News

Cloud Data Storage Encryption and Data Protection Best Practices

• August 02, 2018 02 Aug'18

  Black Hat 2018 conference coverage

  The SearchSecurity team covers the latest threats and vulnerabilities featured at this year's Black Hat USA with news, interviews and more from Las Vegas.

• July 31, 2018 31 Jul'18

  Malvertising campaign tied to legitimate online ad companies

  A new report from Check Point Research uncovers an extensive malvertising campaign known as Master134 and implicates several online advertising companies in the scheme.

• July 31, 2018 31 Jul'18

  Yale data breach discovered 10 years too late

  A Yale University data breach from 2008 was only just discovered, and the school has released details on the compromised information, including Social Security numbers.

• July 31, 2018 31 Jul'18

  Bugcrowd CTO on the need for responsible disclosure policy, 'good faith'

  Bugcrowd founder and CTO Casey Ellis talks about his concerns that the era of 'good faith' between security researchers and enterprises is in jeopardy.

• July 31, 2018 31 Jul'18

  U.S. government making progress on DMARC implementation

  The deadline for full DMARC implementation in U.S. government-owned domains is less than three months away, and only half of the domains have the correct policy in place.

• July 31, 2018 31 Jul'18

  Citrix's Peter Lefkowitz on impact of GDPR privacy requirements

  New consumer privacy laws are changing the global privacy landscape. Citrix's Peter Lefkowitz explains how Citrix is approaching GDPR compliance and privacy issues in general.

• July 31, 2018 31 Jul'18

  NetSpectre is a remote side-channel attack, but a slow one

  A new PoC attack using Spectre variant 1 called NetSpectre marks the first time Spectre v1 has been exploited remotely, although questions remain on the practicality of the attack.

• July 27, 2018 27 Jul'18

  How Dropbox dropped the ball with anonymized data

  Dropbox came under fire for sharing anonymized data with academic researchers after questions emerged about how the data was protected and used.

• July 27, 2018 27 Jul'18

  LifeLock vulnerability exposed user email addresses to public

  News roundup: A LifeLock vulnerability exposed the email addresses of millions of customers. Plus, Amazon's Rekognition misidentified 28 members of Congress as criminals, and more.

• July 27, 2018 27 Jul'18

  Senator wants government to stop Adobe Flash use

  Senator Ron Wyden wrote a letter to multiple government agencies advocating that the entire U.S. government stop Adobe Flash use on all systems due to security risks.

• July 26, 2018 26 Jul'18

  Ponemon: Mega breaches, data breach costs on the rise

  The Ponemon Institute's '2018 Cost of a Data Breach Study' details a rise in data breaches with a look at mega breaches and why U.S. companies experience the greatest loss.

• July 26, 2018 26 Jul'18

  Risk & Repeat: DHS warns of power grid cyberattacks

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss a new warning from the Department of Homeland Security regarding Russian hackers targeting the U.S. power grid.

• July 26, 2018 26 Jul'18

  DHS details electrical grid attacks by Russian agents

  For the first time, DHS has offered more detailed and unclassified information about electrical grid attacks carried out by Russian hackers and the dangers to U.S. infrastructure.

• July 24, 2018 24 Jul'18

  Physical security keys eliminate phishing at Google

  Successful phishing attempts have been eliminated among Google employees following a requirement to use physical security keys in order to gain access to all Google accounts.

• July 20, 2018 20 Jul'18

  Critical Cisco vulnerabilities patched in Policy Suite

  News roundup: Critical Cisco vulnerabilities in Policy Suite products were patched this week. Plus, Venmo's API is set to public, exposing a trove of customer data, and more.

• July 20, 2018 20 Jul'18

  Microsoft launches Identity Bounty Program, offers up to $100,000

  Microsoft introduced its new Identity Bounty Program that offers up to $100,000 in rewards for reported vulnerabilities in its identity services, such as Azure Active Directory.

• July 20, 2018 20 Jul'18

  As AI identity management takes shape, are enterprises ready?

