Content posted in March 2018
VPNs Are Still Leaking Your Personal Information
Larry Loeb  
3/30/2018   33 comments
While VPNs are supposed to allow for safe, anonymous browsing, it turns out that STUN servers on the backend can still leak personal information and your whereabouts. Here's how to minimize that.
GDPR, AI & a New Age of Consent for Enterprises
Joe Stanganelli  
3/30/2018   2 comments
Despite compliance worries under GDPR, obtaining necessary consent for AI and machine learning processing of personal data is far from impossible.
Atlanta, Baltimore Ransomware Attacks Show Government Agencies' Vulnerabilities
Dawn Kawamoto  
3/29/2018   3 comments
With ransomware attacks causing havoc in Atlanta and Baltimore, security experts said government agencies tend to fare worse in a cyber attack than Fortune 500 companies and private industry.
Researcher Finds etcd Servers Leak Passwords Like a Sieve
Larry Loeb  
3/28/2018   Post a comment
Security researchers find that etcd servers, an essential part of Kubernetes, as well as other database system, have been leaking passwords for a long time.
Why Privileged Account Management Is So Difficult for Enterprises
Simon Marshall  
3/28/2018   9 comments
A report from security firm Thycotic finds that enterprises struggle with protecting Privileged Account Management from outside attacks. However, there are better ways to protect data.
Healthcare Industry Underprepared for Cyber Attacks – Report
Simon Marshall  
3/27/2018   10 comments
A study from Merlin International finds that healthcare facilities and businesses are underprepared for cyber attacks, and that patient data remains at risk.
Facebook Privacy Policy Is Under Investigation by FTC
Dawn Kawamoto  
3/27/2018   33 comments
Federal Trade Commission reveals it is conducting an open investigation into Facebook's privacy practices, as news reports surface about the social media giant collecting phone call and text message data on its users.
Cybercriminals Using Kubernetes, Docker to Bitcoin Mine
Larry Loeb  
3/26/2018   12 comments
Supposedly safe and secure Docker containers and the Kubernetes orchestration system can actually be manipulated to mine Bitcoin and other cryptocurrencies, researchers have found.
As Ransomware Declines, Atlanta Is Odd Man Out
Dawn Kawamoto  
3/26/2018   6 comments
Atlanta took a high-profile hit last week as cyber thieves launched a ransomware attack against the city, a move that comes as the IT industry sees a 70% drop in such attacks.
In Facebook Debacle, More Than Zuckerberg to Blame
Larry Loeb  
3/23/2018   19 comments
Facebook and CEO Mark Zuckerberg are rightly taking a lot of heat from the fallout over Cambridge Analytica and the firm's use of social media data. However, other businesses, as well as users, need to take some responsibility as well.
Cybersecurity AI: Addressing the 'Artificial' Talent Shortage
Joe Stanganelli  
3/23/2018   Post a comment
As AI becomes increasingly important to cybersecurity, industry's complaints on the talent shortages in both areas have become louder. However, is there really a lack of qualified experts?
Crypto Crumple: A New Method of Balancing Privacy & Security
Larry Loeb  
3/22/2018   3 comments
In a new paper released this week, two professors describe what they call the "crypto crumple zone," which looks to balance encryption and privacy with government's ability to investigate possible crimes.
Oil & Gas Industry Face Significant Cybersecurity Threat – Study
Larry Loeb  
3/21/2018   Post a comment
A Ponemon survey finds a growing concern among cybersecurity professionals who work in the world's oil and gas industries.
How to Access the Voter Information Dirt Cambridge Analytica Has on You
Dawn Kawamoto  
3/20/2018   28 comments
UK-based Cambridge Analytica and its parent company are embroiled in controversy after amassing Facebook data on 270,000 users to influence election outcomes. Here's how to find out the dirt they have on you.
AI Is Stealing These IT Security Jobs – Now
Dawn Kawamoto  
3/20/2018   20 comments
Besides the current crop of jobs AI is stealing, other InfoSec roles are also potentially next unless professionals safeguard their careers by repositioning their skills, say IT security and careers experts.
IoT Use Complicates Security Landscape in Healthcare
Simon Marshall  
3/19/2018   49 comments
As billions of IoT devices are coming online, especially in healthcare, the security landscape is getting increasingly complicated, according to a report from Zingbox.
Fancy Bear Linked to DealersChoice Attacks in Europe
Larry Loeb  
3/19/2018   2 comments
Researchers at Palo Alto Networks believe the Russia-linked Fancy Bear group is behind a new exploit called DealersChoice that is targeting European governments and agencies.
Government Workers Believe Security Is Someone Else's Job
Larry Loeb  
3/16/2018   7 comments
A study from Dtex Systems finds a growing disconnect between government employees and the organizations that they work for over who is ultimately responsible for maintaining good security practices.
AI: An Emerging Insider Threat?
Dawn Kawamoto  
3/15/2018   2 comments
As artificial intelligence increasingly gains a presence in the enterprise, concerns are already being raised of a new insider threat where AI will turn against its operators. How can security experts address this "frenemy"?
AMD Chips Have Their Own Massive Hardware Security Flaws
Larry Loeb  
3/14/2018   3 comments
CTS-Labs issued a report this week that detailed 13 different vulnerabilities in AMD's Ryzen and EPYC processors that are as dangerous as the Spectre and Meltdown flaws that Intel has been trying to fix.
Fortnite Players Lob Shots at Epic Games Over Hacked Accounts
Dawn Kawamoto  
3/14/2018   Post a comment
A number of Fortnite players recently suffered a breach of their Epic Game accounts, costing them hundreds of dollars and leaving them frustrated when they could not immediately reach the company for a refund.
DHS Has Some Serious Security Failures, Report Finds
Larry Loeb  
3/12/2018   4 comments
From running outdated versions of Windows, to not having effective backup, the US Department of Homeland Security has some serious security failings, according to a new report.
Increased IoT Use Causing Added Enterprise Security Concerns – Report
Larry Loeb  
3/9/2018   1 comment
A new study from Trustwave finds that 60% of enterprises are using IoT devices, but that these connected sensors have caused at least one security issue.
Kaspersky: 3 Mobile Malware Attacks Declined in 2017
Dawn Kawamoto  
3/8/2018   1 comment
Overall the number of attempted mobile malware attacks rose in 2017, but these three categories posted declines, according to a new report from Kaspersky Labs.
How Cryptocurrency Cyberthieves Target Your Mobile Device
Dawn Kawamoto  
3/7/2018   1 comment
Security researchers say it's unlikely the bad guys will mine for cryptocurrencies on your mobile device, but do expect them to try this other trick.
LTE Protocol Vulnerabilities Could Lead to ID Theft, Call Spoofing
Larry Loeb  
3/7/2018   6 comments
Researchers at Purdue and the University of Iowa find that LTE networks have some serious protocol flaws that could lead to a host of issues, including identity theft, call spoofing and the spread of false emergency reports.
Majority of Healthcare Companies Suffer a Data Breach
Dawn Kawamoto  
3/6/2018   32 comments
As healthcare organizations embrace new forms of digital technology, the percentage of these organizations that have reported a previous security breach is now at a record high, a new report finds.
Intel's SGX Vulnerable to Spectre-Like Flaw
Larry Loeb  
3/5/2018   2 comments
Intel's SGX technology, which is used by several large cloud providers, is subject to its own Spectre-like vulnerability. However, this flaw seems much easier to fix.
Why 46% of Companies Keep Security Strategies Status Quo After an Attack
Dawn Kawamoto  
3/2/2018   11 comments
Nearly half of organizations surveyed say their security strategy remains unchanged following a cyberattack.
Cisco Security Report Finds Cloud-Based Attacks Increasing
Simon Marshall  
3/1/2018   5 comments
While enterprises are moving to the cloud to help cut costs and better secure data, attackers are also taking advantage of this shift to newer technologies and platforms.
Memcache Servers Being Used to Launch Massive DDoS Attacks
Larry Loeb  
3/1/2018   28 comments
Several reports over the last few days are finding that someone is using Memcache servers to launch massive DDoS attacks.

Latest Articles
Cisco's research has proven that beyond meeting compliance requirements, good privacy is good for business and individuals.
Once again, a novel 'speculative execution side-channel' attack has been discovered by researchers.
Security researchers have found that the implementation in Remote Desktop Gateway of string segmentation lays it open to memory corruption vulnerabilities.
In Q4 of 2019, the average ransom payment increased by 104% to $84,116, finds Coveware report.
DHS-CISA has issued a security advisory about GE Carescape medical instrumentation that enumerates many vulnerabilities present in them.
Information Resources
upcoming Webinars
Top Tips for Blocking pwned [email protected]$$wOrds in Your Organization
Tuesday, October 29, 2019
12 p.m. New York/ 4:00 p.m. London
Podcast: Infrastructure Hunting – Stopping Bad Actors in Their Tracks
Being able to effectively build a threat intelligence ecosystem or threat-hunting identification response requires both user and systems sophistication and capabilities. Security, orchestration, automation and response (SOAR) is a new technology designed to provide organizations a single comprehensive platform they can use to implement an intelligence driven security strategy.
Podcast: Digital Transformation, SD-WAN & Optimal Security
Dan Reis chats to Cybera's Josh Flynn about how to achieve digital transformation without sacrificing security.
Podcast archive
Flash Poll
In a wide-ranging interview, Cisco security boss Gee Rittenhouse talks about how machine learning, AI, blockchain and other emerging technologies ...
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...
Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...
All Videos
Sponsored Video
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ...
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ...
This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video
All Videos
like us on facebook
Security Now
About Us     Contact Us     Help     Register     Events     Supporting Partners     Twitter     Facebook     RSS
Copyright © 2020 Light Reading, part of Informa Tech,
a division of Informa PLC. All rights reserved. Privacy Policy | Cookie Policy | Terms of Use
in partnership with