What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-03-06 22:04:02 | For Customers, Backstory\'s Lure is Data, Economics (lien direct) | Google spin-out Chronicle's new security intelligence service, Backstory, appeals to companies drowning in operational data and desperate for security insights, according to the companies who are using the platform. The post For Customers, Backstory’s Lure is Data, Economics | |||
|
2019-03-06 18:01:05 | Devices\' UPnP Service Emerges as Key Threat to Home IoT Networks (lien direct) | Home connected device users are putting their IoT networks at risk by leaving exposed a common service devices use to seamlessly connect and communicate with each other, according to cybersecurity firm Trend Micro. Hackers recently have been found to exploit the Universal Plug and Play (UPnP) service of poorly configured routers and home...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/599247230/0/thesecurityledger -->» | Threat | ||
|
2019-03-04 22:52:04 | (Déjà vu) Podcast Episode 136: The Geopolitics of Cyber Attacks with LookingGlass and Bruce Schneier on Public Interest Cyber (lien direct) | How will the collapse of the North Korean summit affect that country’s malicious activity online? LookingGlass* joins us to discuss. Also: how to attract more technologists to public interest work. Note: this week's podcast episode (#136) is sponsored by the firm LookingGlass Cyber Solutions. President Trump has been courting North Korea,...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/599194714/0/thesecurityledger -->»
|
|||
|
2019-03-04 22:52:04 | (Déjà vu) Podcast Episode 136: Cyber in the Public Interest at RSA and the Geopolitics of Cyber Attacks with LookingGlass (lien direct) | How will the collapse of the North Korean summit affect that country’s malicious activity online? LookingGlass* joins us to discuss. Also: how to attract more technologists to public interest work. Note: this week's podcast episode (#136) is sponsored by the firm LookingGlass Cyber Solutions. President Trump has been courting North Korea,...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/599194714/0/thesecurityledger -->»
|
|||
|
2019-03-04 03:34:04 | At RSA: Focus on Cyber in the Public Interest (lien direct) | Congress, non profits and government agencies could all use technology and cyber security expertise. The RSA Conference is pondering what it will take to foster cyber security pros to work in the public interest. The post At RSA: Focus on Cyber in the Public Interest | ★★★★★ | ||
|
2019-03-03 16:38:03 | Following Security Ledger at RSA Conference: Monday (lien direct) | The Security Ledger will be in San Francisco for the 28th RSA Security Conference this week. Check us out if you're at the show or follow us on social media @securityledger or via the #SLRSA hash tag. I'll be tweeting and sharing images (and video?) from the show floor. The post Following Security Ledger at RSA Conference: Monday appeared first on...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/599144068/0/thesecurityledger -->» | ★★ | ||
|
2019-02-28 17:41:03 | Research: Sextortion Scams more frequent, sophisticated (lien direct) | So-called "sextortion" attacks are a growing threat, replacing other e-mail borne threats like spam, ransomware and business e-mail compromise attacks as they increase in sophistication and scope, a new report finds. The post Research: Sextortion Scams more frequent, sophisticated | Ransomware | ||
|
2019-02-27 18:40:03 | Spotlight: Synopsys on democratizing Secure Software Development (lien direct) | We speak with Ravi Iyer, the Head of Product Management talks to us about the "democratization" of software development, as more and more companies become software publishers. Ravi and I talk about Polaris, a new software integrity platform that integrates a wide range of software testing and analysis tools into a common platform.
The post ...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/599007924/0/thesecurityledger -->»
|
|||
|
2019-02-26 18:35:05 | Podcast Episode 135: The Future of Passwords with Google Account Security Chief Guemmy Kim (lien direct) | In this week's episode (#135): we continue our series on the future of Passwords as we are joined by Guemmy Kim, a group product manager at Google in charge of that company's account security initiatives. The post Podcast Episode 135: The Future of Passwords with Google Account Security Chief Guemmy Kim | ★★★ | ||
|
2019-02-22 20:46:04 | EU calls for End to Default Passwords on Internet of Things (lien direct) | A group representing European telecommunications firms last week published technical specifications for securing a wide range of consumer Internet of Things devices including toys, smart cameras and wearable health trackers. The post EU calls for End to Default Passwords on Internet of Things | |||
|
2019-02-19 13:23:05 | Podcast Episode 134: The Deep Fake Threat to Authentication and analyzing the PEAR Compromise (lien direct) | Vijay Balasubramaniyan of Pindrop joins us to talk about it. And, in our second segment, Sam Bisbee the CSO of the firm ThreatStack joins us to talk about last month's hack of the PEAR open source package manager and why data deserialization attacks are a growing threat to projects that use open source components.
