What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-01-09 13:47:00 | Eliminate the Password, Eliminate the Password Problem. (lien direct) | Weak, stolen or reused passwords are the root of 8 in 10 data breaches. Fixing the data breach problem means abandoning passwords for something more secure. But what does passwordless authentication even look like? Yaser Masoudnia, the Senior Director Product Management, Identity Access Management, at LogMeIn* takes us there. The post Eliminate...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/615424460/0/thesecurityledger -->» | Data Breach | ||
|
2020-01-01 00:31:00 | Episode 172: Securing the Election Supply Chain (lien direct) | In this episode of the podcast (#172), Jennifer Bisceglie, the founder and CEO of Interos to talk about the links between America's voting infrastructure and countries with a history of trying to subvert democracy. The post Episode 172: Securing the Election Supply Chain | |||
|
2019-12-29 15:35:00 | Resolve to fix your Online Security Mess in 2020. Here\'s how. (lien direct) | If you do nothing else in 2020, resolve to clean up the mess that is your online security. We give you some simple steps to level up your password and account security. The post Resolve to fix your Online Security Mess in 2020. Here’s how. | |||
|
2019-12-26 13:53:40 | Spotlight Podcast: Building Resilience into the IoT with Rob Spiger (lien direct) | In this Spotlight edition of the Security Ledger Podcast, sponsored by Trusted Computing Group*: we're joined by Rob Spiger, a principal security strategist at Microsoft and co-chair of the cyber resilient technologies working group at Trusted Computing Group. Rob talks to us about efforts to make more resilient connected devices and how the...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/613920412/0/thesecurityledger -->»
|
|||
|
2019-12-18 13:00:00 | Spotlight Podcast: Beyond HIPAA – a Conversation with Nemours CPO Kevin Haynes (lien direct) | In this Spotlight edition of The Security Ledger podcast, sponsored by RSA Security, the Chief Privacy Officer at Nemours Healthcare, Kevin Haynes, joins us to talk about the fast evolving privacy demands on healthcare firms and how the Chief Privacy Officer role is evolving to address new privacy and security threats.
The post Spotlight Podcast:...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/613323752/0/thesecurityledger -->»
|
|||
|
2019-12-16 17:37:50 | Study finds Chinese Hardware Powers U.S. Voting Machine (lien direct) | A new study by the firm Interos found that many hardware components in a popular touchscreen voting machine used in the U.S. originate in China or Russia. The post Study finds Chinese Hardware Powers U.S. Voting Machine | |||
|
2019-12-11 13:37:00 | Episode 171: Stopping the 21st Century\'s Plumbers – Defending Digital Campaigns from Hackers (lien direct) | In this week's episode of the podcast (#171): as voters go to the polls in the UK and primaries loom here in the U.S., we sit down with Michael Kaiser, the CEO of a new group: Defending Digital Campaigns and Joel Wallenstrom, the CEO of secure collaboration platform Wickr to discuss efforts to extend an information security lifeline to...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/612884222/0/thesecurityledger -->»
|
|||
|
2019-12-09 12:00:00 | Passwordless? Imagining the Future of Authentication (lien direct) | The average employee in the workplace has 191 passwords. Will we ever rid ourselves of them and, if so, how? Gerald Beuchelt, the Chief Information Security Officer at LogMeIn talks about how changes in authentication may deliver a passwordless future. The post Passwordless? Imagining the Future of Authentication | |||
|
2019-12-04 04:26:20 | Episode 170: Cyber Monday is for Hackers (lien direct) | This Cyber Monday may have been the biggest yet - and not just for shoppers and online retailers. Hackers use the year's biggest online shopping day to cover their tracks. Brendon Macareg of Signal Sciences joins us to talk about Cyber Monday and the rising tide of e-commerce hacks.
The post Episode 170: Cyber Monday is for Hackers appeared first...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/610923808/0/thesecurityledger -->»
|
|||
|
2019-11-27 04:16:42 | Episode 169: Ransomware comes to the Enterprise with PureLocker (lien direct) | In this episode of the podcast, sponsored by PureVPN, Michael Kajiloti of the firm Intezer Labs joins us to talk about the origins and makeup of PureLocker, a new family of ransomware designed to target production servers in the enterprise. The post Episode 169: Ransomware comes to the Enterprise with PureLocker | Ransomware | ||
|
2019-11-22 00:07:31 | Spotlight Podcast: Two Decades On, Trusted Computing Group tackles IoT Insecurity (lien direct) | In this spotlight edition of the podcast, sponsored by Trusted Computing Group* Steve Hanna joins us to talk about TCG's 20th anniversary and how the group is tooling up to confront the challenge of securing billions of Internet of Things devices.