  Experts at the Identiverse 2018 conference discussed how artificial intelligence and machine learning are poised to reshape the identity and access management market.

• July 19, 2018 19 Jul'18

  NSS Labs ranks next-gen firewalls, with some surprises

  Researchers used individual test reports and comparison data to determine the value of investments in next-generation firewall technology.

• July 19, 2018 19 Jul'18

  Risk & Repeat: Closing the gender gap at cybersecurity conferences

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss the under-representation of women at cybersecurity conferences and how it affects the infosec industry.

• July 19, 2018 19 Jul'18

  Vendor admits election systems included remote software

  A vendor admitted to compromising its election system security by installing remote access software on systems over the span of six years, but claims to have stopped the practice.

• July 17, 2018 17 Jul'18

  X-Agent malware lurked on DNC systems for months after hack

  The indictment of Russian intelligence officers accused of hacking the DNC revealed a troubling timeline, including the X-Agent malware lurking on DNC systems for months.

• July 17, 2018 17 Jul'18

  Is the new California privacy law a domestic GDPR?

  The difference between data privacy protections afforded to European Union residents and people in the U.S. is more sharply highlighted now that the EU's General Data Protection Regulation has ...

• July 17, 2018 17 Jul'18

  Accenture's Justin Harvey explains why cyber attribution isn't important

  Accenture's Justin Harvey spoke at RSA Conference 2018 about his experiences with incident response and his views on the importance of cyber attribution.

• July 13, 2018 13 Jul'18

  Chrome site isolation arrives to mitigate Spectre attacks

  In an effort to mitigate the risk of Spectre attacks, Google Chrome site isolation has been enabled for 99% of browser users to minimize the data that could be gleaned by an attacker.

• July 13, 2018 13 Jul'18

  Russian intelligence officers indicted for DNC hack

  A grand jury for special counsel Robert Mueller's election-interference investigation indicted 12 Russian intelligence officers for crimes related to the DNC and DCCC hacks.

• July 13, 2018 13 Jul'18

  New Spectre variants earn $100,000 bounty from Intel

  Researchers discovered two new Spectre variants that can be used to bypass protections and attack systems and earned $100,000 in bug bounties from Intel.

• July 13, 2018 13 Jul'18

  Ticketmaster breach part of worldwide card-skimming campaign

  News roundup: The Ticketmaster breach was part of a massive digital credit card-skimming campaign. Plus, the U.K. fined Facebook over the Cambridge Analytica scandal, and more.

• July 11, 2018 11 Jul'18

  GandCrab ransomware adds NSA tools for faster spreading

  NSA exploit tools have already been used in high-profile malware. And now, GandCrab ransomware v4 has added the NSA's SMB exploit in order to spread faster.

• July 11, 2018 11 Jul'18

  Risk & Repeat: New concerns about smartphone spying

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss research that shows some Android apps record video of users' screens without permission or notifications.

• July 10, 2018 10 Jul'18

  Stolen digital certificates used in Plead malware spread

  Researchers found the spread of Plead malware was aided by the use of stolen digital certificates, making the software appear legitimate and hiding the true nature of the attacks.

• July 09, 2018 09 Jul'18

  How did an old, unpatched Firefox bug expose master passwords?

  A Firefox bug went undetected for nine years. Expert Michael Cobb explains how it enabled attackers to access the browser's master password and what's being done to mitigate it.

• July 06, 2018 06 Jul'18

  Researchers discover Android apps spying on users' screens

  News roundup: Academic researchers discover Android apps secretly recording and sharing video of users' screens. Plus, an NSO Group employee lands in hot water, and more.

• July 06, 2018 06 Jul'18

  Risk & Repeat: Is AI-driven identity management the future?

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss Identiverse 2018 and how artificial intelligence is being applied to identity and access management.

• July 03, 2018 03 Jul'18

  RAMpage attack unlikely to pose real-world risk, expert says

  The RAMpage attack against the Rowhammer vulnerability in Android devices is theoretically possible, but it may be more academic than it is a practical concern, one expert said.