The post Podcast Episode 134:...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/598068876/0/thesecurityledger -->»
|
Hack Threat | ||
|
2019-02-14 15:44:03 | Waiting for Federal Data Privacy Reform? Don\'t Hold Your Breath. (lien direct) | Despite a litany of high-profile data breaches, federal action on data privacy is unlikely to go anywhere in 2019 as partisanship and lack of technology literacy complicate Congressional action. The post Waiting for Federal Data Privacy Reform? Don’t Hold Your Breath. | |||
|
2019-02-13 03:41:01 | Podcast Episode 133: Quantum Computing\'s Security Challenge and Life After Passwords (lien direct) | The arrival of functional quantum computers may be closer than you think. I'm joined by Avesta Hojjati, Head of DigiCert Labs and Brian LaMacchia, Distinguished Engineer and Head of the Security and Cryptography Group at Microsoft Research to talk about coming quantum revolution and what it means for security.
The post Podcast Episode 133:...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/596898040/0/thesecurityledger -->»
|
|||
|
2019-02-11 13:28:04 | In Granite State: Industry Groups Paint Dark Picture of Right to Repair (lien direct) | The battle lines were drawn at a hearing in New Hampshire last week for a proposed right to repair law, with supporters calling for economic justice for consumers and opponents warning of crime and injury should the law pass. The post In Granite State: Industry Groups Paint Dark Picture of Right to Repair | ★★ | ||
|
2019-02-08 15:17:01 | Four Signs You\'re Ready for a Virtual CISO (lien direct) | A virtual Chief Information Security Officer (or vCISO) can be a great resource to a company. But how do you know when your company is ready for one? Rob Black of Fractional CISO shares four telltale signs to watch for. The post Four Signs You’re Ready for a Virtual CISO | |||
|
2019-02-07 14:25:02 | Government, Private Sector Unprepared for 21st Century Cyber Warfare (lien direct) | U.S. government agencies and businesses are largely unprepared for a major cyber attack from state-sponsored actors, and must prepare now, according to a report by key governmental-focused think tanks. The post Government, Private Sector Unprepared for 21st Century Cyber Warfare | |||
|
2019-02-06 14:26:00 | ExileRAT Malware Targets Tibetan Exile Government (lien direct) | Researchers have discovered a new cyber-espionage campaign targeting the organization representing the exiled Tibetan government. The post ExileRAT Malware Targets Tibetan Exile Government | Malware | ||
|
2019-02-06 04:24:01 | Podcast Episode 132: NERC issues a Big Fine – does it matter? (lien direct) | In this week's episode of the podcast (#132): in the wake of news of the biggest fine yet for violations of the NERC Critical Infrastructure Protection (CIP) standard, we talk with Willy Leichter and Saurabh Sharma of the firm Virsec about whether the industry’s main security standard even matters in an age of sophisticated, nation-backed...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/595814213/0/thesecurityledger -->»
|
|||
|
2019-02-05 14:35:00 | Testimony: There\'s No Internet of Things Risk in Repair (lien direct) | A proposed right to repair law in New Hampshire won't make the Internet of Things one iota less secure. It will benefit consumers and the planet by extending the useful life of a wide range of connected devices, while making it easier to keep them secure throughout their useful life. The post Testimony: There’s No Internet of Things Risk in...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/596570864/0/thesecurityledger -->» | |||
|
2019-02-04 14:25:02 | Russian Cyber Criminal Named as Source of Massive Collection 1 Data Dump (lien direct) | A Russian cyber criminal going by the name of "C0rpz" is believed to be the source of a massive trove of over one billion online credentials known as "Collection 1," the firm Recorded Future reports. The post Russian Cyber Criminal Named as Source of Massive Collection 1 Data Dump | ★★★ | ||
|
2019-02-01 19:36:02 | (Déjà vu) Updated: Secrecy Reigns as NERC Fines Utilities $10M citing Serious Cyber Risks (lien direct) | The North American Electric Reliability Corp. (NERC) imposed its stiffest fine to date for violations of Critical Infrastructure Protection (CIP) regulations, citing scores of violations. But who violated the standards and much of what the agency found remains secret. The post Updated: Secrecy Reigns as NERC Fines Utilities $10M citing Serious...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/595177218/0/thesecurityledger -->» | |||
|
