News
News
- September 05, 2018
05 Sep'18
Five Eyes wants to weaken encryption, or legislation may be needed
Five Eyes -- the government intelligence alliance between Australia, Canada, New Zealand, the U.K. and the U.S. -- vows not to weaken encryption, while pushing for encryption backdoors.
- August 31, 2018
31 Aug'18
Another patched Apache Struts vulnerability exploited
News roundup: A new Apache Struts vulnerability was exploited in the wild mere days after it was patched. Plus, Facebook removes app over privacy concerns and more.
- August 30, 2018
30 Aug'18
Risk & Repeat: Are the Meltdown and Spectre flaws overhyped?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss whether or not Meltdown and Spectre deserved to be nominated for the Pwnie Awards' Most Overhyped Bug.
-
- August 30, 2018
30 Aug'18
Congress wants CVE program changes from DHS and MITRE
In a letter to DHS and MITRE, Congress said CVE program management has been 'insufficient' and called for the program to receive more consistent funding and additional oversight.
- August 29, 2018
29 Aug'18
Windows 10 zero-day disclosed on Twitter, no fix in sight
Security researcher SandboxEscaper released proof-of-concept code for a Windows 10 zero-day on Twitter, but Microsoft has no details for a potential patch.
- August 28, 2018
28 Aug'18
Fortnite vulnerability on Android causes disclosure tension
Epic Games patched a Fortnite vulnerability in its Android installer, but Google's disclosure policy comes under fire once again as Epic Games' founder called the disclosure 'irresponsible.'
- August 24, 2018
24 Aug'18
NSA leaker Reality Winner sentenced to five years in jail
NSA leaker Reality Winner sentenced to 63 months in prison for releasing classified documents detailing an attack by the Russian military against U.S. election systems.
- August 24, 2018
24 Aug'18
Hundreds of Facebook accounts deleted for spreading misinformation
News roundup: Social media platforms shut down accounts spreading misinformation. The Facebook accounts deleted were tied to Iran, Russia. Plus, Ryuk ransomware spreads, and more.
- August 23, 2018
23 Aug'18
AI bias and data stewardship are the next ethical concerns for infosec
AI bias and the need for data stewardship to prevent issues surrounding the trend of hoarding data are the next big ethical concerns for infosec, according to Laura Norén.
- August 23, 2018
23 Aug'18
Laura Noren advocates data science ethics for employee info
Expert Laura Norén believes companies should be held to standards of data science ethics both when it comes to customer data and also for the data collected about employees.
-
- August 23, 2018
23 Aug'18
Risk & Repeat: Meltdown and Spectre disclosure in review
In this week's Risk & Repeat podcast, SearchSecurity editors discuss new insights -- and questions -- regarding the coordinated disclosure effort for Meltdown and Spectre.
- August 17, 2018
17 Aug'18
DHS cybersecurity rhetoric offers contradictions at DEF CON
The Vote Hacking Village at Defcon 26 in Las Vegas was an overwhelming jumble of activity -- a mock vote manipulated, children hacking election results websites, machines being disassembled -- and ...
- August 17, 2018
17 Aug'18
Intel disclosed Spectre-like L1TF vulnerabilities
News roundup: Intel disclosed L1TF vulnerabilities with similarities to Spectre, but with a focus on data. Plus, the NIST Small Business Cybersecurity Act is now a law, and more.
- August 17, 2018
17 Aug'18
ICS security fails the Black Hat test
Industrial control systems hit the mainstream at Black Hat this year, with over two dozen program sessions tackling different angles of the subject. The takeaway: Vendors still aren't really trying.
- August 16, 2018
16 Aug'18
Finalized TLS 1.3 update has been published at last
The finalized TLS 1.3 update has been published after a four-year process. The new protocol promises to be faster and more secure than its predecessor, TLS 1.2.