• June 29, 2018 29 Jun'18

  Cyber attribution: Why it won't be easy to stop the blame game

  Infosec experts have argued that too much focus is put on cyber attribution, but moving away from publicly identifying threat groups and nation-states may be easier said than done.

• June 29, 2018 29 Jun'18

  Risk & Repeat: U.S. government eyes offensive cyberattacks

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss the risks of the U.S. Cyber Command engaging in offensive cyberattacks against foreign adversaries.

• June 29, 2018 29 Jun'18

  WebAssembly updates may cancel out Meltdown and Spectre fixes

  News roundup: Upcoming WebAssembly updates may undo the Meltdown and Spectre mitigations. Plus, FireEye denied claims it 'hacked back' China, and more.

• June 29, 2018 29 Jun'18

  GlobalSign, Comodo launch competing IoT security platforms

  Rival certificate authorities GlobalSign and Comodo CA have strengthened their presence in the IoT security market with new platforms for connected devices.

• June 29, 2018 29 Jun'18

  McAfee details rise in blockchain threats, cryptocurrency attacks

  McAfee's new 'Blockchain Threat Report' charts a dramatic rise in cryptomining malware and details four major attack vectors for cryptocurrency-related threats.

• June 29, 2018 29 Jun'18

  Have I Been Pwned integration comes to Firefox and 1Password

  With new Have I Been Pwned integration, Firefox and 1Password users will be able to learn if their email addresses have been compromised in any known data breaches.

• June 28, 2018 28 Jun'18

  EFF's STARTTLS Everywhere aims to protect email in transit

  The EFF's new STARTTLS Everywhere initiative aims to secure email as it transits the internet between mail servers to prevent mass surveillance, as well as email spoofing.

• June 27, 2018 27 Jun'18

  TLBleed attack can extract signing keys, but exploit is difficult

  A new side-channel attack on Intel chips, named TLBleed, can extract signing keys. But the researcher who discovered it said users shouldn't worry, because it's not the next Spectre.

• June 26, 2018 26 Jun'18

  Ping adds AI-driven API protection with Elastic Beam acquisition

  Ping Identity increased its focus on API security with the acquisition of Elastic Beam, a startup that uses artificial intelligence to apply behavioral security on enterprise APIs.

• June 26, 2018 26 Jun'18

  New WPA3 security protocol simplifies logins, secures IoT

  Latest WPA3 security protocol update adds new features to the Wi-Fi access specification for simple and secure wireless access for individuals, as well as enterprises.

• June 25, 2018 25 Jun'18

  Accenture's Tammy Moskites on the cybersecurity gender gap

  Accenture's Tammy Moskites spoke with SearchSecurity at RSA Conference 2018 about the gender gap in the infosec industry and what can be done to close it.

• June 22, 2018 22 Jun'18

  Unprotected Firebase databases leaked over 100 million records

  Android and iOS mobile apps that use unprotected Firebase databases leaked over 100 million records that include PHI, financial records and authentication information.

• June 22, 2018 22 Jun'18

  No more selling mobile location data, promise carriers

  Sen. Ron Wyden got all major U.S. wireless carriers to promise not to sell mobile location data to third parties, but experts question the basic security practices in place.

• June 22, 2018 22 Jun'18

  China-based Thrip hacking group targets U.S. telecoms

  News roundup: China-based Thrip hacking group used legitimate tools to attack companies in the U.S. and Southeast Asia. Plus, election officials didn't know about hacks, and more.

• June 21, 2018 21 Jun'18

  Accused CIA leaker charged with stealing government property

  The DOJ has officially charged the accused CIA leaker, Joshua Schulte, with theft of government property and gathering national defense information in the Vault 7 case.

• June 21, 2018 21 Jun'18

  Risk & Repeat: New election security bill introduced

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Protecting American Votes and Elections Act of 2018, which requires paper ballots and audits.

• June 20, 2018 20 Jun'18

  Constant offensive cyberattacks approved by Pentagon

  The Pentagon reportedly approved the use of offensive cyberattacks by the U.S. Cyber Command, and one expert said enterprises should be ready to handle the 'return fire.'