2019-02-01 19:36:02 | (Déjà vu) Secrecy Reigns as NERC Fines Utilities $10M citing Serious Cyber Risks (lien direct) | The North American Electric Reliability Corp. (NERC) imposed its stiffest fine to date for violations of Critical Infrastructure Protection (CIP) regulations, citing scores of violations. But who violated the standards and much of what the agency found remains secret. The post Secrecy Reigns as NERC Fines Utilities $10M citing Serious Cyber...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/595177218/0/thesecurityledger -->» | |||
|
2019-01-31 17:59:01 | Four More Collections, 700 Million Stolen Passwords Discovered (lien direct) | Researchers say that four more collections of stolen passwords contain more than 2 billion records and hundreds of millions of unique passwords, according to reports. The post Four More Collections, 700 Million Stolen Passwords Discovered | |||
|
2019-01-29 23:26:03 | Podcast Episode 131: suing Yahoo! Executives…and winning (lien direct) | In this week's episode (#131): a shareholder lawsuit targeting Yahoo! executives was settled quietly. But it could have big implications for the C-Suite at breached firms. Also: as the US pursues criminal charges against Huawei for corporate espionage, we look at one of the federal government's most potent tools to stop the transfer of...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/594686064/0/thesecurityledger -->»
|
Yahoo | ||
|
2019-01-29 13:08:01 | DoJ Charges Huawei Execs in Broad Indictment Spanning 10 Years of Criminal Activity (lien direct) | The Department of Justice (DoJ) filed broad charges against Chinese telecom giant Huawei Technologies Co. Ltd. and its CFO Wanzhou Meng for allegedly stealing trade secrets from U.S. mobile firm T-Mobile and deceiving U.S. stakeholders about its business activity in Iran, among a number of other fraud and conspiracy activities over a 10-year...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/594764824/0/thesecurityledger -->» | |||
|
2019-01-28 11:00:04 | (Déjà vu) Tread Lightly with Threat Intel Add-Ons (lien direct) | Like leather upholstery for your new car, add-ons to your threat intelligence service are hard to resist. But Chris Camacho of Flashpoint* says “buyer beware:” threat intel add-ons may be more trouble than they’re worth. If you've ever shopped for a new car, you're likely familiar with the dizzying number of add-on...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/594410666/0/thesecurityledger -->» | Threat | ||
|
2019-01-28 11:00:04 | (Déjà vu) Buyer Beware: Not All Threat Intel Add-Ons are Equal (lien direct) | Like leather upholstery for your new car, add-ons to your threat intelligence service are hard to resist. But Chris Camacho of Flashpoint* says “buyer beware:” threat intel add-ons may be more trouble than they’re worth. If you've ever shopped for a new car, you're likely familiar with the dizzying number of add-on...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/594410666/0/thesecurityledger -->» | Threat | ||
|
2019-01-25 22:09:02 | Facebook opens up on System that \'protects Billions\' (lien direct) | Facebook used a blog post on Friday to describe, in detail, the systems that it uses to secure its vast social network, including custom designed tools and so-called "red team" hacks. The post Facebook opens up on System that ‘protects Billions’ | |||
|
2019-01-24 08:00:01 | Report: IoT Still Wildly Insecure as New \'Credential Compromise\' Threat Emerges (lien direct) | The new year isn't bringing good news about Internet of Things security, as a new report sheds light on a flaw that allows bad actors to take unauthorized control of applications used by the IoT devices. The post Report: IoT Still Wildly Insecure as New ‘Credential Compromise’ Threat Emerges | Threat | ||
|
2019-01-22 18:18:05 | Podcast Episode 130: Troy Hunt on Collection 1 and Tailit\'s Tale of IoT Security Redemption (lien direct) | In this week's episode (#130): we speak with security researcher Troy Hunt, founder of HaveIBeenPwned.com about his latest disclosure: a trove of more than 700 million online account credentials he’s calling “Collection #1.” Also we speak to Martin Hagen of the Norwegian device firm Tailit about how failing a security audit of...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/593528532/0/thesecurityledger -->»
|
|||
|
2019-01-22 13:52:02 | LinkedIn Says Glitch, Not FSB, to Blame for Russian Job Postings (lien direct) | LinkedIn Wednesday blamed an issue with its job ingestion tool–not Russian hackers or an online scam–as the reason the business social network was erroneously posting jobs located in Russia for a number of U.S.-based companies. The custom software tool that pulls in jobs from third-party websites onto LinkedIn’s site failed to...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/593867780/0/thesecurityledger -->» | Tool | ||
|
