Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Here’s what you need to know about a new report on NSO Group, the notorious Israeli hacker-for-hire company and maker of Pegasus malware. [Read More]
Reports that Israel-made Pegasus spyware has been used to monitor activists, journalists and politicians around the world highlight the diplomatic risks of nurturing and exporting "oppressive technology", experts warned. [Read More]
The United States and its allies have officially accused China of being behind the Microsoft Exchange attacks disclosed in early March. [Read More]
Israel's NSO Group has been linked to a list of 50,000 smartphone numbers, including those of activists, journalists, business executives and politicians around the world. [Read More]
Microsoft's security response team late Thursday acknowledged a new, unpatched bug that exposes Windows users to privilege escalation attacks. [Read More]
The search advertising giant released a Chrome security refresh overnight with a warning that malicious hackers are actively exploiting a critical type confusion vulnerability to launch malware attacks. [Read More]
Microsoft partners with Citizen Lab to identify a mysterious commercial surveillance company in Israel selling zero-days and high-end spyware to government hackers. [Read More]
The US government has launched a new website to combat ransomware and announced $10 million rewards for information on foreign hackers. [Read More]
Kaspersky issues a report on an advanced threat actor that has hit approximately 1,500 entities in Myanmar and the Philippines, including government entities. [Read More]
The REvil ransomware gang went offline Tuesday, sparking speculation about whether the move was the result of a government-led action. [Read More]

FEATURES, INSIGHTS // Tracking & Law Enforcement

rss icon

Gordon Lawson's picture
Threat hunting must be non-attributable, while maintaining a clear audit trail to satisfy legal and governance requirements.
Idan Aharoni's picture
Taking down dark web sites may cause headache for both the bad guys and the good guys, but it can also have a profound positive effect on the fight against cybercrime.
Lance Cottrell's picture
Even while using Tor hidden services, there are still many ways you can be exposed and have your activities compromised if you don’t take the right precautions.
Wade Williamson's picture
Asking for security backdoors that only benefit the good guys is like asking for bullets that only hurt the bad guys. That’s simply not how encryption works.
David Holmes's picture
In the initial hours after the Paris attacks by Islamic terrorists, when the PlayStation 4 rumor was first circulating, I decided to see exactly what kind of encryption the PS4 uses for its messaging system.
James McFarlin's picture
The overall industry tone of caution around active defenses may be calibrated to defuse the notion rather than taking the argument, buying time for other alternatives to surface.
David Holmes's picture
In 2011, Twitter began encrypting all information between the (mostly) mobile endpoints and their own servers. This made it more difficult for monitoring agencies to determine a mobile user’s Twitter profile, and thereby that user’s follow list. More difficult, but not impossible.
Adam Firestone's picture
The time has come for the technology professions to demonstrate ethical maturity and adopt standards of ethical conduct to which we hold ourselves and our peers accountable.
Wade Williamson's picture
If criminals can’t use or sell stolen data without being caught, then the data quickly becomes worthless. As a result it’s critical to understand what happens to data after a breach.
Eric Knapp's picture
Because transactions using virtual currencies happen anonymously, they confuse issues of jurisdiction and can become difficult to enforce. When authorities do take action, cybercrime simply re-images itself with a new currency and a new platform.