• June 18, 2018 18 Jun'18

  Accenture's Tammy Moskites explains how the CISO position is changing

  Accenture's Tammy Moskites spoke with SearchSecurity at RSA Conference 2018 about the daunting challenges CISOs face today and how the position may be changing.

• June 18, 2018 18 Jun'18

  PyRoMineIoT cryptojacker uses NSA exploit to spread

  The latest malware threat based on the EternalRomance NSA exploit is PyRoMineIoT, a cryptojacker infecting IoT devices. But experts said the NSA shouldn't be held responsible for the damages.

• June 15, 2018 15 Jun'18

  EU institutes Kaspersky ban, calls software 'malicious'

  News roundup: Following a vote by the European Parliament to implement a Kaspersky ban in the EU, Kaspersky announced it would halt ties with the No More Ransom project and Europol.

• June 15, 2018 15 Jun'18

  FBI fights business email compromise with global crackdown

  U.S. federal agencies worked with international law enforcement in Operation Wire Wire to find and prosecute alleged cybercriminals conducting business-email-compromise scams.

• June 14, 2018 14 Jun'18

  Security Servicing Commitment clarifies Microsoft patch policy

  Microsoft's unspoken patch management policy has been codified in the new Security Servicing Commitment, which outlines what flaws will be patched monthly and which will be in Windows updates.

• June 13, 2018 13 Jun'18

  Risk & Repeat: What do Google's AI principles mean for cybersecurity?

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss Google's new principles for artificial intelligence and how they may impact the use of AI for cybersecurity.

• June 13, 2018 13 Jun'18

  Spectre v4 fix and Windows DNS patch in June Patch Tuesday

  A Windows DNS patch for both desktops and servers headlines Microsoft's June 2018 Patch Tuesday, but the release also includes mitigations for Spectre v4 and more.

• June 13, 2018 13 Jun'18

  North Korea hacking threat still looms despite summit

  Despite a summit between President Trump and North Korean leader Kim Jong Un, the threat of North Korean hacking and cyberespionage still looms large, according to experts.

• June 08, 2018 08 Jun'18

  New MalwareTech indictment adds four more charges

  The U.S. government added four new charges against Marcus Hutchins in the MalwareTech indictment, but questions have surfaced about the legal standing of the new charges.

• June 08, 2018 08 Jun'18

  Apple plans to disable Facebook web tracking capabilities

  News roundup: Apple wants to protect its users from Facebook web tracking with the next version of Safari. Plus, genealogy website MyHeritage suffers data breach, and more.

• June 07, 2018 07 Jun'18

  Risk & Repeat: More trouble for federal cybersecurity

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss the recent federal cybersecurity report, which found the majority of agencies have significant security gaps.

• June 06, 2018 06 Jun'18

  Apple iOS 12 USB Restricted Mode to foil thieves, law enforcement

  A rumored security feature, USB Restricted Mode, is making its premiere in Apple's iOS 12 and will protect users from brute-force passcode attacks by thieves and law enforcement alike.

• June 05, 2018 05 Jun'18

  Research claims 'widespread' Google Groups misconfiguration troubles

  Researchers from Kenna Security claim a Google Groups misconfiguration has exposed sensitive data for many organizations, but it is unclear just how widespread the issue might be.

• June 01, 2018 01 Jun'18

  Yokogawa Stardom vulnerability leaves hardcoded creds in ICS controllers

  A Yokogawa Stardom vulnerability leaves industrial control systems in critical infrastructure around the world at risk because of hardcoded credentials in the software.

• June 01, 2018 01 Jun'18

  SS7 vulnerabilities enable breach of major cellular provider

  News roundup: A major cellular network may have been compromised by exploiting SS7 vulnerabilities, according to reports. Plus, Kaspersky's lawsuits have been dismissed, and more.

