igor - Fotolia
Security Bytes
This blog covers topics across the spectrum of security, privacy and compliance, as well as the people and issues driving enterprise infosec today.
Recent Posts
-
At RSAC 2019, speculative execution threats take a back seat
- Associate Editorial Director 20 Feb 2019 -
Marriott Starwood data breach notification de-values customers
- Site Editor 17 Dec 2018 -
Are US hacker indictments more than Justice Theater?
- Senior Reporter 30 Nov 2018
The Meltdown and Spectre vulnerabilities loomed large last year, but RSAC 2019 will have little fodder on speculative execution threats and side channels attacks.
The Marriott Starwood data breach exposed half a billion customers' data, but the hospitality giant seems to have learned from recent megabreaches that the standard response to a breach can be the ...
New hacker indictments and U.S.Treasury Department sanctions highlight the disconnect between government action and real world consequences for threat actors.
-
Breaking down Dell's "potential cybersecurity incident" announcement
- Associate Editorial Director 29 Nov 2018 -
Will cybersecurity safety ever equal air travel safety?
- Site Editor 29 Nov 2018 -
Android Ecosystem Security Transparency Report is a wary first step
- Senior Reporter 12 Nov 2018 -
Google sets Android security updates rules but enforcement is unclear
- Senior Reporter 26 Oct 2018 -
Mystery around Trend Micro apps still lingers one month later
- Associate Editorial Director 15 Oct 2018 -
FBI, DHS blaming the victims on Remote Desktop Protocol
- Site Editor 01 Oct 2018 -
What the GAO Report missed about the Equifax data breach
- Associate Editorial Director 14 Sep 2018
Dell provided some information about a "potential cybersecurity incident" earlier this month, but it's unclear how the company and customers should be reacting.
Guaranteeing cybersecurity safety is one of the biggest challenges facing the tech industry, but using aviation safety as a model may help achieve that goal.
Reading through Google's first quarterly Android Ecosystem Security Transparency Report feels like a mix of missed opportunities and déjà vu all over again. Much of what is in the new Android ...
The vendor requirements for Android are a strange and mysterious thing but a new leak claims Google has added language to force manufacturers to push more regular Android security updates. ...
The mystery around the Trend Micro apps that were removed from the Mac App Store continues despite Trend Micro's numerous updates on the matter.
FBI, DHS call on users to mitigate Remote Desktop Protocol vulnerabilities and handle RDP exploits on their own, even as the "going dark" campaign continues unabated.
The Government Accountability Office investigated the Equifax data breach, but the GAO's report leaves out several important points about the infamous incident.
-
DHS cybersecurity rhetoric offers contradictions at DEF CON
- Senior Reporter 17 Aug 2018 -
Five things to watch for at Black Hat USA this year
- Editorial Director 03 Aug 2018 -
How Dropbox dropped the ball with anonymized data
- Associate Editorial Director 27 Jul 2018 -
Is the new California privacy law a domestic GDPR?
- Site Editor 17 Jul 2018 -
Cyber attribution: Why it won't be easy to stop the blame game
- Associate Editorial Director 29 Jun 2018
The Vote Hacking Village at Defcon 26 in Las Vegas was an overwhelming jumble of activity -- a mock vote manipulated, children hacking election results websites, machines being disassembled -- and ...
As Black Hat USA 2018 approaches, we take a quick look at trends in the conference agenda and sessions not to miss.
Dropbox came under fire for sharing anonymized data with academic researchers after questions emerged about how the data was protected and used.
The difference between data privacy protections afforded to European Union residents and people in the U.S. is more sharply highlighted now that the EU's General Data Protection Regulation has ...
Infosec experts have argued that too much focus is put on cyber attribution, but moving away from publicly identifying threat groups and nation-states may be easier said than done.