Seven Years Later, Scores of EAS Systems sit Un-patched, Vulnerable
Two years after a false EAS alert about an incoming ICBM sowed terror in Hawaii, and seven years after security researchers warned about insecure, Internet connected Emergency Alert System (EAS) hardware, scores of the devices across the U.S. remain...
Opinion: The Perils and Promise of the Data Decade
We have entered the "Data Decade," says RSA Security CTO Dr. Zulfikar Ramzan. What does that mean? Here are three "Data Decade" trends that will reshape how we talk about, approach, and manage data.
The post Opinion: The Perils...
IT Asset Disposition (ITAD) is the Slow Motion Data Breach Nobody notices
Efforts to wall off sensitive corporate and government data from foreign adversaries have a gaping hole: IT asset disposition (ITAD), where vendors - many owned by Chinese firms - process discarded hardware and data with little oversight.
The post...
Episode 173: Iran’s Cyber Payback for Soleimani Killing may have a Long Fuse
As it weighs further response to the assassination of General Qasem Soleimani, Iran is almost certain to consider the use of cyber attacks. We talk with Levi Gundert at the firm Recorded Future about what cyber "payback" from Tehran...
Eliminate the Password, Eliminate the Password Problem.
Weak, stolen or reused passwords are the root of 8 in 10 data breaches. Fixing the data breach problem means abandoning passwords for something more secure. But what does passwordless authentication even look like? Yaser Masoudnia, the Senior Director...
Episode 172: Securing the Election Supply Chain
In this episode of the podcast (#172), Jennifer Bisceglie, the founder and CEO of Interos to talk about the links between America’s voting infrastructure and countries with a history of trying to subvert democracy.
The post Episode 172: Securing...
Resolve to fix your Online Security Mess in 2020. Here’s how.
If you do nothing else in 2020, resolve to clean up the mess that is your online security. Your financial health could depend on it! We give you seven simple steps to level up your password and account security....
Spotlight Podcast: Building Resilience into the IoT with Rob Spiger
In this Spotlight edition of the Security Ledger Podcast, sponsored by Trusted Computing Group*: we're joined by Rob Spiger, a principal security strategist at Microsoft and co-chair of the cyber resilient technologies working group at Trusted Computing Group. Rob...
Spotlight Podcast: Beyond HIPAA – a Conversation with Nemours CPO Kevin Haynes
In this Spotlight edition of The Security Ledger podcast, sponsored by RSA Security, the Chief Privacy Officer at Nemours Healthcare, Kevin Haynes, joins us to talk about the fast evolving privacy demands on healthcare firms and how the Chief...
Study finds Chinese Hardware Powers U.S. Voting Machine
A new study by the firm Interos found that many hardware components in a popular touchscreen voting machine used in the U.S. originate in China or Russia.
The post Study finds Chinese Hardware Powers U.S. Voting Machine appeared first on...
Episode 171: Stopping the 21st Century’s Plumbers – Defending Digital Campaigns from Hackers
In this week’s episode of the podcast (#171): as voters go to the polls in the UK and primaries loom here in the U.S., we sit down with Michael Kaiser, the CEO of a new group: Defending Digital Campaigns...
Passwordless? Imagining the Future of Authentication
The average employee in the workplace has 191 passwords. Will we ever rid ourselves of them and, if so, how? Gerald Beuchelt, the Chief Information Security Officer at LogMeIn talks about how changes in authentication may deliver a passwordless...
Episode 170: Cyber Monday is for Hackers
This Cyber Monday may have been the biggest yet - and not just for shoppers and online retailers. Hackers use the year's biggest online shopping day to cover their tracks. Brendon Macareg of Signal Sciences joins us to talk...
Episode 169: Ransomware comes to the Enterprise with PureLocker
In this episode of the podcast, sponsored by PureVPN, Michael Kajiloti of the firm Intezer Labs joins us to talk about the origins and makeup of PureLocker, a new family of ransomware designed to target production servers in the...
Spotlight Podcast: Two Decades On, Trusted Computing Group tackles IoT Insecurity
In this spotlight edition of the podcast, sponsored by Trusted Computing Group* Steve Hanna joins us to talk about TCG's 20th anniversary and how the group is tooling up to confront the challenge of securing billions of Internet of...
DEF CON China conference put on hold due to coronavirus outbreak
DEF CON team is hoping that the 2019-nCoV outbreak will improve and they can go on as planned, or reschedule.
Remember the Clipper chip? NSA’s botched backdoor-for-Feds from 1993 still influences today’s encryption debates
We'll laugh at today's mandated holes in the same way we laugh at those from 25 years ago Enigma More than a quarter century after its introduction, the failed rollout of hardware deliberately backdoored by the NSA is still...
Average Ransomware Payments More Than Doubled in Q4 2019
Ransomware attackers collected an average of around $84,000 from victim organizations, up from $41,000 in Q3 of 2018, Coveware says.
Seven Years Later, Scores of EAS Systems sit Un-patched, Vulnerable
Two years after a false EAS alert about an incoming ICBM sowed terror in Hawaii, and seven years after security researchers warned about insecure, Internet connected Emergency Alert System (EAS) hardware, scores of the devices across the U.S. remain...
One Small Fix Would Curb Stingray Surveillance
The technology needed to limit stingrays is clear—but good luck getting telecoms on board.