• June 01, 2018 01 Jun'18

  Federal cybersecurity report says nearly 75% of agencies at risk

  The 'Federal Cybersecurity Risk Determination Report and Action Plan' shows the majority of federal agencies are at risk, and DHS suggests a lack of leadership may be to blame.

• May 31, 2018 31 May'18

  New Walmart CISO discusses protecting the world's largest retailer

  Walmart CISO Jerry Geisler talks about the retail giant's evolving cloud strategy, vulnerability management and risks the company is focused on across its environments.

• May 31, 2018 31 May'18

  Risk & Repeat: Are ICS threats being overblown or ignored?

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss dangers to critical infrastructure in the wake of a new report on the threat actors behind the Trisis malware.

• May 31, 2018 31 May'18

  Yahoo hacker sentenced to five years in prison for massive breach

  One of four Yahoo hackers was sentenced to five years in prison for his role in the massive 2014 breach, which included accessing millions of sensitive email accounts.

• May 31, 2018 31 May'18

  Dragos' Robert Lee discusses latest ICS threats, hacking back

  In part two of this interview from RSA Conference 2018, Dragos CEO Robert Lee discusses the latest threats to industrial control systems and how those threats can be exaggerated.

• May 30, 2018 30 May'18

  It's GDPR Day. Let the privacy regulation games begin!

  GDPR Day -- May 25, 2018 -- has passed and enforcement is now accepting complaints against companies violating the terms of the EU's new privacy regulation.

• May 30, 2018 30 May'18

  Feds issue new alert on North Korean hacking campaigns

  The U.S. government claims two notable malware campaigns are the work of North Korean nation-state hacking group Hidden Cobra, also known as the Lazarus Group.

• May 30, 2018 30 May'18

  Apple transparency report shows national security requests rising

  The latest semiannual Apple transparency report showed national security requests on the rise and one expert questioned whether Apple could do more to be open about requests.

• May 29, 2018 29 May'18

  Threat hunting technology is on the rise, so are threats

  Detection of advanced threats is the top challenge for 55% of security operations centers, according to a new survey, as more companies explore threat hunting programs.

• May 25, 2018 25 May'18

  Creators of Trisis malware have expanded their ICS attacks

  News roundup: Dragos researchers say the group behind the Trisis malware has expanded its ICS attacks. Plus, Roaming Mantis malware now targets iOS devices, and more.

• May 25, 2018 25 May'18

  Dragos' Robert Lee explains why ICS security isn't all doom and gloom

  Dragos' Robert Lee talks with SearchSecurity at RSA Conference 2018 about why there are reasons to be optimistic about the state of ICS security, despite growing threats.

• May 24, 2018 24 May'18

  VPNFilter malware infects 500,000 devices for massive Russian botnet

  New malware, dubbed 'VPNFilter' by Cisco Talos, infects 500,000 devices and triggers action from Justice Department, which seized and sinkholed the botnet's domain.

• May 24, 2018 24 May'18

  Risk & Repeat: Breaking down the Efail flaws

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Efail vulnerabilities in PGP and S/Mime protocols, as well as the rocky disclosure process for the flaws.

• May 23, 2018 23 May'18

  Wicked botnet: Another Mirai variant targets connected devices

  Fortinet researchers uncovered a new variant of the Mirai malware, known as the Wicked botnet, which targets vulnerable IoT devices and uses multiple existing exploits.

• May 22, 2018 22 May'18

  Newly disclosed Spectre variant 4 brings more side channel concerns

  A new Spectre vulnerability was disclosed this week, adding to concerns about side channel attacks exploiting speculative execution in modern processors.

• May 22, 2018 22 May'18

  Recorded Future sheds light on Iranian hacking operations

  Recorded Future's Levi Gundert discusses how the Iranian government uses proxies and contractors to launch cyberattacks, and how its strategy presents challenges for the country.

• May 22, 2018 22 May'18

  North Korean hackers linked to Google Play spyware

  The 'Sun Team' group of North Korean hackers placed malicious apps in the Google Play store to target defectors and steal personal data such as photos, contacts and SMS messages.

