Cybersecurity

VR Porn Company Promises Only Consensual 'Back Door Intrusions' After Researchers Discover Security Hole

Thousands of users’ personal information left exposed by a virtual reality porn app prompted the company to do the only appropriate thing: fix the …

Security

What is Zero Trust? A model for more effective security

The <b>Zero Trust Network</b>, or <b>Zero Trust Architecture</b>, model was created in 2010 by John Kindervag, who at the time was a principal analyst at Forrester …

Security

Pentagon Suggests Countering Devastating Cyberattacks With Nuclear Arms

WASHINGTON — A newly drafted United States nuclear strategy that has been sent to President Trump for approval would permit the use of nuclear weapons to respond to a wide range of devastating but non-nuclear attacks on American infrastructure, including what current and former government officials …

U.S. Politics

Doh!!! The 10 Most Overlooked Security Tasks

Here's a list of gotchas that often slip past overburdened security pros.<p>1 of 11<p><i>Image Source: Shutterstock via VGStockstudio</i><p>Security pros are under …

Information Security

Email security in 2018

The past year has seen a remarkable laundry list of email-based attacks. Phishing, spear-phishing, whaling, business email compromise (BEC), CEO to …

Security

Report: Only 40% of data stored in cloud secured with encryption, key management

Organizations globally lack clear policies around securing data in the cloud, according to Gemalto and the Ponemon Institute.<p>Building a slide deck, …

Security

OnePlus Probing Credit Card Fraud Complaints

If you purchased something from OnePlus’ website over the last few months — perhaps a shiny new OnePlus 5T — you’re going to want to closely monitor …

Mobile

An Ounce of Prevention - How CrowdStrike Fits Into A Balanced Cybersecurity Portfolio

As I continue my series exploring how companies can build effective, balanced cybersecurity portfolios, I continue to come back to the point that companies must accept one simple fact:<p><i>You cannot achieve perfect security. You need a plan for how you respond to threats that risk the most important</i> …

Security

CSCC: 10 steps to ensure security for cloud computing success

The Cloud Standards Customer Council (CSCC) announced version 3 of its Security for Cloud Computing: 10 Steps to Ensure Success. The 10 steps are …

Cloud Computing

NotPetya: From Russian Intelligence, With Love

CIA Reportedly Believes Russian Military Launched Wiper Disguised as Ransomware Mathew J. Schwartz (euroinfosec) • January 16, 2018<p>A new report says …

Security

Hawaii missile alert highlights hacking threat to emergency systems

<i>With help from Cory Bennett, Eric Geller, Martin Matishak and Li Zhou</i><p><b>IT WASN’T HACKERS … THIS TIME —</b> The false incoming missile alert that sent Hawaiians scrambling on Saturday for 38 dramatic minutes illustrates the psychological harm that hackers can wreak by going after the country’s emergency …

Security

11 Ways to Be More Secure and Compliant in 2018

We are in the midst of one of the coldest winters on record here in the Northeast. But the real big privacy and security chill is happening all …

Security

Cloud security is not just the cloud vendor’s responsibility

A lot has been said about the security risks of moving your data or systems to the cloud. Choosing trustworthy cloud vendors, preferably with the …

Security

New Cyberattack on Cryptocurrency Investors Came From North Korea, Report Says

The hacking offensive’s malware is similar to that used in Pyongyang’s attack on Sony Pictures Entertainment and WannaCry ransomware assault, according to cybersecurity researchers.<p>SEOUL—A new hacking offensive against cryptocurrency investors uses malware similar to that deployed in North Korea’s …

North Korea

How coherent is EU cybersecurity policy?

<i>Recent security breaches at major companies and cyber-attacks such as the WannaCry ransomware attack have put cybersecurity firmly on the EU’s</i> …

Security

Gartner Positions Vectra Networks in the Visionaries Quadrant of the Magic Quadrant for Intrusion Detection and Prevention Systems

SAN JOSE, Calif., Jan. 16, 2018 /PRNewswire/ -- Vectra, the leader in automating the hunt for in-progress cyberattacks, today announced that it has been positioned by Gartner, Inc. in the Visionaries quadrant in its 2018 <i>Magic Quadrant for Intrusion Detection and Prevention Systems</i>. The report …

Business Intelligence

Hawaii false alarm is a real warning: Strengthen cybersecurity now

Over the weekend, Hawaii was sent into 38 minutes of complete chaos, as residents and visitors were wrongly led to believe that a ballistic missile …

North Korea

Kaspersky Lab Warns of Extremely Sophisticated Android Spyware Tool

Skygofree appears to have been developed for lawful intercept, offensive surveillance purposes.<p>An Italian IT company has been using spoofed web pages …

Kaspersky Lab

Microsoft's mystifying Meltdown/Spectre patches for AMD processors

I’ve seen a lot of bizarre Microsoft patches-of-patches, but the new patches for AMD processors are in a world of their own. The security-only, …

Microsoft

As Cyber Threats To The Electric Grid Rise, Utilities And Regulators Seek Solutions

The U.S. electric grid is increasingly dependent on the internet for operations, and as a result it is also increasingly susceptible to cyberattacks. It doesn’t take much imagination to see how such attacks might cripple a broad swath of the U.S. economy. When U.S. military planners developed their …

Security

Trust War: Dangerous Trends in Cyber Conflict

In 2007, Idaho National Laboratory conducted a test in which hypothetical hackers opened and closed a diesel generator’s circuit breakers. The video …

Security

U.S. lawmaker asks Intel, others for briefing on chip flaws

WASHINGTON (Reuters) - A Democratic U.S. lawmaker asked Intel Corp and two other microchip makers on Tuesday to provide a briefing on the recently detected Spectre and Meltdown security flaws that could allow hackers to steal information from most computers and devices.<p>"I am looking to better …

Advanced Micro Devices

Dem lawmaker wants briefing on major chip vulnerabilities

A Democratic lawmaker on Tuesday asked major microchip manufacturers whose products are affected by the Spectre and Meltdown vulnerabilities to …

Security

KillDisk wiper malware sets sights on Latin American financial organizations

A new variant of the disk wiping malware KillDisk is targeting financial firms in Latin America to wreak havoc without leaving so much as a …

Wiping

EU names China and Russia as top hackers

The Greece-based EU agency noted in its annual report that cyber criminals out to steal money were the main "threat agent" who were "responsible for …

European News

Why healthcare CISOs need to revamp cybersecurity training

Some may say healthcare chief security information officers have the cards stacked against them. No other industry has the combined data trove, …

Security

Researchers Offer 'a VirusTotal' for ICS

Free online sandbox, honeypot tool simulates a real-world industrial network environment.<p>S4x18 CONFERENCE – Miami – A team of researchers plans to …

Information Security

"Digital Manhattan Project" Needed to Stop Cyberattacks, Experts Say

NEW YORK — The United States needs to wake up to the threat posed by foreign cyberattacks if it wants to maintain its superpower status, two retired …

Security

Home ministry asks states to maintain database of suspects to fight cyber crime

In its advisory, the ministry asked the governments to monitor social media ‘with due emphasis on vernacular content’.<p>The Centre has asked states to …

Lok Sabha

Top 3 Pitfalls of Securing the Decentralized Enterprise

Doubling down on outdated security practices while the number of users leveraging your enterprise network grows is a race to the bottom for …

Security