Tuesday, May 21, 2019

The current cybersecurity landscape of guerrilla warfare

A cybersecurity expert discuses breaches, data protection laws, and why he considers multi-factor authentication the beginning of security.

How has GDPR actually affected businesses?

The EU's General Data Protection Regulation is now a year old, and has resulted in financial repercussions and changes to how businesses handle data.

How to block hijacking attacks on your Google account

Bot and phishing attacks can compromise your G Suite account, but there is an easy way to block the majority of these attempts, according to Google.

The largest cybersecurity breaches of the past three years, and their effects on companies

There have been some major security breaches in recent years, according to a recent Bitglass report, and those breaches have cost companies billions of dollars along the way.

TechRepublic wins gold at the national 2019 Azbee awards

TechRepublic took home multiple awards at the national 2019 Azbee Awards of Excellence, including two gold awards and honorable mention for Website of the Year.

Slack vulnerability allows attackers to intercept, modify downloads

Improper handling of a custom URI created a vulnerability, now patched, for users of the Electron-based Slack Desktop client on Windows.

How IoT and blockchain could eliminate counterfeit goods across the supply chain

Businesses across industries lose money and reputation due to knock-off products and questionably sourced materials, but a solution may already exist, according to a Cisco and BCG report.

MDS vulnerabilities lead Chrome OS 74 to disable hyper-threading

Hyper-Threading, Intel's implementation of symmetric multithreading (SMT) can be exploited using the newly-disclosed MDS vulnerabilities, like Fallout and ZombieLoad.

Cheat sheet: How to become a cybersecurity pro

If you are interested in pursuing a career in cybersecurity and don't know where to start, here's your go-to guide to salaries, job markets, skills, and common interview questions in the field.

Spectre and Meltdown explained: A comprehensive guide for professionals

Staying up to date on Spectre and Meltdown can be challenging. This guide includes in-depth explanations about these uniquely dangerous security vulnerabilities and the best mitigation solutions.

Why MDS vulnerabilities present a threat as serious as Spectre and Meltdown

Microarchitectural Data Sampling are CPU side-channel vulnerabilities that allow attackers to view in-flight data from CPU-internal buffers. Learn more about MDS attacks in this comprehensive guide.

Tech news roundup: Microsoft Office 365, Facebook scandal, and AI adoption

This week's TechRepublic and ZDNet news stories include a security warning from Microsoft, a rundown of the Facebook privacy scandal, and a look at the highest paying internships for 2019.

How to create a secure website: 4 tips

A major gap exists between the perception and reality of online security safety, according to Google Registry and The Harris Poll.

71% of medical devices still run on Windows 7, Windows 2008, and Windows mobile

Medical IoT devices carry significant cybersecurity risks, according to a Forescout report.

Why cybersecurity pros want to share information to combat threats

Security professionals are willing to share intel with their peers and the government if such sharing improved their ability to detect cyber threats, according to an IronNet survey.
Bruce Schneier

How Technology and Politics Are Changing Spycraft

Interesting article about how traditional nation-based spycraft is changing. Basically, the Internet makes it increasingly possible to generate a good cover story; cell phone and other electronic surveillance techniques make tracking people easier; and machine learning will make all...

DDoS Attacks on the Rise After Long Period of Decline

DDoS Attacks on the Rise After Long Period of DeclineThe number of DDoS attacks increased by 84% in the first quarter of 2019 compared to Q4 2018, according to new research from Kaspersky Lab. The global cybersecurity company’s findings, detailed...

Awareness Training Firm KnowBe4 Acquires Awareness Measurement Firm CLTRe

Tampa Bay, FL-based security awareness and simulated phishing firm KnowBe4 has acquired Oslo, Norway-based security culture measurement company CLTRe for an undisclosed sum. read more

HawkEye Attack Wave Sends Stolen Data to Another Keylogger Provider

A recent attack wave involving HawkEye malware sends data stolen from its victims to another keylogger provider’s website. On 21 May, My Online Security came across a new sample of HawkEye. The actual delivery mechanism itself wasn’t unique compared...

Washington Issues Temporary License to Huawei

Washington Issues Temporary License to Huawei The US government has issued a temporary license to Huawei and its affiliates, allowing American companies to supply the telecoms and handset giant until August. Despite reports emerging over the weekend of various chipmakers...