August 2018
-
August 31, 2018
31
Aug'18
two-factor authentication (2FA)
Two-factor authentication (2FA), sometimes referred to as two-step verification or dual factor authentication, is a security process in which the user provides two different authentication factors to verify themselves to better protect both the ... Continue Reading
-
August 31, 2018
31
Aug'18
Another patched Apache Struts vulnerability exploited
News roundup: A new Apache Struts vulnerability was exploited in the wild mere days after it was patched. Plus, Facebook removes app over privacy concerns and more. Continue Reading
-
August 31, 2018
31
Aug'18
WannaCry ransomware
The WannaCry ransomware is a worm that spreads by exploiting vulnerabilities in the Windows operating system. Continue Reading
-
August 30, 2018
30
Aug'18
digital certificate
A digital certificate, also known as a public key certificate, is used to cryptographically link ownership of a public key with the entity that owns it. Continue Reading
-
August 30, 2018
30
Aug'18
Risk & Repeat: Are the Meltdown and Spectre flaws overhyped?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss whether or not Meltdown and Spectre deserved to be nominated for the Pwnie Awards' Most Overhyped Bug. Continue Reading
-
August 30, 2018
30
Aug'18
Congress wants CVE program changes from DHS and MITRE
In a letter to DHS and MITRE, Congress said CVE program management has been 'insufficient' and called for the program to receive more consistent funding and additional oversight. Continue Reading
-
August 30, 2018
30
Aug'18
How hard-coded credentials threaten ICS security
Hard-coded credentials open industrial control systems up to unauthorized access by malicious actors and threaten ICS security. Expert Ernie Hayden explains the threat and what enterprises can do about it. Continue Reading
-
August 29, 2018
29
Aug'18
ATM jackpotting: How does the Ploutus.D malware work?
Ploutus.D malware recently started popping up in the U.S. after several ATM jackpotting attacks. Discover how this is possible and what banks can do to prevent this with Nick Lewis. Continue Reading
-
August 29, 2018
29
Aug'18
Windows 10 zero-day disclosed on Twitter, no fix in sight
Security researcher SandboxEscaper released proof-of-concept code for a Windows 10 zero-day on Twitter, but Microsoft has no details for a potential patch. Continue Reading
-
August 28, 2018
28
Aug'18
Diversity at cybersecurity conferences is too important to ignore
Diversity at cybersecurity conferences became a hot topic in early 2018. Innovation Women founder Bobbie Carlton discusses why it takes more work to get women in security on stage. Continue Reading
-
August 28, 2018
28
Aug'18
Fortnite vulnerability on Android causes disclosure tension
Epic Games patched a Fortnite vulnerability in its Android installer, but Google's disclosure policy comes under fire once again as Epic Games' founder called the disclosure 'irresponsible.' Continue Reading
-
August 28, 2018
28
Aug'18
Red team assessments and post-assessment posture improvement
Testing an organization's security maturity is crucial for an organization to improve their post-assessment posture. Learn how red teaming can help this situation with Matt Pascucci. Continue Reading
-
August 28, 2018
28
Aug'18
SamSam ransomware: How can enterprises prevent an attack?
SamSam ransomware infected the Colorado DOT after hitting hospitals, city councils and companies. Learn how this version differs from those we've seen in the past. Continue Reading
-
August 27, 2018
27
Aug'18
How does Google's new detection model find bad Android apps?
Malicious apps have been a consistent problem for the Google Play Store, so a new detection model has been released to help clean it up. Learn how this system works with Nick Lewis. Continue Reading
-
August 24, 2018
24
Aug'18
Innovation Women founder strives to close gender gap at conferences
Innovation Women founder Bobbie Carlton discusses the all-male, all-pale panels that overwhelm tech conferences and that moved her to change the number of female speakers. Continue Reading
-
August 24, 2018
24
Aug'18
How to find the best privileged identity management tool
To ensure IT security means first realizing that elevated privileges can also be an open door for hackers. Locking things down requires teamwork, good tools and more. Continue Reading
-
August 24, 2018
24
Aug'18
NSA leaker Reality Winner sentenced to five years in jail
NSA leaker Reality Winner sentenced to 63 months in prison for releasing classified documents detailing an attack by the Russian military against U.S. election systems. Continue Reading
-
August 24, 2018
24
Aug'18
Weighing privileged identity management tools' pros and cons
Products that help security pros manage access privileges are essential to IT security. Learn how to evaluate market offerings and acquire the best for your company. Continue Reading
-
August 24, 2018
24
Aug'18
Hundreds of Facebook accounts deleted for spreading misinformation
News roundup: Social media platforms shut down accounts spreading misinformation. The Facebook accounts deleted were tied to Iran, Russia. Plus, Ryuk ransomware spreads, and more. Continue Reading
-
August 24, 2018
24
Aug'18
What risks does the OpenFlow protocol vulnerability present?
Researchers found a vulnerability in OpenFlow that can cause problems. Learn how vendor-specific SDN controllers may cause these OpenFlow protocol vulnerabilities. Continue Reading