News

News

• April 20, 2018 20 Apr'18

  Another misconfigured Amazon S3 bucket exposes 48M records

  News roundup: A misconfigured Amazon S3 bucket led to the exposure of 48 million records collected by a private data analytics firm. Plus, PCI SSC updated its cloud guidelines, and more.

• April 20, 2018 20 Apr'18

  Experts describe how hacking back can be done right

  A panel of experts at the RSA Conference all expressed support for the idea of hacking back against threat actors, but each offered caveats in hopes of minimizing collateral damage.

• April 19, 2018 19 Apr'18

  CrowdStrike unveils Meltdown exploit in unusual fashion

  At RSA Conference 2018, CrowdStrike demonstrated a new Meltdown exploit that can harvest sensitive data such as passwords even on systems that are patched.

• April 19, 2018 19 Apr'18

  Moussouris: Bug bounty programs need to avoid jumping the shark

  Bug bounty programs may seem to offer salvation at a bargain price for securing networks and systems, but Katie Moussouris offers tips for avoiding major pitfalls.

• April 19, 2018 19 Apr'18

  Schneier talks cyber regulations, slams U.S. lawmakers

  Speaking at RSA Conference 2018, Bruce Schneier slammed U.S. lawmakers and Facebook in discussions on internet security regulations and technology policy.

• April 19, 2018 19 Apr'18

  Passive DNS techniques can reduce DNS abuse

  Presenting at RSAC 2018, Farsight Security's Merike Kaeo explains how defenders can adopt passive techniques to reduce DNS abuse and stop attacks before they happen.

• April 18, 2018 18 Apr'18

  Paul Kocher weighs in on Spectre flaws, vulnerability disclosure

  At RSA Conference 2018, Paul Kocher, who co-discovered the Spectre flaws, discussed the chip vulnerabilities and explained why disclosure and mitigation efforts were so troubled.

• April 18, 2018 18 Apr'18

  IBM's new AI toolbox is designed to protect AI systems

  IBM has made a new open source AI toolbox that's designed to provide practical defenses for real-world AI systems based on how threat actors can attack AI models.

• April 18, 2018 18 Apr'18

  IBM's Cindy Compert cooks up a batch of GDPR preparation

  GDPR preparation, with practical tips and recipes, was on the menu at RSAC 2018, as IBM CTO Cindy Compert offered practical advice for compliance with the EU privacy regulation.

• April 17, 2018 17 Apr'18

  FedRAMP security requirements put a premium on automation

  Matt Goodrich, director for the Federal Risk and Authorization Management Program, detailed FedRAMP security requirements and automation at RSA's Cloud Security Alliance Summit.

• April 17, 2018 17 Apr'18

  RSAC keynote speakers push teamwork, incremental improvements

  The RSAC keynote speakers pushed a unified idea of collaboration across public and private sectors, improved teamwork and the value of incremental improvements in cybersecurity.

• April 17, 2018 17 Apr'18

  Device wars: Researchers track new IoT botnet DDoS attacks

  A variant of the Mirai IoT botnet is the suspected cause of distributed denial-of-service attacks on financial services companies earlier this year, according to Recorded Future.

• April 17, 2018 17 Apr'18

  Risk & Repeat: Breaking down the Verizon DBIR 2018

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss the '2018 Verizon Data Breach Investigations Report' and its findings about ransomware, phishing and more.

• April 17, 2018 17 Apr'18

  Microsoft's Brad Smith urges action on nation-state cyberthreats

  At RSA Conference 2018, Microsoft President Brad Smith warned of nation-state cyberattacks and called on governments and the private sector to do more to address them.

• April 17, 2018 17 Apr'18

  Fidelis rolls out new active deception approach to security

  Active deception is set to be an important part of cloud defense, as Fidelis Cybersecurity adds active decoys to protect cloud assets in the enterprise.