<![CDATA[Decipher]]> decipher.sc Decipher is an independent editorial site that takes a practical approach to covering information security. Through news analysis and in-depth features, Decipher explores the impact of the latest risks and provides informative and educational material for readers curious about how security affects our world. Tue, 18 Sep 2018 00:00:00 -0400 en-us info@decipher.sc Copyright 2018 3600 <![CDATA[Facebook Brings Bug Bounty to Developer Ecosystem]]> dennis@decipher.sc(Dennis Fisher) https://duo.com/decipher/facebook-brings-bug-bounty-to-developer-ecosystem https://duo.com/decipher/facebook-brings-bug-bounty-to-developer-ecosystem Tue, 18 Sep 2018 00:00:00 -0400

Facebook is expanding its bug bounty program to third-party apps and websites that might expose user tokens improperly.]]>
<![CDATA[Cloudflare Makes InterPlanetary File System Globally Accessible]]> dennis@decipher.sc(Dennis Fisher) https://duo.com/decipher/cloudlfare-makes-interplanetary-file-system-globally-accessible https://duo.com/decipher/cloudlfare-makes-interplanetary-file-system-globally-accessible Mon, 17 Sep 2018 00:00:00 -0400

Cloudflare has released a gateway and browser extension to make the distributed IPFS network easily and securely accessible.]]>
<![CDATA[No Sleep for Computers: Cold Boot Attacks are Back]]> fahmida@decipher.sc(Fahmida Y. Rashid) https://duo.com/decipher/no-sleep-for-computers-cold-boot-attacks-are-back https://duo.com/decipher/no-sleep-for-computers-cold-boot-attacks-are-back Thu, 13 Sep 2018 00:00:00 -0400

F-Secure researchers found that modifying the hardware on modern computers make them susceptible to “cold boot” attacks where passwords and encryption keys can be harvested from memory. Hibernate or power off. Don't put the computer in sleep mode.]]>
<![CDATA[Senators Question Lack of MFA at State Department]]> dennis@decipher.sc(Dennis Fisher) https://duo.com/decipher/senators-question-lack-of-mfa-at-state-department https://duo.com/decipher/senators-question-lack-of-mfa-at-state-department Thu, 13 Sep 2018 00:00:00 -0400

Five lawmakers have asked the Secretary of State for answers about his agency's failure to implement MFA despite a federal requirement to do so.]]>
<![CDATA[BA Breach Another Step in Magecart Group's Evolution]]> dennis@decipher.sc(Dennis Fisher) https://duo.com/decipher/ba-breach-another-step-in-magecart-groups-evolution https://duo.com/decipher/ba-breach-another-step-in-magecart-groups-evolution Wed, 12 Sep 2018 00:00:00 -0400

The attack group known as Magecart has been stealing payment information from sites for several years and is showing signs of maturation with the BA breach.]]>
<![CDATA[Data Breaches Have Long-Term Impact on Stock Price]]> fahmida@decipher.sc(Fahmida Y. Rashid) https://duo.com/decipher/data-breaches-have-long-term-impact-on-stock-price https://duo.com/decipher/data-breaches-have-long-term-impact-on-stock-price Tue, 11 Sep 2018 00:00:00 -0400

A data breach disrupts day-to-day operations and can hurt the company’s reputation, but the fact that stock prices bounce back pretty quickly makes it seem like the stock market doesn't penalize the company. Analysis by UK-based Comparitech found that long-term impact on the company’s stock performance after a breach.]]>
<![CDATA[Decipher Podcast: Richard Bejtlich]]> dennis@decipher.sc(Dennis Fisher) https://duo.com/decipher/decipher-podcast-richard-bejtlich https://duo.com/decipher/decipher-podcast-richard-bejtlich Tue, 11 Sep 2018 00:00:00 -0400

Security strategist, adviser, and author Richard Bejtlich joins the podcast to talk about the evolution of incident response and how the security community has changed over the last 20 years.]]>
<![CDATA[IoT Botnets Turn Attention to Enterprises]]> dennis@decipher.sc(Dennis Fisher) https://duo.com/decipher/iot-botnets-turn-attention-to-enterprises https://duo.com/decipher/iot-botnets-turn-attention-to-enterprises Mon, 10 Sep 2018 00:00:00 -0400

The Mirai and Gafgyt IoT botnets recently have begun adding exploits for vulnerabilities in enterprise products.]]>
<![CDATA[Justice Department Describes North Korea's Attack Arsenal]]> fahmida@decipher.sc(Fahmida Y. Rashid) https://duo.com/decipher/justice-department-describes-north-korea-attack-arsenal https://duo.com/decipher/justice-department-describes-north-korea-attack-arsenal Fri, 07 Sep 2018 00:00:00 -0400

The United States Department of Justice painstakingly laid out the investigative breadcrumbs that identified the tools and techniques used by North Korea in offensive campaigns conducted over a four-year span, which includes the attack against Sony Pictures in 2014, the theft from Bangladesh Bank in 2016, and the devastating WannaCry ransomware outbreak in 2017.]]>
<![CDATA[Tor Browser Comes to Android]]> dennis@decipher.sc(Dennis Fisher) https://duo.com/decipher/tor-browser-comes-to-android https://duo.com/decipher/tor-browser-comes-to-android Fri, 07 Sep 2018 00:00:00 -0400

