Security news that informs and inspires

All Articles

2376 articles:

Europol Arrests Two for Running Malware Crypter Services

European law enforcement officials have arrested two suspects for allegedly running a pair of crypter services that help malware slip past security software.

Cybercrime

FBI Guidance Evolves on Ransomware Payments

The FBI has always advised victims not to pay ransomware groups, but its thinking has evolved as attacks have proliferated and worsened.

Government, Ransomware

Public Exploits Give Attackers a Head Start

The latest research out of Kenna Security and Cyentia Institute compared how quickly defenders could remediate vulnerabilities and how quickly attackers could exploit the vulnerability in the wild.

Vulnerability, Exploit Defense

Congress Passes IoT Security Law

Congress has unanimously passed the bipartisan IoT Cybersecurity Improvement Act, which would set minimum security requirements for developing, patching, and configuring Internet of Things.

Government, Iot Security

Firefox Adds HTTPS-Only Mode

Firefox 83 includes an option to force HTTPS connections to any site that offers them.

Firefox

Civil Liberties Groups Decry Calls for Encryption Backdoors

A coalition of civil liberties groups from the U.S. and Europe is warning about the potential consequences of backdoors in encryption systems.

Encryption

Security Leaders Uneasy CISA Chief May be Fired

The Cybersecurity and Infrastructure Security Agency’s role goes beyond national security and securing elections. Any shakeup at CISA’s leadership level would affect the work the agency has been doing with privacy sector organizations.

Government

Google Patches Two More Chrome Zero Days Used by Attackers

Google has fixed two vulnerabilities in Chrome that have been targeted by attackers in recent days.

Google

Deciphering Johnny Mnemonic

Zoe Lindsey, Pete Baker, and Dennis Fisher break down the delightfully goofy and moderately incoherent 1995 film Johnny Mnemonic.

Podcast, Hacker Movies

Trickbot Back on the Block

The Trickbot malware operation is back, with a fresh spam campaign delivering malicious Word documents.

Trickbot, Malware

Security Incidents Affect Victims Differently, Even the Mega-Breaches

Cyentia Institute analyzed some of the costliest, most damaging security incidents and found that they impacted organizations differently.

Data Breaches

Privacy Labels for iOS and Mac Apps Are Coming

Starting Dec. 8, all iOS and Mac apps will be required to print "privacy labels" telling users upfront how the apps use their information, just as food manufacturers are required to print nutritional labels on food to provide nutrition information such as calories and ingredients.

Apple, Privacy

Apple Fixes Three Flaws Exploited in the Wild

Apple has patched three bugs in iOS and macOS that have been exploited by attackers.

Apple

The Senators Who Will Set the Security and Privacy Agenda in Congress

Whether it's election security, nation-state attacks, or massive data breaches, there is growing pressure on Congress to do something. One way to suss out how the security and privacy agenda will unfold in the 117th Congress is to look at what these Senators have said and done previously.

Government

Oracle Releases Emergency Patch for WebLogic Flaw

Oracle has pushed an emergency patch for CVE-2020-14750, a remotely exploitable flaw in its WebLogic application server.

Oracle