igor - Fotolia
Security Bytes
This blog covers topics across the spectrum of security, privacy and compliance, as well as the people and issues driving enterprise infosec today.
Recent Posts
-
Mystery around Trend Micro apps still lingers one month later
- Associate Editorial Director 15 Oct 2018 -
FBI, DHS blaming the victims on Remote Desktop Protocol
- Site Editor 01 Oct 2018 -
What the GAO Report missed about the Equifax data breach
- Associate Editorial Director 14 Sep 2018
The mystery around the Trend Micro apps that were removed from the Mac App Store continues despite Trend Micro's numerous updates on the matter.
FBI, DHS call on users to mitigate Remote Desktop Protocol vulnerabilities and handle RDP exploits on their own, even as the "going dark" campaign continues unabated.
The Government Accountability Office investigated the Equifax data breach, but the GAO's report leaves out several important points about the infamous incident.
-
DHS cybersecurity rhetoric offers contradictions at DEF CON
- Senior Reporter 17 Aug 2018 -
Five things to watch for at Black Hat USA this year
- Editorial Director 03 Aug 2018 -
How Dropbox dropped the ball with anonymized data
- Associate Editorial Director 27 Jul 2018 -
Is the new California privacy law a domestic GDPR?
- Site Editor 17 Jul 2018 -
Cyber attribution: Why it won't be easy to stop the blame game
- Associate Editorial Director 29 Jun 2018 -
It's GDPR Day. Let the privacy regulation games begin!
- Site Editor 30 May 2018 -
Google I/O's security and privacy focus missing on day one
- Senior Reporter 09 May 2018
The Vote Hacking Village at Defcon 26 in Las Vegas was an overwhelming jumble of activity -- a mock vote manipulated, children hacking election results websites, machines being disassembled -- and ...
As Black Hat USA 2018 approaches, we take a quick look at trends in the conference agenda and sessions not to miss.
Dropbox came under fire for sharing anonymized data with academic researchers after questions emerged about how the data was protected and used.
The difference between data privacy protections afforded to European Union residents and people in the U.S. is more sharply highlighted now that the EU's General Data Protection Regulation has ...
Infosec experts have argued that too much focus is put on cyber attribution, but moving away from publicly identifying threat groups and nation-states may be easier said than done.
GDPR Day -- May 25, 2018 -- has passed and enforcement is now accepting complaints against companies violating the terms of the EU's new privacy regulation.
It's fairly easy to find stories sparking security and privacy concerns regarding a Google product or service — Search, Chrome, Android, AdSense and more — but if you watched or attended Google ...
-
Cybersecurity pervasiveness subsumes all security concerns
- Senior Reporter 03 May 2018 -
Algorithmic discrimination: A coming storm for security?
- Associate Editorial Director 30 Apr 2018 -
GDPR deadline: Keep calm and GDPR on
- Site Editor 27 Apr 2018 -
CrowdStrike unveils Meltdown exploit in unusual fashion
- Associate Editorial Director 19 Apr 2018 -
FedRAMP security requirements put a premium on automation
- Associate Editorial Director 17 Apr 2018
Given the increased digitization of society and explosion of devices generating data (including retail, social media, search, mobile, and the internet of things), it seems like it might have been ...
Following several RSA Conference 2018 talks on machine learning and AI, it's worth asking how algorithmic discrimination might manifest in the infosec industry.
With the GDPR deadline looming, companies may still be scrambling to do "something" about it, but with less than 30 days to go the best move for many may be to wait and watch, and perhaps just ...
At RSA Conference 2018, CrowdStrike demonstrated a new Meltdown exploit that can harvest sensitive data such as passwords even on systems that are patched.
Matt Goodrich, director for the Federal Risk and Authorization Management Program, detailed FedRAMP security requirements and automation at RSA's Cloud Security Alliance Summit.