The Tor Browser, which allows for private web browsing, is now available for the Android platform.]]>
<![CDATA[US Calls Out North Korea for Sony, Bangladesh Bank, WannaCry Attacks]]> fahmida@decipher.sc(Fahmida Y. Rashid) https://duo.com/decipher/us-calls-out-north-korea-for-sony-bangladesh-bank-wannacry-attacks https://duo.com/decipher/us-calls-out-north-korea-for-sony-bangladesh-bank-wannacry-attacks Fri, 07 Sep 2018 00:00:00 -0400

The United States Department of Justice has charged a North Korean programmer for taking part in the attacks as part of its strategy to call out nation-state attackers. While there is no chance of US law enforcement ever making the arrest, the complaint is a way for the government to respond to damaging nation-state sponsored attacks.]]>
<![CDATA[Crypto Backdoor Law Unlikely Soon]]> dennis@decipher.sc(Dennis Fisher) https://duo.com/decipher/crypto-backdoor-law-unlikely-soon https://duo.com/decipher/crypto-backdoor-law-unlikely-soon Thu, 06 Sep 2018 00:00:00 -0400

Policy experts say that legislation mandating encryption backdoors are not on the horizon in the U.S., but could be a reality soon in the U.K. and Australia.]]>
<![CDATA[Facebook and Twitter Move to Fight Disinformation Campaigns]]> dennis@decipher.sc(Dennis Fisher) https://duo.com/decipher/facebook-and-twitter-move-to-fight-disinformation-campaigns https://duo.com/decipher/facebook-and-twitter-move-to-fight-disinformation-campaigns Wed, 05 Sep 2018 00:00:00 -0400

The two dominant social media platforms are changing the way they verify users in an effort to fight foreign influence operations.]]>
<![CDATA[NIST Outlines How to Secure BGP]]> fahmida@decipher.sc(Fahmida Y. Rashid) https://duo.com/decipher/nist-outlines-how-to-secure-bgp https://duo.com/decipher/nist-outlines-how-to-secure-bgp Wed, 05 Sep 2018 00:00:00 -0400

The Internet relies on BGP, but the protocol doesn't have any security protections to prevent route hijacking. NIST's draft paper outlines techniques for securing BGP for a safer Internet.]]>
<![CDATA[Five Eyes Countries Press for Encryption Laws]]> dennis@decipher.sc(Dennis Fisher) https://duo.com/decipher/five-eyes-countries-press-for-encryption-laws https://duo.com/decipher/five-eyes-countries-press-for-encryption-laws Tue, 04 Sep 2018 00:00:00 -0400

The governments of the Five Eyes countries say that if tech companies can't help find a way to provide access to encrypted data, laws may be the answer.]]>
<![CDATA[Firefox Will Soon Block Trackers by Default]]> dennis@decipher.sc(Dennis Fisher) https://duo.com/decipher/firefox-will-soon-block-trackers-by-default https://duo.com/decipher/firefox-will-soon-block-trackers-by-default Fri, 31 Aug 2018 00:00:00 -0400

Mozilla is moving to block all web trackers by default in an upcoming release of Firefox.]]>
<![CDATA[Android Bug Allows Geolocation of Users]]> dennis@decipher.sc(Dennis Fisher) https://duo.com/decipher/bug-allows-geolocation-of-android-users https://duo.com/decipher/bug-allows-geolocation-of-android-users Thu, 30 Aug 2018 00:00:00 -0400

There's a flaw in Android that allows an attacker to capture the MAC address and other information to track users. ]]>
<![CDATA[Windows Task Scheduler Flaw Has Temporary Fix]]> fahmida@decipher.sc(Fahmida Y. Rashid) https://duo.com/decipher/windows-task-scheduler-flaw-has-temporary-fix https://duo.com/decipher/windows-task-scheduler-flaw-has-temporary-fix Thu, 30 Aug 2018 00:00:00 -0400

Windows administrators don't like zero day vulnerabilities. The good news about the new flaw in the TaskScheduler service is that a hotfix, or a micropatch, is available.]]>
<![CDATA[Competing Election Security Bills Stuck in Senate]]> dennis@decipher.sc(Dennis Fisher) https://duo.com/decipher/competing-election-security-bills-stuck-in-senate https://duo.com/decipher/competing-election-security-bills-stuck-in-senate Wed, 29 Aug 2018 00:00:00 -0400

Two separate election security bills, with different concepts of how to fix the problem, are both mired in committee in the Senate.]]>
<![CDATA[Decipher Podcast: Andy Greenberg]]> dennis@decipher.sc(Dennis Fisher) https://duo.com/decipher/decipher-podcast-andy-greenberg https://duo.com/decipher/decipher-podcast-andy-greenberg Tue, 28 Aug 2018 00:00:00 -0400

Andy Greenberg of Wired magazine joins Dennis Fisher to talk about the incredible story of the NotPetya malware outbreak.]]>