Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Microsoft patches a vulnerability in Azure Container Instances that could allow access to other customers’ information. [Read More]
Microsoft’s embattled security response unit is scrambling to deal with another zero-day attack hitting users of its flagship Microsoft Office software suite. [Read More]
The German government admitted that its federal police service used controversial Israeli spyware known as Pegasus [Read More]
The social media advertising giant has shared an updated payout guideline for vulnerability hunters to better understand its bounty decisions. [Read More]
Israel’s foreign minister has played down criticism of the country’s regulation of the cyberespionage firm NSO Group but vowed to step up efforts to ensure the company’s controversial spyware doesn’t fall into the wrong hands. [Read More]
The application can be used to monitor someone’s phone use, online activity, and even physical movements, but exposes users to stalkers and abuse, the FTC argues. [Read More]
The two agencies warn of a noticeable increase in ransomware attacks on holidays and weekends, when offices are closed. [Read More]
Bitdefender discovers the financially motivated threat actor FIN8 using a new potent backdoor in its malware arsenal. [Read More]
The University of Toronto's Citizen Lab finds a new iOS zero-click exploit in an iPhone surveillance campaign targeting bloggers, activists and dissidents in Bahrain. [Read More]
A report from ClearSky documents a threat actor has been targeting multiple organizations in Israel using supply chain tools and impersonating known companies. [Read More]

FEATURES, INSIGHTS // Tracking & Law Enforcement

rss icon

Gordon Lawson's picture
Threat hunting must be non-attributable, while maintaining a clear audit trail to satisfy legal and governance requirements.
Idan Aharoni's picture
Taking down dark web sites may cause headache for both the bad guys and the good guys, but it can also have a profound positive effect on the fight against cybercrime.
Lance Cottrell's picture
Even while using Tor hidden services, there are still many ways you can be exposed and have your activities compromised if you don’t take the right precautions.
Wade Williamson's picture
Asking for security backdoors that only benefit the good guys is like asking for bullets that only hurt the bad guys. That’s simply not how encryption works.
David Holmes's picture
In the initial hours after the Paris attacks by Islamic terrorists, when the PlayStation 4 rumor was first circulating, I decided to see exactly what kind of encryption the PS4 uses for its messaging system.
James McFarlin's picture
The overall industry tone of caution around active defenses may be calibrated to defuse the notion rather than taking the argument, buying time for other alternatives to surface.
David Holmes's picture
In 2011, Twitter began encrypting all information between the (mostly) mobile endpoints and their own servers. This made it more difficult for monitoring agencies to determine a mobile user’s Twitter profile, and thereby that user’s follow list. More difficult, but not impossible.
Adam Firestone's picture
The time has come for the technology professions to demonstrate ethical maturity and adopt standards of ethical conduct to which we hold ourselves and our peers accountable.
Wade Williamson's picture
If criminals can’t use or sell stolen data without being caught, then the data quickly becomes worthless. As a result it’s critical to understand what happens to data after a breach.
Eric Knapp's picture
Because transactions using virtual currencies happen anonymously, they confuse issues of jurisdiction and can become difficult to enforce. When authorities do take action, cybercrime simply re-images itself with a new currency and a new platform.