2019-01-16 20:41:01 | Report: Iranian APT Actors Regroup After Main Security Forum Shuts Down (lien direct) | Iranian state-sponsored hackers are regrouping after the shutdown last year of their main security forum, migrating to other forums and making new connections for potential cyber-response against mounting political pressures from the United States and Europe, according to a new report. The post Report: Iranian APT Actors Regroup After Main...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/592439062/0/thesecurityledger -->» | |||
|
2019-01-16 01:32:03 | Podcast Episode 129: Repair Eye on the CES Guy and Sensor Insecurity (lien direct) | In this week's podcast: For all the great new gadgets unveiled in Las Vegas, how many can be repaired? Kyle Wiens of iFixit joins us to report from the CES show. Also: more and more our physical surroundings are populated by small, wireless sensors. How secure are they from hacking and manipulation? Not very says our second guest, Roi Mit of...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/592283864/0/thesecurityledger -->»
|
|||
|
2019-01-11 16:14:02 | That Other Moscow: Sketchy LinkedIn Job Posts Mix US, Russian Locales (lien direct) | Bogus LinkedIn job postings for leading US organizations, including the US Army, the State of Florida and defense contractor General Dynamics, are popping up for Russian locales like St. Petersburg and Moscow, the firm Evolver has found. Is it AI-Gone-Wild, or is something more nefarious afoot? Moscow, on the border between Idaho and Washington...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/591659398/0/thesecurityledger -->» | Guideline | ||
|
2019-01-08 13:54:04 | (Déjà vu) Podcast Episode 128: Do Security and Privacy have a Booth at CES? (lien direct) | In this episode of The Security Ledger podcast (#128): you're going to hear a lot from the annual Consumer Electronics Show (CES) out in Las Vegas this week, but are any of the new gadgets being released secure? And do security and privacy have a seat at the table at the world's largest electronics event? We sit down with IoT luminary and...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/591108026/0/thesecurityledger -->»
|
|||
|
2019-01-08 13:54:04 | (Déjà vu) Podcast Episode 128: CES is cool but is it secure? (lien direct) | In this episode of The Security Ledger podcast (#128): you're going to hear a lot from the annual Consumer Electronics Show (CES) out in Las Vegas this week, but are any of the new gadgets being released secure? And do security and privacy have a seat at the table at the world's largest electronics event? We sit down with IoT luminary and...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/591108026/0/thesecurityledger -->»
|
|||
|
2019-01-07 17:47:00 | More Questions as Expert Recreates Chinese Super Micro Hardware Hack (lien direct) | Though the companies named in a blockbuster Bloomberg story have denied that China hacked into Supermicro hardware that shipped to Amazon, Apple and nearly 30 other firms, a recent demonstration at hacking conference in Germany proves the plausibility of the alleged hack. The post More Questions as Expert Recreates Chinese Super Micro Hardware...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/590964640/0/thesecurityledger -->» | Hack | ||
|
2019-01-04 03:09:00 | Sensor-y Overload: Cyber Risk and the Merrimack Valley Gas Explosions (lien direct) | Let's be clear: the natural gas explosions that rocked the Merrimack Valley north of Boston in September weren't the result of a cyber attack. Unfortunately: well known vulnerabilities affecting the security of remote sensors and industrial control system software mean they easily could have been. The post Sensor-y Overload: Cyber Risk and the...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/590454606/0/thesecurityledger -->» | |||
|
2019-01-02 14:47:05 | Abine says Blur Password Manager User Information Exposed (lien direct) | Customers who use the Blur secure password manager by Abine may have had sensitive information leaked, according to a statement by Abine, the company that makes the product. The post Abine says Blur Password Manager User Information Exposed | |||
|
2018-12-31 14:08:02 | Podcast Episode 127: Donnie, Talk to China and Other Lessons from 2018 (lien direct) | In this week's podcast: as 2018 winds down, we invited David Aitel, the Chief Security Technical Officer at Cyxtera Technologies, to talk about the biggest stories of the year, including the supply chain attack on Super Micro, China's continued attacks on western firms, U.S. indictments of Russian and Chinese hackers and what 2019 may have in...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/589920892/0/thesecurityledger -->»
|
|||
|
2018-12-25 22:57:04 | Die Hard is a Movie About Building Automation Insecurity. Discuss. (lien direct) | In this episode of the Security Ledger Podcast (#126): Die Hard has finally been embraced as the bloody, violent, feel-good Christmas movie its always been. But the film, which turns 30 this year, is about more than the power of ordinary guys to stand up to evil. Did you know it's also a (very) early warning about the dire insecurity of building...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/589211526/0/thesecurityledger -->»
