Security news that informs and inspires

All Articles

2376 articles:

Inside the Development of Netflix Stethoscope

Netflix developed an open-source native app called Stethoscope that is designed to make security configurations simpler and less intrusive.

Sso

Severity of FaceTime Bug Depends on Threat Model

Apple is fixing the FaceTime bug, so it is clearly serious. But how bad it will impact users depend on their personal threat models.

Privacy, Vulnerability, Apple, Ios

The Value of Valuing Data and Privacy

To help people understand the scope of the data breach and privacy problem, researchers are beginning to look at it through the lens of economics.

Privacy, Data Breaches

Better Hardware Security Through Automation

A team at the University of North Carolina has developed a tool called Coppelia that can automatically find and build exploits for flaws in hardware designs.

Hardware

Police Shut Down xDedic Marketplace for Hacked Servers

European law enforcement and the US Department of Justice took the xDedic marketplace, a hotspot for cybercriminals on the dark web, sells access to compromised RDP servers belonging to universities, governments, and private enterprises, offline as part of a joint operation.

Hackers, Government

Decipher Podcast: David Scott Lewis

Dennis Fisher speaks with David Scott Lewis, the model for the David Lightman character in the classic movie WarGames.

Podcast

DNS Hijacking Campaign Targets Government During Shutdown

The Cybersecurity and Infrastructure Security Agency has issued an emergency directive about an ongoing DNS hijacking campaign against federal agencies.

Government

Microsoft Exchange Users Get Admin Rights in Privilege Escalation Attack

A privilege escalation attack that is the combination of known issues and weaknesses with Microsoft Exchange will let users become Domain Administrators. No compromised credentials required.

Microsoft, Security Research, Least Privilege

Deciphering The Net

The Net is a classic '90s movie that gets a lot of technology right and predicts much of what's happened since.

Podcast, Hacker Movies

Tackling Twitter Bots With Biometrics

Twitter CEO Jack Dorsey said using biometrics on mobile devices could help weed out some of the bots on the platform.

Twitter, Authentication

Flaw in APT Utility Allows Malicious Package Installation

A vulnerability in the APT package manager in Debian and Ubuntu allows an attacker to install malicious packages in some circumstances.

Linux

France CNIL Fines Google, Forced Consent Violates GDPR

GDPR told companies that regulators would be reviewing their data collection and usage practices, and if they don't like what they find, the fines are coming. France is taking the first step against Google.

GDPR, Privacy

Criminals Stole SEC Filings in Insider Trading Scheme

The Securities and Exchange Commission’s civil complaint outlining the details of an international insider trading scheme is an object lesson in how cybercriminals can monetize _any_ information, not just customer records or intellectual property.

Data Breaches, Finance Security, Insiders

When Privacy Goes to Washington

A new bill by Sen. Marco Rubio and a push for regulation of data brokers by Apple's Tim Cook has put privacy up front during the government shutdown.

Privacy, Apple, Government

Decipher Podcast: Nate Cardozo

Dennis Fisher talks with Nate Cardozo of the EFF about the UK's proposal to add an invisible third party to encrypted communications.

Podcast