Sign up for our weekly newsletter!
REGISTER NOW
Blogs
Content posted in June 2019
MSFT Realizes That Some Things Need to Be Changed
Larry Loeb  
6/28/2019   Post a comment
There are lots of directions in which various people think the field of 'identity' is heading. While some of these directions get accepted over a time period (like Zero Trust), someone always gets stuck with having to make the tools that enable a direction's implementation to occur.
Wipro Breach Actually a Whole Campaign
Larry Loeb  
6/27/2019   Post a comment
India's third-largest IT outsourcing company, Wipro, was been breached and boarded, and getting to the bottom of the mess wasn't easy.
Zero Trust Doesn't Trust You at All
Larry Loeb  
6/27/2019   Post a comment
Enterprise security practitioners who deal with identity day in and day out come together to find out the current status of the field.
Best Defense: 5 Key Trends in Application Security
Ameya Talwalkar  
6/26/2019   Post a comment
What application security must address to stay ahead of the attackers.
Developers Find Temporary Fix for OpenSSH Remote Access Software Vulnerability
Larry Loeb  
6/26/2019   Post a comment
The latest update from the OpenSSH developers encrypts private keys before storing them into the system memory, which will protect the keys against almost all types of side-channel attacks.
Millions of Dell PCs at Risk Due to Software Flaw
Larry Loeb  
6/24/2019   Post a comment
SafeBreach found that one library of software which was used to construct Dell's SupportAssist can be tricked into loading DLL files that it really shouldn't.
The Cracking of RSA-2048 Encryption Will Come Sooner Than Had Been Thought
Larry Loeb  
6/21/2019   Post a comment
Advances in both QC and QC methods will see to that.
Defense Discovered for Defending Against BGP Hijacking & Off-Path DNS Attacks
Larry Loeb  
6/20/2019   Post a comment
Certificate Authorities are continually getting requests from threat actors who want certificates that they aren't entitled to so that their criminal schemes may be furthered.
New 'IPStorm' Malware Uses Peer-to-Peer Network for Communication
Larry Loeb  
6/19/2019   Post a comment
It's a whole new headache for the security team.
XENOTIME Threat Actor Laying the Groundwork to Disrupt Utilities
Larry Loeb  
6/17/2019   Post a comment
Malware targets Schneider Electric's Triconex safety instrumented system.
Are US & UK Firms Keeping Up With 'Best Practice' Password Management?
Larry Loeb  
6/14/2019   Post a comment
Companies think that they are much safer than their actual password practices would suggest.
Preempt Shows How to Sidestep EPA Authentication
Larry Loeb  
6/13/2019   Post a comment
Security firm Preempt issued an advisory that showed how to conceptually bypass the Enhanced Protection for Authentication that prevents attackers from performing a relay of NT Lan Manager messages to top-level security sessions.
Are Consumers Afraid of Biometrics for E-Commerce?
Larry Loeb  
6/12/2019   Post a comment
Researchers found that 81% of consumers still favor passwords for making payments online due to concerns about the security of new biometric options.
Researchers Discover Way to Hack Hardware Security Module, Gain Access to Cryptographic Keys
Larry Loeb  
6/11/2019   Post a comment
Everyone be cool, this is one heckuva robbery!
Digital Vigilantes Weaponize Vulnerability Disclosure
Steve Durbin  
6/11/2019   Post a comment
Over the next two years, vulnerability disclosure will evolve from a predominantly altruistic endeavor to one that actively damages organizations.
NSA Stresses Real Danger in BlueKeep Exploit
Larry Loeb  
6/10/2019   Post a comment
Botnets have been scanning for RDP servers and are using weak and reused passwords to gain access to them.
Study Finds Most Popular iOS Apps Are Not Encrypting Data
Larry Loeb  
6/7/2019   1 comment
Wandera found that two-thirds (67.8%) of apps still disable Apple Transport Security (ATS) globally and don't set any granular exceptions for specific functions.
Researchers Seek 'Best' Vulnerability Remediation Strategy
Larry Loeb  
6/6/2019   Post a comment
Having to find the sweet spot between two competing forces is a delicate balancing act.
Mobile Phone Motion Sensors Found to Leak Tracking Data
Larry Loeb  
6/5/2019   Post a comment
A user's information can be accessed by an attacker in many ways, not just from a device's system software.
Windows Remote Code Execution Vulnerability Requires More Than Just Patching
Larry Loeb  
6/4/2019   Post a comment
But nobody said it was going to be easy...
Researchers Find Open Database at Pyramid Hotel Group With PII Data & Physical Access Keys
Larry Loeb  
6/3/2019   Post a comment
Publicly accessible data includes information regarding Pyramid's operating systems, security policies, internal networks and application logs.




Latest Articles
But to prepare for something usually means you have an idea about what you are preparing for, no?
An emerging and increasingly sophisticated threat campaign is employing obscure file formats.
Being able to effectively build a threat intelligence ecosystem or threat-hunting identification response requires both user and systems sophistication and capabilities. Security, orchestration, automation and response (SOAR) is a new technology designed to provide organizations a single comprehensive platform they can use to implement an intelligence driven security strategy.
Dan Reis chats to Cybera's Josh Flynn about how to achieve digital transformation without sacrificing security.
An IoT device carries with it the implicit threat of being used for nefarious purposes if it has not been created with security foremost in mind.
Flash Poll
Video
In a wide-ranging interview, Cisco security boss Gee Rittenhouse talks about how machine learning, AI, blockchain and other emerging technologies ...
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...
Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...
All Videos
Sponsored Video
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ...
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ...
This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video
All Videos
Radio Shows
like us on facebook
Security Now
About Us     Contact Us     Help     Register     Events     Supporting Partners     Twitter     Facebook     RSS
Copyright © 2019 Light Reading, part of Informa Tech,
a division of Informa PLC. All rights reserved. Privacy Policy | Cookie Policy | Terms of Use
in partnership with