The post Spotlight Podcast: Two Decades On, Trusted Computing Group tackles IoT Insecurity appeared...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/609880132/0/thesecurityledger -->»
|
|||
|
2019-11-19 20:04:02 | Suit against Estée Lauder spotlights 401k Distribution Fraud (lien direct) | A former Estée Lauder employee is suing the company after $99,000 in retirement savings disappeared from her account. Experts say the case raises troubling questions about the security of $5.7 trillion stored in 401k retirement plans. The post Suit against Estée Lauder spotlights 401k Distribution Fraud | |||
|
2019-11-19 04:33:01 | (Déjà vu) Episode 168: Application Security Debt is growing. Also: Web App Security in the Age of IoT (lien direct) | In this week's episode of the podcast (#168), sponsored by Signal Sciences, Chris Eng of Veracode joins us to talk about the 10th annual State of Software Security Report and the problem of application security debt. Also, Brendan Macaraeg of Signal Sciences talks about the expanding landscape of web application attacks and defenses.
The post...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/609538720/0/thesecurityledger -->»
|
|||
|
2019-11-19 04:33:01 | Episode 168: Application Security Debt is growing and Securing Web Apps in the Age of IoT (lien direct) | In this week's episode of the podcast (#168), sponsored by Signal Sciences, Chris Eng of Veracode joins us to talk about the 10th annual State of Software Security Report and the problem of application security debt. Also, Brendan Macaraeg of Signal Sciences talks about the expanding landscape of web application attacks and defenses.
The post...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/609538720/0/thesecurityledger -->»
|
|||
|
2019-11-15 20:51:10 | Spotlight Podcast: RSA CTO Zulfikar Ramzan on confronting Digital Transformation\'s Dark Side (lien direct) | In this Spotlight Edition of the podcast we're speaking with RSA Chief Technology Officer Zulfikar Ramzan about how his company is adapting to help its customers confront the dark side of digital transformation initiatives: increased digital risk, including from cloud, artificial intelligence and the Internet of Things.
The post Spotlight...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/609401298/0/thesecurityledger -->»
|
|||
|
2019-11-11 23:11:22 | Episode 167: Made in America? Trade Tensions highlight Supply Chain Risk (lien direct) | In this episode of the podcast (#167): two stories this week - one from Pittsburgh and one from New York - have highlighted anxiety about Chinese made cameras and other security gear deployed in U.S. government agencies and in cities and towns. We're joined by Terry Dunlap the co-founder of ReFirm Labs to talk about why software supply chain risks...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/609165506/0/thesecurityledger -->»
|
|||
|
2019-11-08 02:56:51 | From China with Love: New York Firm sold millions in PRC Surveillance Gear to US Government, Military (lien direct) | A complaint unsealed by the Department of Justice on Thursday alleges a New York firm engineered a years-long scheme to deceive the U.S. government: selling Chinese manufactured cameras and other gear to the U.S. Military, the Department of Energy and other government agencies that it claimed were "Made in the U.S.A". --> | |||
|
2019-11-07 01:26:16 | Episode 166: But Why, AI? ZestAI\'s Quest to make Artificial Intelligence Explainable (lien direct) | In this episode of the podcast (#166): Jay Budzik, the Chief Technology Officer at ZestAI, joins us to talk about that company's push to make artificial intelligence decisions explainable and how his company's technology is helping to root out synthetic identity fraud. -->
|
|||
|
2019-11-01 17:52:55 | Spotlight Podcast: RSA President Rohit Ghai warns Digital Transformation is magnifying Enterprise Risk (lien direct) | In this interview, recorded at the RSA* Charge conference, RSA President Rohit Ghai talks about some of the ways that digital organizations have to adapt to- and address risks introduced by new transformative technologies like machine learning, multi cloud environments and robotics and other "digital transformation" initiatives. -->
|
|||
|
2019-10-31 17:32:57 | IT Preps for Post Quantum Crypto (Whatever That Means) (lien direct) | Practical quantum computing isn't here yet. But a new survey by Digicert suggests that isn't stopping IT pros from prepping for a post-quantum reality...even if they aren't exactly sure what that means. --> | |||
|
