News
News
- April 20, 2018
20 Apr'18
Government hacking tactics questioned at OURSA
The ACLU's Jennifer Granick took government hacking to task at the OURSA Conference this week, calling out mass surveillance techniques and the limited scope of search warrants.
- April 20, 2018
20 Apr'18
Keeper Security forms vulnerability disclosure program with Bugcrowd
Following its controversial lawsuit against an Ars Technica security reporter, Keeper Security has teamed with Bugcrowd on a formal vulnerability disclosure program.
- April 20, 2018
20 Apr'18
Another misconfigured Amazon S3 bucket exposes 48M records
News roundup: A misconfigured Amazon S3 bucket led to the exposure of 48 million records collected by a private data analytics firm. Plus, PCI SSC updated its cloud guidelines, and more.
-
- April 20, 2018
20 Apr'18
Experts describe how hacking back can be done right
A panel of experts at the RSA Conference all expressed support for the idea of hacking back against threat actors, but each offered caveats in hopes of minimizing collateral damage.
- April 19, 2018
19 Apr'18
CrowdStrike unveils Meltdown exploit in unusual fashion
At RSA Conference 2018, CrowdStrike demonstrated a new Meltdown exploit that can harvest sensitive data such as passwords even on systems that are patched.
- April 19, 2018
19 Apr'18
Moussouris: Bug bounty programs need to avoid jumping the shark
Bug bounty programs may seem to offer salvation at a bargain price for securing networks and systems, but Katie Moussouris offers tips for avoiding major pitfalls.
- April 19, 2018
19 Apr'18
Schneier talks cyber regulations, slams U.S. lawmakers
Speaking at RSA Conference 2018, Bruce Schneier slammed U.S. lawmakers and Facebook in discussions on internet security regulations and technology policy.
- April 19, 2018
19 Apr'18
Passive DNS techniques can reduce DNS abuse
Presenting at RSAC 2018, Farsight Security's Merike Kaeo explains how defenders can adopt passive techniques to reduce DNS abuse and stop attacks before they happen.
- April 18, 2018
18 Apr'18
Paul Kocher weighs in on Spectre flaws, vulnerability disclosure
At RSA Conference 2018, Paul Kocher, who co-discovered the Spectre flaws, discussed the chip vulnerabilities and explained why disclosure and mitigation efforts were so troubled.
- April 18, 2018
18 Apr'18
IBM's new AI toolbox is designed to protect AI systems
IBM has made a new open source AI toolbox that's designed to provide practical defenses for real-world AI systems based on how threat actors can attack AI models.
-
- April 18, 2018
18 Apr'18
IBM's Cindy Compert cooks up a batch of GDPR preparation
GDPR preparation, with practical tips and recipes, was on the menu at RSAC 2018, as IBM CTO Cindy Compert offered practical advice for compliance with the EU privacy regulation.
- April 17, 2018
17 Apr'18
FedRAMP security requirements put a premium on automation
Matt Goodrich, director for the Federal Risk and Authorization Management Program, detailed FedRAMP security requirements and automation at RSA's Cloud Security Alliance Summit.
- April 17, 2018
17 Apr'18
RSAC keynote speakers push teamwork, incremental improvements
The RSAC keynote speakers pushed a unified idea of collaboration across public and private sectors, improved teamwork and the value of incremental improvements in cybersecurity.
- April 17, 2018
17 Apr'18
Device wars: Researchers track new IoT botnet DDoS attacks
A variant of the Mirai IoT botnet is the suspected cause of distributed denial-of-service attacks on financial services companies earlier this year, according to Recorded Future.
- April 17, 2018
17 Apr'18
Risk & Repeat: Breaking down the Verizon DBIR 2018
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the '2018 Verizon Data Breach Investigations Report' and its findings about ransomware, phishing and more.