Security news that informs and inspires

All Articles

2376 articles:

New Adobe Flash Bug Draws Attackers’ Attention

A freshly patched Flash vulnerability is being exploited by attackers targeting users in the Middle East.

Adobe

VPNFilter Malware Now Exploiting Endpoints, Not Just Routers

The VPNFilter malware has the ability to compromise endpoints and routers both and destroy data on infected devices.

Malware

Why Facebook Shared Data with Device Makers

The latest brouhaha over Facebook's data-sharing practices highlights how critical APIs have become to modern development, and how important it is to restrict how much data can be accessed through these interfaces.

Privacy, API, Facebook

iOS 12 Goes Hard on Password Security

Apple is adding a slew of new password-security features in iOS 12 to help users avoid using weak or duplicate credentials.

Apple, Passwords

Wyden Pushes FCC For Answers on SS7 Security

Sen. Ron Wyden wants answers from the FCC on cellular network breaches and security.

Government, Mobile

Security Debt and the Keys to the Kingdom

Security debt is the accumulation of the patches missed, the risks accepted, and the configurations misapplied. Many enterprise security problems arise when the bill comes due.

CISO, Security

Spectre Forces New Defensive Approaches

The Spectre and Meltdown hardware bugs have pushed vendors such as Google to rethink how they deploy defenses.

Spectre, Hardware Hacking

Botnet Report Calls for IoT Security, More Awareness

The long-awaited report from the Departments of Commerce and Homeland Security called on the industry to improve IoT security, to develop better anti-DDoS technologies, and educate users about botnets. Regulation is not mentioned...yet.

Government, Iot Security

Roll With the New: Continuous Security Delivery

Capsule8 is working to change the way enterprises think about attack detection and response.

Network Security

TIC. TIC. Time is running out for TIC

Trusted Internet Connection (TIC) is the federal equivalent to DMZ. Dramatic changes in IT led by cloud adoption and mobile means we need to rethinking TIC.

Facebook Simplifies 2FA Process for Users

Facebook has changed the way people can use two-factor authentication to protect their accounts, adding authenticator apps.

Facebook, 2fa

Hacker History: The Time Charlie and Chris Hacked a Jeep Cherokee

Let's go back to 2015 in this animated Hacker History, when hackers Charlie Miller and Chris Valasek teamed up to show the world how the latest infotainment features in automobiles can be used to remotely hijack the car.

Hacker History, Car Hacking, Security Research

Expect More Spectre, Meltdown Variants Until Updated Chips Arrive

After Meltdown and Spectre, many researchers warned that increased scrutiny on side-channel meant more attacks will be found, so the discovery of "Variant 4" is not a surprise. More variants will be found as chip makers update their designs over the next few years to fix the issues.

Hardware, Security Processor, Vulnerability

FireEye Releases PwnAuth, an OAuth Attack Testing Platform

FireEye has released PwnAuth, an open source tool designed to help security professionals test their organization's ability to detect and respond to attacks abusing OAuth.

Network Security, Cloud, Tools, Oauth Phishing

Time, and the LØpht, March On

Twenty years after their famous Senate hearing, four members of the L0pht hacker group came together this week to talk about where things stand.

L0pht