|
|||
|
2018-12-20 21:21:05 | \'Alexa, Protect My Data\': Amazon Sends Private Voice Files to Unauthorized Customer (lien direct) | Amazon accidentally sent 1,700 private voice files to an unauthorized customer in Germany in response to a request for personal data. The data allowed a German magazine to identify and track down the person whose voice was recorded on the files, according to a published report. The post ‘Alexa, Protect My Data’: Amazon Sends Private...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/588497706/0/thesecurityledger -->» | |||
|
2018-12-20 13:18:04 | Facebook: We Didn\'t Give Anyone Data Without User Permission (lien direct) | Facebook's terrible, horrible, no good, very bad year continued, with the social media company on the defense yet again over partnerships that granted high-tech companies extensive access to user data. The post Facebook: We Didn’t Give Anyone Data Without User Permission | |||
|
2018-12-19 23:47:01 | Spotlight: as Attacks Mount, how to secure the Industrial Internet (lien direct) | In this spotlight edition* of The Security Ledger Podcast, Steve Hanna of Infineon joins us to talk about the growing risk of cyber attacks on industrial systems and critical infrastructure. "Industry 4.0" is poised to transform the global economy, Hanna said, but not if the issue of cyber risk can't be managed. We talk about how that might be...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/588302750/0/thesecurityledger -->»
|
|||
|
2018-12-18 22:30:00 | Podcast Episode 125: Long After The Election Kremlin\'s Computational Propaganda Campaign Rolls On (lien direct) | Priscilla Moriuchi of Recorded Future joins us once again in the Security Ledger studios to talk about the findings of two major reports released this week on Russia's online campaigns and how disinformation operations by foreign governments may be the "new normal."
The post Podcast Episode 125: Long After The Election Kremlin’s...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/588120752/0/thesecurityledger -->»
|
|||
|
2018-12-13 21:56:03 | Destructive Shamoon Malware Attacks Italian Oil Services Firm (lien direct) | The data-wiping Shamoon malware resurfaced this week at Italian oil and gas contractor Saipem, where it destroyed files on about 10 percent of company PCs, according to a published report. The attacks may be linked to Saipem's work with Saudi Aramco, a target of earlier Shamoon attacks. The post Destructive Shamoon Malware Attacks Italian Oil...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/585881192/0/thesecurityledger -->» | Malware | ||
|
2018-12-12 12:55:05 | Criminals, Not State Actors, Target Russian Oil Company in 3-Year Cyber Attack (lien direct) | Security researchers have uncovered a three-year cyber attack on a Russian oil company that appeared at first glance to be state-sponsored, but later was found to be the work of cyber criminals seeking financial gain. The discovery is a cautionary tale for security experts not to be too rash when when drawing conclusions about high-profile cyber...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/585125518/0/thesecurityledger -->» | |||
|
2018-12-11 21:28:05 | Episode 124: The Twitter Accounts Pushing French Protests. Also: social engineering the Software Supply Chain (lien direct) | In this week's podcast (#124): we speak with French security researcher Baptiste Robert about research on the social media accounts pushing the french "Yellow Vest" protests. Surprise, surprise: they're not french. Also: Brian Fox of the firm Sonatype joins us to talk about the recent compromise of the Github event-stream project and why...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/584966896/0/thesecurityledger -->»
|
|||
|
2018-12-11 13:23:00 | Is 2019 Privacy Rights\' Break Out Year? (lien direct) | Whatever else it may bring, 2019 will be a breakout year for online privacy, as the EU's GDPR takes root and legislation in other nations follow suit. But not everyone is on board with the new privacy regime. Who will be the privacy leaders and laggards in the New Year? The post Is 2019 Privacy Rights’ Break Out Year? | Guideline | ||
|
2018-12-06 20:31:03 | Days After Massive Breach, Marriott Customers Await Details (lien direct) | Nearly a week after Marriott disclosed a massive breach of its Starwood reservation system, customers complain that the company has not communicated with them to tell them whether they are affected. Marriott says it is sending “rolling” emails to hundreds of millions of victims. An estimated 500 million Marriott International customers...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/584089704/0/thesecurityledger -->» |
To see everything:
Our RSS (filtrered)
