All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2376 articles:

Security Basics Prove Highly Effective at Stopping Account Takeovers

New Google research on account takeovers found that basic account hygiene can defeat the vast majority of attacks.

Social Engineering, 2fa

Stack Overflow Updates Breach Advisory With More Details

Kudos to Stack Overflow, for promptly notifying users as soon as it identified a breach and posting an update with more details as it learns them.

Data Breaches, Incident Response

Code Repository Companies Pledge to Share Attack Data

Atlassian, GitHub, and GitLab pledged to continue the information sharing relationship they started while investigating the origins of the recent ransomware incident which affected BitBucket, GitHub, and GitLab users.

Data Breaches, Information Sharing

Attackers Are Hiding By Tampering With Encrypted Web Traffic

Attackers are increasing their use of "cipher stunting," a technique that randomizes their SSL/TLS signatures, to obscure the malicious web traffic and make it harder to detect.

TLS, Bot

Google Warns of Flaw in Some Titan Security Keys

A weakness in the Bluetooth pairing protocol in some Titan keys can leave them open to hijacking.

Google, 2fa

Decipher Podcast: Daniel Gruss

Dennis Fisher talks with Daniel Gruss of TU Graz about the Zombiload attack on Intel processors.

Podcast

Intel, Tech Giants Release Updates to Fix New Chip Flaws

Like the earlier Meltdown and Spectre class of bugs, the new side-channel attacks ZombieLoad, RIDL, and Fallout take advantage of weaknesses in the processor's speculative execution feature to harvest secrets from system memory.

Hardware, Vulnerability

Microsoft Patches Legacy Windows to Prevent Worms

End-of-life doesn’t mean no longer a threat. Microsoft decided to release security updates for no longer supported Windows 2003 and Windows XP systems to fix a bug that could be exploited by a worm.

Microsoft, Patch, Windows

WhatsApp Flaw Used in Targeted, Not Widespread, Attacks

A WhatsApp vulnerability has reportedly been used in highly targeted attacks to install spyware on victims' phones.

Whatsapp, Privacy

Decipher Podcast: Alex Pinto

Alex Pinto from Verizon Enterprise joins Dennis Fisher to break down the 2019 Data Breach Investigations Report.

Podcast

Digging Deep into the Verizon DBIR

The Verizon Data Breach Investigations Report isn’t just full of interesting data breach statistics; it also offers enterprise defenders valuable insights on the kind of real-world threats they should be worrying about.

Data Breaches

Deciphering Swordfish and Three Days of the Condor

Dennis Fisher, Zoe Lindsey, and Pete Baker wade into the jumbled mess of Swordfish and then emerge into the sunlight of Three Days of the Condor.

Podcast, Hacker Movies

FTC Pushes For Federal Privacy Law

The FTC is urging Congress to pass a broad federal privacy and security law--and allow the commission to be the enforcement authority for it.

Privacy

Google Wants to Change How Cookies Are Used

Google I/O is a good place to announce a whole lot of new privacy features “coming soon." It is also a good place to bury plans to change how Google will handle HTTP cookies in Chrome.

Internet, Google Chrome, Web Developers

FIN7 Attackers Still in the Water

The FIN7 attack group is still alive and well, despite arrests of some alleged members and intense attention from researchers and law enforcement.

Malware