News
Cloud Data Storage Encryption and Data Protection Best Practices
- April 25, 2018
25 Apr'18
BGP routing security flaw caused Amazon Route 53 incident
A BGP routing security flaw enabled unknown threat actors to steal cryptocurrency by hijacking internet routing and rerouting traffic to a phishing site in Russia.
- April 25, 2018
25 Apr'18
Rachel Tobac: Social engineering attacks need real-world 2FA
Rachel Tobac discusses how to train employees to avoid social engineering attacks and how individuals can keep themselves safe with awareness and by being 'politely paranoid.'
- April 24, 2018
24 Apr'18
Akamai touts network perimeter security shifts, zero-trust model
As network perimeter security grows less practical, Akamai talks at RSA Conference about moving beyond firewalls to improve authentication with a zero-trust model.
-
- April 23, 2018
23 Apr'18
Women in cybersecurity discuss hiring, advice and being mentors
A panel of women cybersecurity professionals at the RSA Conference discussed ways to find the best job candidates, the best advice they've received and how to be better mentors.
- April 20, 2018
20 Apr'18
Government hacking tactics questioned at OURSA
The ACLU's Jennifer Granick took government hacking to task at the OURSA Conference this week, calling out mass surveillance techniques and the limited scope of search warrants.
- April 20, 2018
20 Apr'18
Keeper Security forms vulnerability disclosure program with Bugcrowd
Following its controversial lawsuit against an Ars Technica security reporter, Keeper Security has teamed with Bugcrowd on a formal vulnerability disclosure program.
- April 20, 2018
20 Apr'18
Another misconfigured Amazon S3 bucket exposes 48M records
News roundup: A misconfigured Amazon S3 bucket led to the exposure of 48 million records collected by a private data analytics firm. Plus, PCI SSC updated its cloud guidelines, and more.
- April 20, 2018
20 Apr'18
Experts describe how hacking back can be done right
A panel of experts at the RSA Conference all expressed support for the idea of hacking back against threat actors, but each offered caveats in hopes of minimizing collateral damage.
- April 19, 2018
19 Apr'18
CrowdStrike unveils Meltdown exploit in unusual fashion
At RSA Conference 2018, CrowdStrike demonstrated a new Meltdown exploit that can harvest sensitive data such as passwords even on systems that are patched.
- April 19, 2018
19 Apr'18
Moussouris: Bug bounty programs need to avoid jumping the shark
Bug bounty programs may seem to offer salvation at a bargain price for securing networks and systems, but Katie Moussouris offers tips for avoiding major pitfalls.
-
- April 19, 2018
19 Apr'18
Schneier talks cyber regulations, slams U.S. lawmakers
Speaking at RSA Conference 2018, Bruce Schneier slammed U.S. lawmakers and Facebook in discussions on internet security regulations and technology policy.
- April 19, 2018
19 Apr'18
Passive DNS techniques can reduce DNS abuse
Presenting at RSAC 2018, Farsight Security's Merike Kaeo explains how defenders can adopt passive techniques to reduce DNS abuse and stop attacks before they happen.
- April 18, 2018
18 Apr'18
Paul Kocher weighs in on Spectre flaws, vulnerability disclosure
At RSA Conference 2018, Paul Kocher, who co-discovered the Spectre flaws, discussed the chip vulnerabilities and explained why disclosure and mitigation efforts were so troubled.
- April 18, 2018
18 Apr'18
IBM's new AI toolbox is designed to protect AI systems
IBM has made a new open source AI toolbox that's designed to provide practical defenses for real-world AI systems based on how threat actors can attack AI models.
- April 18, 2018
18 Apr'18
IBM's Cindy Compert cooks up a batch of GDPR preparation
GDPR preparation, with practical tips and recipes, was on the menu at RSAC 2018, as IBM CTO Cindy Compert offered practical advice for compliance with the EU privacy regulation.