Security news that informs and inspires

All Articles

983 articles:

Uber Releases Metta Adversarial Simulation Tool

The Uber Metta adversarial simulation tool allows defenders to test their network detection systems.

Network Security, Tools

Mapping the Internet, One Device at a Time (Part One)

Just as people use search engines such as Google, Bing, and DuckDuckGo to find specific information on the Internet, there are special search engines that can find information about Internet-connected devices and networks. Think webcams, printers, smart light bulbs, industrial control systems, monitoring systems. Information about these devices are just a special search query away.

Internet, Cartography

UK Government Proposes Secure by Design Guidelines for IoT

The UK government has published a Secure by Design report on improving the cybersecurity of consumer Internet of Things (IoT) devices such as smart TVs and wearables, urging manufacturers to follow common security guidelines and help protect consumers.

Iot Security, Government

Attackers Lie, Leave False Trails

We still don't know who was behind the Olympic Destroyer malware that targeted South Korea during the Winter Olympics, but we know all those supposed clues to their origins were false clues planted by the attackers. As defenders, assume everything you can't verify completely is a lie the attackers deliberately crafted.

Hackers, Malware

‘Nothing’s Going to Last Forever’: An Oral History of the LØpht, Part Four

In 1999 a group of venture capitalists came together to buy the L0pht and make it part of @stake, a security consulting firm.

L0pht

How Attackers Try to Outmaneuver Google Play Security

Malicious app developers are using anti-reverse engineering tactics to get around Google Play security restrictions.

Google

Thirty Minutes Or Less: An Oral History of the LØpht, Part Three

The L0pht hacker group testified before the Senate in 1998 and told the lawmakers they could take down the Internet in 30 minutes or less because of a vulnerability in the BGP protocol.

L0pht

LinkedIn CISO: The Stories We Tell

As CISO of LinkedIn, Cory Scott understands the importance of matching people to the right team. Instead of looking for specific skills or job titles, he asks people for their personal narratives.

Ciso, Hackers

The Wide World of Cryptocurrency Crime

Cryptocurrency crime is expanding beyond ransomware to in-browser mining and nation-state attacks.

Cryptocurrency, Cryptomining

The Merger of Hacking and Disinformation

Hacking and disinformation have merged to become the favored methods of political parties, nations, and individual attackers.

Disinformation

‘Microsoft Was Freaking Out‘: An Oral History of the LØpht, Part 2

As the L0pht hacker group matured new members like Mudge and Dildog joined and the group began publishing security advisories on Microsoft Internet Explorer.

L0pht

Why We Can’t Have Nice Things (Only Secure Ones)

Technology promised to make things better, but we are getting far less than what we were promised. Add security into the mix, and things have gone terribly wrong in the usability department. We need to look at security as a process and consider the impact of all the steps; not be solely focused on individual steps.

Ciso, 2 Factor Authentication

A Word From the Decipher Editors

Newcomers to information security frequently don't know where to begin, and industry veterans need information that goes beyond the initial news to understand the implications and impact.

Decipher

Are You Your Phone Number? Identity in Mobile Apps

We tend to think of phone numbers as part of our identity, and that impression is reinforced when we use our phone numbers to register for mobile apps. For many mobile apps, however, phone number is a handy username. We are still looking for a proper identifier in the mobile world.

Mobile, Authentication, Identity Proofing

‘We Got to Be Cool About This‘: An Oral History of the LØpht, Part 1

Born from the Boston BBS scene of the 1980s, the L0pht emerged in the 1990s as one of the more influential hacker groups ever and helped spawn the security industry as we know it today.

L0pht