Security news that informs and inspires

All Articles

511 articles:

‘Who Knows What These Computers Are Doing?’

The ever-growing complexity of modern computing devices is making it more and more difficult to secure them.

Rsac, Encryption

Don’t Despair, Good Privacy Days Ahead

The future of privacy is neither futile or pretty good. New regulations are on the way, but there will also be more challenge about rampant surveillance, ACLU tech fellow Jon Callas said.

Privacy, Rsac2019

Decipher Podcast: Yonathan Klijnsma

Yonathan Klijnsma of RiskIQ has been researching the Magecart skimming group for several years and speaks with Dennis Fisher about Group 4's tactics and targets.

Podcast

Privacy, Policy, and the Illusion of Control

Congress seems intent on passing federal data privacy legislation, but simply giving consumers more control won't be enough.

Privacy

Huawei and the 5G Conundrum

The U.S. and Chinese company Huawei have been butting heads over the upcoming 5G rollouts, with the U.S. citing national security concerns. However, banning Huawei equipment could have an impact on when 5G will be available in certain parts of the world.

5G, Networking

Deciphering Sneakers

Sneakers isn't just one of the best hacker movies of all time, it's a spiritual successor to WarGames and one of the most entertaining movies ever. Full stop.

Podcast

ICANN Warns of ‘Ongoing and Significant’ Threat to DNS

A series of DNS-hijacking campaigns against government agencies and other organizations has led ICANN to call for full deployment of DNSSEC and other protective measures.

DNS Security

A Traveler’s Guide to OPSEC

Traveling can be a lot of fun, but it can also present myriad challenges when it comes to keeping your information and devices secure. A few simple steps and a little advance planning can go a long way to increasing your operational security.

OPSEC, Rsac2019

BIND 9 Contains Serious Memory Leak

Some versions of BIND 9 contain a severe memory leak that can exhaust the memory resources on a vulnerable server.

BIND

19-Year-Old Bug Haunts WinRAR

A bug that can grant arbitrary code execution has been lurking in the WinRAR compression utility since 2000.

Vulnerabilities

Brushaloader Threat Evolves and Adapts Quickly

The Brushaloader malware threat, which often loads the Danabot banking trojan, is expanding its target base and refining its tactics.

Malware

Attackers Move Quickly, Defenders Need to Keep Up

Enterprise defenders have a very narrow window of opportunity to detect a compromise before attackers spread out through the network and cause more damage. For nation-state attackers, that breakout time is a handful of hours.

Hacking, Data Breaches

Crafting Policies With Panache

There are obvious differences between government policy and organizational policy, but when it comes to crafting information security policies, there are several elements that apply to both sides. Here are some of them.

CISO, Security Policy

Software Alone Can’t Fix Spectre-Class Flaws

Speculative execution enhanced microprocessor performance, but also made them more susceptible to side-channel attacks. The final fix won’t be via software updates.

Hardware, Spectre

Brutal Hacks Teach Hard Disaster Recovery Lessons

The hack of VFEmail, a hosted email provider, can be a reminder of how disaster recovery planning can be a life saver.

Disaster Recovery