2019-10-25 15:08:38 | Episode 165: Oh, Canada! Independent Security Researchers Feel the Chill Up North (lien direct) | n this episode of the podcast (#165), we look at the challenges faced by independent security researchers in Canada. We talk with 19 year-old Noah Clements of University of New Brunswick about the blowback he received after reporting a serious hole in a smart doorbell. Also, staff attorney Tamir Israel from the Canadian Internet Policy and Public...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/608205934/0/thesecurityledger -->»
|
|||
|
2019-10-16 22:22:57 | Spotlight Podcast: Global Audit Finds Small Firms struggle with Password Hygiene (lien direct) | In this Spotlight edition of our podcast sponsored by LastPass* we’re joined by LogMeIn Chief Information Security Officer Gerald Beuchelt to talk about LastPass’s third annual Global Password Security Report, which finds password hygiene improving at large companies, but lagging at smaller firms. To paraphrase the author F. Scott...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/607945602/0/thesecurityledger -->»
|
LastPass | ||
|
2019-10-10 02:06:08 | Episode 164: Who owns the Data Smart Cars collect? Also: making Passwords work. (lien direct) | In this episode of Security Ledger Podcast (#164): your car is spying on you. But who owns the data it collects? Also: LastPass's Dan DeMichele joins us to talk about why password security is still so hard. -->
|
LastPass | ||
|
2019-10-03 22:49:43 | (Déjà vu) Episode 163: Cyber Risk has a Dunning-Kruger Problem also: Bad Password Habits start at Home (lien direct) | In this episode of Security Ledger Podcast (#163) sponsored by LastPass: companies are spending more than ever on cyber security, but feel less secure. Why? Kevin Richards of the insurer Marsh joins us to talk about that company's Cyber Risk Perceptions Survey. Also Yaser Masoudnia of LastPass* joins us to talk about the blurry line between...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/607423780/0/thesecurityledger -->»
|
LastPass | ||
|
2019-10-03 22:49:43 | Episode 163: Cyber Risk has a Dunning-Kruger Problem Also: Bad Password Habits start at Home (lien direct) | In this episode of Security Ledger Podcast (#163) sponsored by LastPass: companies are spending more than ever on cyber security, but feel less secure. Why? Kevin Richards of the insurer Marsh joins us to talk about that company's Cyber Risk Perceptions Survey. Also Yaser Masoudnia of LastPass* joins us to talk about the blurry line between...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/607423780/0/thesecurityledger -->»
|
LastPass | ||
|
2019-09-30 13:02:24 | Explained: Two-Factor vs. Multi-Factor Authentication (lien direct) | It may seem like two-factor authentication and multi-factor authentication are the same. They're not, explains Yaser Masoudnia, the Senior Director of Product Management at LastPass.* --> | LastPass | ||
|
2019-09-26 17:41:33 | Spotlight Podcast: Breaking Bad Password Habits to Fight Advanced Threats (lien direct) | In this Spotlight edition of the Security Ledger podcast, Rachel Stockton of LastPass * joins us to discuss the myriad of challenges facing companies trying to secure users' online activities, and simple solutions for busting insecure user behaviors to address threats like phishing, account takeover and more. -->
|
LastPass | ||
|
2019-09-25 16:32:50 | Episode 162: Have We missed Electric Grid Cyber Attacks for Years? Also: Breaking Bad Security Habits (lien direct) | In this episode of the podcast #162: according to the non profit that oversees it, the first disruptive hack of the U.S. grid happened in March of this year. Our guest, Joe Weiss, said it really happened more than a decade ago and that hundreds more like it have been overlooked or mis-classified. Also: Rachel Stockton of the firm LastPass* joins...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/607155916/0/thesecurityledger -->»
|
Hack | LastPass | |
|
2019-09-20 23:11:21 | RSA warns Digital Transformation is supercharging Digital Risk (lien direct) | “Digital transformation” is the buzz word du jour in industry. But executives at RSA Security warn that it is also magnifying digital risk in ways that are easy to miss. --> | |||
|
2019-09-18 12:00:29 | Spotlight Podcast: Security Automation is (and isn\'t) the Future of Infosec (lien direct) | n this Spotlight Podcast, we speak with David Brumley, the Chief Executive Officer at the security firm ForAllSecure and an expert on the use of machine learning and automation to cyber security problems. We talk about the growing demand for security automation tools and how the chronic cyber security talent shortage in North America and elsewhere...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/606908336/0/thesecurityledger -->»
