Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Mondoo plans to use the new funding to accelerate development of its cloud-native platform to provide developers with automated risk assessments. [Read More]
The new browser release also includes better web compatibility for privacy protections, and it patches several high-severity vulnerabilities. [Read More]
Different threat group names are a blessing, a necessity, and a curse -‒ and understanding how and why researchers name the different threat groups can help us better understand the overall threat landscape. [Read More]
The initiative aims to establish standardization and consistency across cloud platforms, to protect the interests of cloud services organizations, and ensure human rights standards. [Read More]
Two alleged members of a “prolific” ransomware gang have been arrested in Ukraine. The group has not been named due to operational reasons. [Read More]
Senators have introduced a new bill that would require critical infrastructure organizations to report cyberattacks to CISA, and private entities to report ransomware payments. [Read More]
Mariana Trench is an open-source tool that Facebook's security team has used internally to identify vulnerabilities in Android and Java applications. [Read More]
The newly discovered Tomiris backdoor contains technical artifacts that suggest the possibility of common authorship or shared development practices with the group that executed the SolarWinds supply chain compromise. [Read More]
A Moscow court ordered the co-founder of Group-IB, one of Russia's leading cybersecurity firms, to be detained on charges of treason. [Read More]
Security researchers at Kaspersky have spotted signs of the notorious FinSpy surveillance spyware hijacking -- and replacing -- the Windows UEFI bootloader to perform stealthy infections on target machines. [Read More]
- 1 of 179
- ››
FEATURES, INSIGHTS // Tracking & Law Enforcement
Threat hunting must be non-attributable, while maintaining a clear audit trail to satisfy legal and governance requirements.
Taking down dark web sites may cause headache for both the bad guys and the good guys, but it can also have a profound positive effect on the fight against cybercrime.
Even while using Tor hidden services, there are still many ways you can be exposed and have your activities compromised if you don’t take the right precautions.
Asking for security backdoors that only benefit the good guys is like asking for bullets that only hurt the bad guys. That’s simply not how encryption works.
In the initial hours after the Paris attacks by Islamic terrorists, when the PlayStation 4 rumor was first circulating, I decided to see exactly what kind of encryption the PS4 uses for its messaging system.
The overall industry tone of caution around active defenses may be calibrated to defuse the notion rather than taking the argument, buying time for other alternatives to surface.
In 2011, Twitter began encrypting all information between the (mostly) mobile endpoints and their own servers. This made it more difficult for monitoring agencies to determine a mobile user’s Twitter profile, and thereby that user’s follow list. More difficult, but not impossible.
The time has come for the technology professions to demonstrate ethical maturity and adopt standards of ethical conduct to which we hold ourselves and our peers accountable.
If criminals can’t use or sell stolen data without being caught, then the data quickly becomes worthless. As a result it’s critical to understand what happens to data after a breach.
Because transactions using virtual currencies happen anonymously, they confuse issues of jurisdiction and can become difficult to enforce. When authorities do take action, cybercrime simply re-images itself with a new currency and a new platform.
- 1 of 4
- ››
Get the Daily Briefing
- Google Patches 19 Vulnerabilities in Chrome 95 Browser Refresh
- Investors Bet Big on Attempts to Solve Encryption 'Holy Grail'
- Query.AI Raises $15 Million in Series A Funding Round
- Magnitude EK Expands Arsenal With PuzzleMaker Exploit Chain
- Threat Detection Marketplace SOC Prime Raises $11 Million
- Acer Confirms Breach of Servers in Taiwan
- Zerodium Buying Zero-Day Exploits Targeting VPN Software
- Oracle's October 2021 CPU Includes 419 Security Patches
- Missouri Budget Officials Outline $50M Cost of Data Breach
- How to Spot an Effective Security Practitioner
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy