Tuesday, January 28, 2020
The Security Ledger

Seven Years Later, Scores of EAS Systems sit Un-patched, Vulnerable

Two years after a false EAS alert about an incoming ICBM sowed terror in Hawaii, and seven years after security researchers warned about insecure, Internet connected Emergency Alert System (EAS) hardware, scores of the devices across the U.S. remain...
The Security Ledger

Opinion: The Perils and Promise of the Data Decade

We have entered the "Data Decade," says RSA Security CTO Dr. Zulfikar Ramzan. What does that mean? Here are three "Data Decade" trends that will reshape how we talk about, approach, and manage data. The post Opinion: The Perils...
The Security Ledger

IT Asset Disposition (ITAD) is the Slow Motion Data Breach Nobody notices

Efforts to wall off sensitive corporate and government data from foreign adversaries have a gaping hole: IT asset disposition (ITAD), where vendors - many owned by Chinese firms - process discarded hardware and data with little oversight. The post...
The Security Ledger

Episode 173: Iran’s Cyber Payback for Soleimani Killing may have a Long Fuse

As it weighs further response to the assassination of General Qasem Soleimani, Iran is almost certain to consider the use of cyber attacks. We talk with Levi Gundert at the firm Recorded Future about what cyber "payback" from Tehran...
The Security Ledger

Eliminate the Password, Eliminate the Password Problem.

Weak, stolen or reused passwords are the root of 8 in 10 data breaches. Fixing the data breach problem means abandoning passwords for something more secure. But what does passwordless authentication even look like? Yaser Masoudnia, the Senior Director...
The Security Ledger

Episode 172: Securing the Election Supply Chain

In this episode of the podcast (#172), Jennifer Bisceglie, the founder and CEO of Interos to talk about the links between America’s voting infrastructure and countries with a history of trying to subvert democracy. The post Episode 172: Securing...
The Security Ledger

Resolve to fix your Online Security Mess in 2020. Here’s how.

If you do nothing else in 2020, resolve to clean up the mess that is your online security. Your financial health could depend on it! We give you seven simple steps to level up your password and account security....
The Security Ledger

Spotlight Podcast: Building Resilience into the IoT with Rob Spiger

In this Spotlight edition of the Security Ledger Podcast, sponsored by Trusted Computing Group*: we're joined by Rob Spiger, a principal security strategist at Microsoft and co-chair of the cyber resilient technologies working group at Trusted Computing Group. Rob...
The Security Ledger

Spotlight Podcast: Beyond HIPAA – a Conversation with Nemours CPO Kevin Haynes

In this Spotlight edition of The Security Ledger podcast, sponsored by RSA Security, the Chief Privacy Officer at Nemours Healthcare, Kevin Haynes, joins us to talk about the fast evolving privacy demands on healthcare firms and how the Chief...
The Security Ledger

Study finds Chinese Hardware Powers U.S. Voting Machine

A new study by the firm Interos found that many hardware components in a popular touchscreen voting machine used in the U.S. originate in China or Russia. The post Study finds Chinese Hardware Powers U.S. Voting Machine appeared first on...
The Security Ledger

Episode 171: Stopping the 21st Century’s Plumbers – Defending Digital Campaigns from Hackers

In this week’s episode of the podcast (#171): as voters go to the polls in the UK and primaries loom here in the U.S., we sit down with Michael Kaiser, the CEO of a new group: Defending Digital Campaigns...
The Security Ledger

Passwordless? Imagining the Future of Authentication

The average employee in the workplace has 191 passwords. Will we ever rid ourselves of them and, if so, how? Gerald Beuchelt, the Chief Information Security Officer at LogMeIn talks about how changes in authentication may deliver a passwordless...
The Security Ledger

Episode 170: Cyber Monday is for Hackers

This Cyber Monday may have been the biggest yet - and not just for shoppers and online retailers. Hackers use the year's biggest online shopping day to cover their tracks. Brendon Macareg of Signal Sciences joins us to talk...
The Security Ledger

Episode 169: Ransomware comes to the Enterprise with PureLocker

In this episode of the podcast, sponsored by PureVPN, Michael Kajiloti of the firm Intezer Labs joins us to talk about the origins and makeup of PureLocker, a new family of ransomware designed to target production servers in the...
The Security Ledger

Spotlight Podcast: Two Decades On, Trusted Computing Group tackles IoT Insecurity

In this spotlight edition of the podcast, sponsored by Trusted Computing Group* Steve Hanna joins us to talk about TCG's 20th anniversary and how the group is tooling up to confront the challenge of securing billions of Internet of...
ZDNet

DEF CON China conference put on hold due to coronavirus outbreak

DEF CON team is hoping that the 2019-nCoV outbreak will improve and they can go on as planned, or reschedule.
The Register

Remember the Clipper chip? NSA’s botched backdoor-for-Feds from 1993 still influences today’s encryption debates

We'll laugh at today's mandated holes in the same way we laugh at those from 25 years ago Enigma  More than a quarter century after its introduction, the failed rollout of hardware deliberately backdoored by the NSA is still...

Average Ransomware Payments More Than Doubled in Q4 2019

Ransomware attackers collected an average of around $84,000 from victim organizations, up from $41,000 in Q3 of 2018, Coveware says.
The Security Ledger

Seven Years Later, Scores of EAS Systems sit Un-patched, Vulnerable

Two years after a false EAS alert about an incoming ICBM sowed terror in Hawaii, and seven years after security researchers warned about insecure, Internet connected Emergency Alert System (EAS) hardware, scores of the devices across the U.S. remain...

One Small Fix Would Curb Stingray Surveillance

The technology needed to limit stingrays is clear—but good luck getting telecoms on board.