|
|||
|
2019-09-11 21:00:04 | Spotlight Podcast: Rethinking Your Third Party Cyber Risk Strategy (lien direct) | Third party cyber risk is growing. Despite that, most companies are unprepared to address it in a systematic way. In this Spotlight Podcast, a companion to our new eBook, Rethinking Third Party Cyber Risk Management, we go deep on the topic of building a mature third party cyber risk program with Dave Stapleton the Director of Assessment...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/606703528/0/thesecurityledger -->»
|
|||
|
2019-09-10 13:27:04 | Third Party Cyber Risk is growing. Most Companies aren\'t prepared. (lien direct) | Third party cyber risk is a growing concern for organizations, as breaches and hacks tied to third party providers and applications multiply. How do you know if your third party cyber risk management program is up to the task? Our new e-book, sponsored by CyberGRX, will help you figure it out! --> | |||
|
2019-09-09 12:10:00 | Episode 161: 3 Years after Mirai, IoT DDoS Problem may get Worse (lien direct) | Three years after the Mirai botnet launched some of the biggest denial of service attacks ever seen, DDoS is a bigger problem and ever. Even worse: we stand on the made up of webcams and other Internet of things as technologies like 5G bring greater bandwidth to connected endpoints. In this podcast, we speak with Hardik Modi, the senior director...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/606605902/0/thesecurityledger -->»
|
|||
|
2019-09-04 17:23:02 | Episode 160 Right to Repair\'s Summer of Love – Sort of. (lien direct) | call it Right to Repair's "Summer of Love." Summer 2019 saw developments on a number of fronts in the nation-wide battle to win a digital right to repair. In this podcast, we talk with Nathan Proctor of US PIRG's Right to Repair campaign and Kyle Wiens of iFixit about the developments. -->
|
|||
|
2019-08-29 21:40:02 | Episode 159: Deep Fakes and Election (in)Security with ZeroFOX (lien direct) | In this weeks podcast, we delve into the myriad challenges to election security with Sam Small, the Chief Security Officer at the firm ZeroFOX -->
|
|||
|
2019-08-20 11:11:01 | Episode 158: How NotPetya has Insurers grappling with Systemic Cyber Risk (lien direct) | We talk to Bruce McDonnell of the East West Institute about how insurers are responding. -->
|
NotPetya | ||
|
2019-08-17 02:47:03 | Episode 157: Do we need an FDA for Software? Also: operationalizing Threat Intelligence (lien direct) | Sarah Zatko of the Cyber Independent Testing Lab joins us to talk about CITL's big new study of firmware security. In our second segment, we're joined by Allan Thomson who is the Chief Technology Officer at LookingGlass Cyber Solutions to talk about the growing use of cyber threat intelligence and the need to evolve cybersecurity practices to...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/606605918/0/thesecurityledger -->»
|
Threat | ||
|
2019-08-14 13:17:04 | Huge Survey of Firmware Finds No Security Gains in 15 Years (lien direct) | A survey of more than 6,000 firmware images spanning more than a decade finds no improvement in firmware security and lax security standards for the software running connected devices by Linksys, NETGEAR and other major vendors. --> | |||
|
2019-08-11 17:37:05 | Digital Right to Repair Movement seeks Allies at DEF CON (lien direct) | A grass roots movement to win a legal right to repair digital devices arrived at DEF CON in Las Vegas on Saturday with a message for an estimated 30,000 attendees: 'fight for repair.' --> | |||
|
2019-08-07 19:32:01 | Spotlight Podcast: Unpacking Black Hat Hacks with Digicert CTO Dan Timpson (lien direct) | In this Spotlight Podcast, we broadcast from the Black Hat Briefings in Las Vegas Nevada. Dan Timpson, the Chief Technology Officer at DigiCert joins us to talk about some of the high profile hacks at this week's "hacker summer camp" and the common weaknesses and security lapses that are common to all of them. -->
|
|||
|
2019-08-06 14:28:02 | Episode 156: Looming over Black Hat: doing Security at Massive Scale (lien direct) | In this episode of the Security Ledger Podcast (#156), we're joined by Michael Coates, the former Chief Information Security Officer at Twitter and the CEO and co-founder of Altitude Networks.* With "hacker summer camp" kicking off in Las Vegas, Michael and I talk about the pre-eminent challenge for the information security industry: how to do...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/606605930/0/thesecurityledger -->»
|
|||
|
2019-08-01 23:13:05 | Episode 155: Disinformation is a Cyber Weapon and APTs warm to Mobile Malware (lien direct) | In this week's episode of the Podcast (#155): Jerome Segura of Malwarebytes joins us to talk about how disinformation campaigns and cyber crime are part of the same toxic cocktail in the world's trouble spots, like Ukraine. Also: Adam Meyers of CrowdStrike joins us to talk about that company's first ever report on mobile malware, which is...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/606605934/0/thesecurityledger -->»
|
Malware | ||
|
2019-07-29 15:00:03 | Critical Flaws in VxWorks affect Billions of Connected Things (lien direct) | Serious and exploitable security flaws in VxWorks, a commonly used operating system for embedded devices, span 13 years and could leave billions of connected devices vulnerable to remote cyber attacks and hacks. The security firm Armis on Monday published a warning about 11 critical, zero day vulnerabilities in the VxWorks operating system, which...Read the whole entry... _!fbztxtlnk!_ -->» | |||
|
2019-07-24 21:10:04 | Spotlight Podcast: To Fix Remote Access, CyberArk Alero Ditches Passwords and VPNs (lien direct) | In this Spotlight edition of The Security Ledger Podcast, sponsored by CyberArk*, we interview serial entrepreneur Gil Rapaport about his latest creation: Alero, a new remote authentication tool that promises to fix remote vendor access by doing away with passwords...and agents...and VPNs. If that sounds like a tall order, check out our podcast to...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/604847200/0/thesecurityledger -->»
|
Tool | ||
|
2019-07-24 02:18:04 | Episode 154: Richard Clarke on Defending the Fifth Domain (lien direct) | The Pentagon calls cyberspace "the fifth domain" of conflict. But what does that mean? And how do you defend a human-made space that's everywhere and nowhere? In this episode of the podcast, Richard Clarke joins us to discuss his new book, The Fifth Domain: Defending Our Country, Our Companies, and Ourselves in the Age of Cyber Threats.
The post...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/604812592/0/thesecurityledger -->»
|
|||
|
2019-07-22 16:19:00 | Researcher warns DevOps Security is Back to the Future (lien direct) | The deployment of DevOps tools and platforms at many organizations recalls the bad old days of the 1990s, with lax control of authentication, loose configuration and scant attention to security, experts warn. The post Researcher warns DevOps Security is Back to the Future | |||
|
2019-07-18 14:35:00 | Robot Account Apocalypse: RPA Risk Exploding with Adoption (lien direct) | Robotic Process Automation is taking over mundane tasks in the workplace. But those bots may pose a serious security risk, according to researchers from the firm CyberArk. Robotic Process Automation (RPA) may be the Holy Grail for enterprises these days, but all those bots pose a serious risk to enterprise security, according to research by the...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/604614670/0/thesecurityledger -->» | |||
|
2019-07-15 14:55:01 | Opinion: We need a way to talk about Cyber Physical Risk (lien direct) | Last week’s warnings about serious, remote access flaws affecting GE anesthesiology machines underscore a major gap in our understanding of cyber risk. Namely: we don’t have a good way to measure security flaws that carry cyber physical risk. Join me in considering warnings about two, recent software vulnerabilities. The first,...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/604488482/0/thesecurityledger -->» | |||
|
2019-07-12 21:24:02 | Episode 153: Hacking Anesthesia Machines and Mayors say No to Ransoms (lien direct) | In this week's podcast episode (#153): The researcher who discovered serious remote access security flaws in anesthesia machines by GE says such security holes are common. Also: the US Conference of Mayors voted unanimously to swear off paying ransoms for cyber attacks. But is that a smart idea? We're joined by Andrew Dolan of the Multi State...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/604390430/0/thesecurityledger -->»
|
|||
|
2019-07-10 21:05:02 | Breathe Deeply: DHS warns of Flaw in Hospital Anesthesia Machines (lien direct) | GE learned of a serious vulnerability affecting two brands of anesthesia machines in October. The company on Tuesday advised customers to take steps to protect them from being remotely tampered with. The post Breathe Deeply: DHS warns of Flaw in Hospital Anesthesia Machines | Vulnerability |
To see everything:
Our RSS (filtrered)
