Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
DHS HART national biometric database will be useful to law enforcement, but experts are concerned about the civil liberties implications and securing access and use of the data [Read More]
19-year-old who used the online moniker Vigilance arrested for hacktivist attacks on Minnesota government systems [Read More]
The operator of the world's largest internet hub challenged the legality of sweeping telecoms surveillance by Germany's spy agency, a German court heard. [Read More]
The European Union’s law enforcement agency has created a dedicated team that will be investigating activity across the dark web. [Read More]
FireEye releases GeoLogonalyzer, an open source tool that helps organizations detect malicious logins based on geolocation and other data [Read More]
Europol has signed two cybersecurity memorandums of understanding this week – one with three EU agencies and one with the World Economic Forum (WEF) [Read More]
Russian police arrest Russian national involved in a scheme that helped cybercriminals make up to $8,000 per day using Android banking Trojans [Read More]
The Justice Department said the "VPNFilter" botnet was set up by a hacking group variously called APT28, Pawn Storm, Sandworm, Fancy Bear and the Sofacy Group. [Read More]
Agari researchers developed a method of gaining access to the scammers' own mailboxes, using what he describes as responsible active defense. [Read More]
FBI admits that – due to flaws in methodology – it inflated the number of devices it could not analyze due to strong encryption [Read More]
- 1 of 126
- ››
FEATURES, INSIGHTS // Tracking & Law Enforcement
Asking for security backdoors that only benefit the good guys is like asking for bullets that only hurt the bad guys. That’s simply not how encryption works.
In the initial hours after the Paris attacks by Islamic terrorists, when the PlayStation 4 rumor was first circulating, I decided to see exactly what kind of encryption the PS4 uses for its messaging system.
The overall industry tone of caution around active defenses may be calibrated to defuse the notion rather than taking the argument, buying time for other alternatives to surface.
In 2011, Twitter began encrypting all information between the (mostly) mobile endpoints and their own servers. This made it more difficult for monitoring agencies to determine a mobile user’s Twitter profile, and thereby that user’s follow list. More difficult, but not impossible.
The time has come for the technology professions to demonstrate ethical maturity and adopt standards of ethical conduct to which we hold ourselves and our peers accountable.
If criminals can’t use or sell stolen data without being caught, then the data quickly becomes worthless. As a result it’s critical to understand what happens to data after a breach.
Because transactions using virtual currencies happen anonymously, they confuse issues of jurisdiction and can become difficult to enforce. When authorities do take action, cybercrime simply re-images itself with a new currency and a new platform.
As the “Snowden leaks” continue in their revelations and unraveling of the twisted web of government surveillance, it is becoming clear that the foundation of trust in the Internet as a shared commons has been thoroughly undermined.
The power of metadata does not come in that data itself but in the ability of that data to be processed and correlated in an automated fashion. What many believe is meaningless data can reveal more than one would think.
Over the past year the buzz around tracking threat actors has been growing and in my opinion hitting the height of the hype cycle. Relying on behavior profiles alone is a great way to get an unwelcomed outcome.
- 1 of 3
- ››
SecurityWeek Daily Briefing
- Oracle Patches New Spectre, Meltdown Vulnerabilities
- Tesla Breach: Malicious Insider Revenge or Whistleblowing?
- "Wavethrough" Bug in Microsoft Edge Leaks Sensitive Information
- New Encrypted Downloader Delivers Metasploit Backdoor
- Watch Out for Fileless Ransomware
- How to Shed the Security Operations Doldrums
- Hidden Tunnels: A Favored Tactic to Evade Strong Access Controls
- Hackers Exploit Drupal Flaw for Monero Mining
- Red Alert Android Trojan for Rent at $500 Per Month
- Cisco Patches Critical Flaws in NX-OS Software
Copyright © 2018 Wired Business Media. All Rights Reserved. Privacy Policy