Security news that informs and inspires

All Articles

842 articles:

Microsoft Releases Emergency Fix for SMBv3 Flaw

Microsoft has issued a security advisory warning of a vulnerability in the Microsoft Server Message Block (SMB) protocol. Until a fix is available, administrators are advised to disable SMBv3 compression on their servers.

Microsoft, Smb Security, Networking

Microsoft DART Finds Six Attack Groups On Customer Network

While helping a customer deal with a state-sponsored attack group which had been stealing data and email for about eight months, Microsoft’s incident response team uncovered five other threat actors operating simultaneously on the network.

Microsoft, Incident Response, Apt

Commission Outlines Ways to Overhaul Federal Cybersecurity

The United States needs a top-level cybersecurity coordinator, more powers for CISA, and cybersecurity-specific committees in Congress, the Cyberspace Solarium Commission said in its long-awaited report.

Government, Federal Cybersecurity

Microsoft Disrupts Necurs Botnet

Microsoft has taken over the control infrastructure for the Necurs botnet, disrupting the operations of the notorious spam and malware-distribution network.

Microsoft, Botnet

Yubico Warns of OTP-Replay Issue In Validation Server

The Yubico Validation Server contains a pair of vulnerabilities, one of which allows the replay of one-time passwords.

2fa

DuckDuckGo Releases Tracker Radar Tool

DuckDuckGo's new Tracker Radar tool protects users against pervasive third-party tracking across the web.

Privacy

Internet Standards Emphasize User Privacy At Expense of Enterprise Security

New Internet technologies bring more privacy to the network, but they have the side effect of breaking security in enterprise networks, Internet pioneer Paul Vixie said at RSA Conference 2020.

Dns

Let’s Encrypt Delays Revoking Some Certificates

Let's Encrypt has delayed revoking some of the certificates affected by a server bug in order to ensure stability on those sites.

Encryption

EARN IT Act Not Earning Much Support

The EARN IT Act has not yet made it to the Senate floor amid a lack of enthusiasm from legislators, but that may change.

Encryption

Bug Forces Let’s Encrypt to Revoke Millions of Certificates

Let's Encrypt will revoke three million certificates because of a subtle bug in its server software that affected the way domain records were checked.

Ssl

DoJ on Criminal Marketplaces and Not Breaking the Law

Security researchers, law enforcement, and analysts lurk in criminal marketplaces and forums collecting information which may indicate a possible data breach or data theft. It’s a tricky balancing act—blending in among criminals while not engaging in criminal activity that could get them arrested.

Government, Cybercrime, Penetration Testing

Deciphering Enemy of the State

Dennis Fisher is joined by Chris Brook and Brian Donohue to revisit Enemy of the State, the 1998 techno-paranoia thriller that foretold much of what's happening in today's surveillance society.

Podcast

The Hidden Joys of Security Through Obscurity

Security through obscurity isn't always a bad thing, at least in the esoteric world of ICS security.

Ics Security

Decipher Podcast: Wendy Nather

Wendy Nather, head of advisory CISOs at Duo, joins Dennis Fisher to discuss her RSA keynote speech on democratizing security and making security more usable and collaborative.

Podcast

‘Building Side Doors Is Not Going to Help’

Encryption back doors will make matters worse, not better, crypto pioneers say.

Encryption, Rsa2020