Security, Ciso