Security news that informs and inspires

All Articles

1074 articles:

Making 0-Day Hard is Still Hard

The difficulty of detecting zero days in the wild and incomplete patches for the ones that are found is making life easier for attackers.

Google, Vulnerability

Political Campaigns Face Tough Security Challenges

The short lifespans and limited budgets of political campaigns adds to the security challenges they face as advanced adversaries target them.

Government, 2fa

FBI Director Urges More Cooperation, Relationships

The Federal Bureau of Investigation has been beating the public-private sector cooperation drum for several years now, and FBI director Christopher Wray stuck to that theme during his talk at Fordham University’s International Conference on Cyber Security.

Fbi, Information Sharing, Threat Intelligence

Severe Bug in Libgcrypt Fixed

Developers have patched a serious heap buffer overflow in Libgcrypt that could be triggered easily when data is decrypted.

Vulnerability

Google Promises Advertises Can Test No-Cookie Tech

Google said tests show that the new technology to replace third-party cookies doesn't impact ad revenue, but didn't provide more details on how it would enhance user privacy.

Privacy, Google

Authorities Take Down Emotet Botnet

Police in the US and Europe have disrupted the Emotet botnet, taking over its servers and cutting off communications with infected computers.

Emotet

Firefox Moves to Cut Off Supercookie Tracking

In Firefox 85, Mozilla is partitioning several caches in the browser in order to prevent trackers from abusing them.

Mozilla, Privacy

Sudo Flaw Gives Linux Users Root Access

Researchers from Qualys uncovered a major vulnerability in an application that allows administrators to delegate limited root access to regular users. While most major Linux distributions have released fixed versions of sudo, administrators still have to verify their systems are protected.

Linux, Vulnerability

Cybercriminals Target Vaccine Supply Chain

Over the last year, cybercriminals adjusted their attack tactics with new developments with the COVID-19 pandemic. With attention now on developing and distributing the vaccine for the novel coronavirus, attackers have shifted their focus to target the vaccine supply chain.

Supply Chain, Cybercrime

Decipher Podcast: Andy Ellis Returns

Andy Ellis, CSO of Akamai, joins Dennis Fisher to discuss the importance of setting priorities, how to assess your strengths and weaknesses as an organization, and the NFL draft.

Podcast

Enduring Lessons From Securing the Election

Securing the 2020 election was a years-long process, and former CISA Director Chris Krebs found a number of key lessons for security teams during the effort.

Government

EU Regulators Issued Larger GDPR Fines in 2020

The European Union’s data protection authorities have been flexing their regulatory powers under the General Data Protection Regulation over the past year, increasingly imposing larger fines and other enforcement actions.

Gdpr

New York Proposes Biometrics Privacy Law

New York lawmakers are moving ahead with their own privacy legislation to regulate how private companies handle biometric data.

Privacy, Biometrics

Trump Executive Order Focuses on Rules for Cloud Providers

One of the last executive orders for the outgoing Trump Administration authorized the Commerce Department to create "know your customer" rules for infrastructure-as-a-service providers.

Government, Cloud, Identity

New Raindrop Tool Tied to SolarWinds Attackers

A piece of malware called Raindrop has been found in some networks compromised by the SolarWinds attackers.

Solarwinds