SEARCH
All Articles
Proofpoint Sues Facebook to Keep Using Lookalike Domains
Proofpoint and Facebook are in court fighting over how to handle the problem of domains that impersonate well-known brands, highlighting the difficulty in differentiating malicious activity and security awareness.
Decipher Podcast: Neil Daswani
Neil Daswani, co-director of the advanced security program at Stanford University and a former engineer at Twitter and Google, joins Dennis Fisher to discuss his new book, Big Breaches: Cybersecurity Lessons for Everyone, and the common root causes and effects of major data breaches.
Keeping Dependencies Straight in the Software Supply Chain
The nature of modern software development is that development teams have to rely on "blind trust" for some of the code components written by someone else. A new attack method showed how build systems could be tricked into pulling code from the wrong projects.
‘Stop Acting Like These Attacks are Special or Rare’
National security experts and policy makers say the U.S. needs to act now to raise the cost of doing business for state-backed attackers.
Email Attackers Target Victims Based on Demographics
Criminals pay attention to user demographics to target specific types of users when crafting email-based attacks, a joint study from Google and Stanford found.
Microsoft Fixes Critical TCP/IP Flaws and Actively Exploited Windows Bug
Microsoft has patched three flaws in the Windows TCP/IP implementation and a separate bug in Windows that is under active attack.
Attacker Accessed Florida Town’s Water Treatment System
An intruder gained access to a system that controls the water treatment plant in Oldsmar, Fla., and tried to add excessive amounts of sodium hydroxide to it.
FDA Names New Head of Medical Devices Security
The Food & Drug Administration has appointed University of Michigan computer science researcher Kevin Fu to serve as the agency's Acting Director of Medical Device Cybersecurity.
Microsoft Investigating Reported IE Zero Day
Microsoft is looking into a report of a zero day in Internet Explorer that a group of Korean researchers say used to target them.
SolarWinds Patches Two New Flaws in Orion
SolarWinds has fixed two newly discovered bug in Orion, one of which can lead to remote code execution.
Virginia Passes Consumer Data Protection Law
Virginia joins California in enacting a comprehensive data privacy law with the Virginia Consumer Data Protection Act, becoming the second state to have legislation giving consumers the right to access data organizations have collected about them.
Making 0-Day Hard is Still Hard
The difficulty of detecting zero days in the wild and incomplete patches for the ones that are found is making life easier for attackers.
Privacy Rules Not Strictly Enforced for iOS, Android
New privacy-focused rules banning location trackers and requiring disclosing data collection rules for privacy are not consistently enforced on the App Store and Google Play.
Political Campaigns Face Tough Security Challenges
The short lifespans and limited budgets of political campaigns adds to the security challenges they face as advanced adversaries target them.
FBI Director Urges More Cooperation, Relationships
The Federal Bureau of Investigation has been beating the public-private sector cooperation drum for several years now, and FBI director Christopher Wray stuck to that theme during his talk at Fordham University’s International Conference on Cyber Security.