• May 21, 2018 21 May'18

  Recorded Future: Iranian cyberattacks poised to resume

  Recorded Future's Levi Gundert explains why major cyberattacks against Western enterprises are expected to resume following the United States' withdrawal from the Iran nuclear deal.

• May 18, 2018 18 May'18

  Telegrab malware threatens Telegram desktop users

  News roundup: Telegrab malware enables hackers to grab encryption keys and browser credentials from Telegram sessions. Plus, DHS released its new cybersecurity strategy, and more.

• May 17, 2018 17 May'18

  Securus hack exposes law enforcement customers of location tracking

  Following news that it provides near real-time location data to law enforcement without warrants, a Securus hack exposed information on those law enforcement customers.

• May 17, 2018 17 May'18

  Risk & Repeat: Why Ray Ozzie's Clear proposal isn't so clear

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss Ray Ozzie's solution for going dark, known as Clear, and what infosec experts are saying about it.

• May 17, 2018 17 May'18

  Risk & Repeat: Business email compromise on the rise

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss the rise in business email compromise activity based on new data from the FBI's 2017 Internet Crime Report.

• May 16, 2018 16 May'18

  Vault 7 leak suspect is a former CIA employee already in custody

  The U.S. government has identified a man already in custody on unrelated charges as the suspect in the Vault 7 leak, but it is unclear how much evidence supports the case.

• May 16, 2018 16 May'18

  Illumio: Subtle data manipulation attacks pose serious threats

  Illumio CTO P.J. Kirner discusses the threat of data manipulation and explains why subtle, hard to detect attacks could have devastating effects on enterprises.

• May 16, 2018 16 May'18

  Efail disclosure troubles highlight branded vulnerability issues

  The Efail disclosure process was one day away from completion, but attempts to generate hype for the vulnerabilities led to details leaking earlier than researchers intended.

• May 14, 2018 14 May'18

  Efail flaws highlight risky implementations of PGP and S/MIME

  The messy disclosure of the Efail flaws raised questions about the security of email encryption, while experts said S/MIME may be more at risk than some PGP implementations.

• May 14, 2018 14 May'18

  FBI: Business email compromise tops $676 million in losses

  Verizon's Data Breach Investigations Report indicates an increase in ransomware while the FBI's Internet Crime Report shows a downward trend, with business email compromise on the rise.

• May 11, 2018 11 May'18

  Georgia governor vetoes controversial cybersecurity bill

  News roundup: A controversial cybersecurity bill was vetoed by Georgia's governor this week after pressure from Microsoft and Google. Plus, IBM banned USB drives, and more.

• May 11, 2018 11 May'18

  Hardware debug documentation leads to widespread vulnerability

  A hardware debug bug, apparently caused by unclear Intel hardware architecture documentation, infested almost all major OSes, as well as leading virtualization software.

• May 10, 2018 10 May'18

  Android P security improves authentication trust and data privacy

  Android P security features, which were previewed at Google I/O, include notable improvements for data privacy and encryption and preventing malicious apps from spying on users.

• May 09, 2018 09 May'18

  Microsoft patches Internet Explorer zero-day 'Double Kill'

  Microsoft's Patch Tuesday for May includes fixes for two zero-day vulnerabilities under attack, including an Internet Explorer exploit known as Double Kill.

• May 09, 2018 09 May'18

  Google I/O's security and privacy focus missing on day one

  It's fairly easy to find stories sparking security and privacy concerns regarding a Google product or service — Search, Chrome, Android, AdSense and more — but if you watched or attended Google ...

• May 04, 2018 04 May'18

  Remote Android Rowhammer attack possible, but scope limited

  A new Android Rowhammer PoC proves an attack is possible, but an expert said the limited scope of affected devices and feasibility of performing the attack lessens the danger.

• May 04, 2018 04 May'18

  Facebook APIs used by tens of thousands of malicious apps

  News roundup: Researchers find tens of thousands of malicious apps use Facebook APIs and can access user data. Plus, AWS threatens to suspend Signal's use of the platform, and more.