Sign up for our weekly newsletter!
News & Views
Content posted in March 2018
Page 1 / 2   >   >>
VPNs Are Still Leaking Your Personal Information
Larry Loeb  
3/30/2018   33 comments
While VPNs are supposed to allow for safe, anonymous browsing, it turns out that STUN servers on the backend can still leak personal information and your whereabouts. Here's how to minimize that.
GDPR, AI & a New Age of Consent for Enterprises
Joe Stanganelli  
3/30/2018   2 comments
Despite compliance worries under GDPR, obtaining necessary consent for AI and machine learning processing of personal data is far from impossible.
Atlanta, Baltimore Ransomware Attacks Show Government Agencies' Vulnerabilities
Dawn Kawamoto  
3/29/2018   3 comments
With ransomware attacks causing havoc in Atlanta and Baltimore, security experts said government agencies tend to fare worse in a cyber attack than Fortune 500 companies and private industry.
Bitcoin, Cryptocurrency Mining Find a Home in Higher Ed
News Analysis  
3/29/2018   6 comments
A report from security vendor Vectra finds that college students are using schools' free electricity and Internet access to mine Bitcoin and other cryptocurrencies.
WannaCry Ransomware Hits Boeing, but Company Claims It's Contained
News Analysis  
3/29/2018   11 comments
On Thursday, reports surfaced that a Boeing plant sustained a cyber attack that appeared related to the WannaCry ransomware virus, but the company claimed it did not affect production.
Researcher Finds etcd Servers Leak Passwords Like a Sieve
Larry Loeb  
3/28/2018   Post a comment
Security researchers find that etcd servers, an essential part of Kubernetes, as well as other database system, have been leaking passwords for a long time.
Why Privileged Account Management Is So Difficult for Enterprises
Simon Marshall  
3/28/2018   9 comments
A report from security firm Thycotic finds that enterprises struggle with protecting Privileged Account Management from outside attacks. However, there are better ways to protect data.
Healthcare Industry Underprepared for Cyber Attacks – Report
Simon Marshall  
3/27/2018   10 comments
A study from Merlin International finds that healthcare facilities and businesses are underprepared for cyber attacks, and that patient data remains at risk.
FCC Cites 'National Security' Concerns to Withhold Federal Contracts
News Analysis  
3/27/2018   Post a comment
FCC Chairman Ajit Pai is proposing new rules that will allow the commission to withhold federal contracts and other funds based on national security concerns. This is likely to involve several companies based in Russia and China.
Facebook Privacy Policy Is Under Investigation by FTC
Dawn Kawamoto  
3/27/2018   33 comments
Federal Trade Commission reveals it is conducting an open investigation into Facebook's privacy practices, as news reports surface about the social media giant collecting phone call and text message data on its users.
Cybercriminals Using Kubernetes, Docker to Bitcoin Mine
Larry Loeb  
3/26/2018   12 comments
Supposedly safe and secure Docker containers and the Kubernetes orchestration system can actually be manipulated to mine Bitcoin and other cryptocurrencies, researchers have found.
As Ransomware Declines, Atlanta Is Odd Man Out
Dawn Kawamoto  
3/26/2018   6 comments
Atlanta took a high-profile hit last week as cyber thieves launched a ransomware attack against the city, a move that comes as the IT industry sees a 70% drop in such attacks.
In Facebook Debacle, More Than Zuckerberg to Blame
Larry Loeb  
3/23/2018   19 comments
Facebook and CEO Mark Zuckerberg are rightly taking a lot of heat from the fallout over Cambridge Analytica and the firm's use of social media data. However, other businesses, as well as users, need to take some responsibility as well.
Cybersecurity AI: Addressing the 'Artificial' Talent Shortage
Joe Stanganelli  
3/23/2018   Post a comment
As AI becomes increasingly important to cybersecurity, industry's complaints on the talent shortages in both areas have become louder. However, is there really a lack of qualified experts?
Google Launches DDoS Protection, Cloud Security Controls & More
News Analysis  
3/22/2018   2 comments
Cloud Armor provides protection against Distributed Denial of Service (DDoS) attacks, and Google also provided improved controls for cloud security admins on both Google Cloud Platform and G Suite.
GDPR Compliance: Enterprises Have Two Options to Consider
News Analysis  
3/22/2018   2 comments
When it comes to preparing for GDPR, enterprises, as well as vendors, are relying on two different approaches. The first focuses on technology, while the second relies on internal processes and workflows.
Crypto Crumple: A New Method of Balancing Privacy & Security
Larry Loeb  
3/22/2018   3 comments
In a new paper released this week, two professors describe what they call the "crypto crumple zone," which looks to balance encryption and privacy with government's ability to investigate possible crimes.
ISF: Nation States, AI Will Upend Enterprise Security
News Analysis  
3/21/2018   Post a comment
In its annual look ahead at the changing security landscape, the Information Security Form finds that attacks by nation states against businesses, as well as how AI and machine learning are used, are the biggest challenges within enterprise security.
Oil & Gas Industry Face Significant Cybersecurity Threat – Study
Larry Loeb  
3/21/2018   Post a comment
A Ponemon survey finds a growing concern among cybersecurity professionals who work in the world's oil and gas industries.
How to Access the Voter Information Dirt Cambridge Analytica Has on You
Dawn Kawamoto  
3/20/2018   28 comments
UK-based Cambridge Analytica and its parent company are embroiled in controversy after amassing Facebook data on 270,000 users to influence election outcomes. Here's how to find out the dirt they have on you.
AI Is Stealing These IT Security Jobs – Now
Dawn Kawamoto  
3/20/2018   20 comments
Besides the current crop of jobs AI is stealing, other InfoSec roles are also potentially next unless professionals safeguard their careers by repositioning their skills, say IT security and careers experts.
IoT Use Complicates Security Landscape in Healthcare
Simon Marshall  
3/19/2018   49 comments
As billions of IoT devices are coming online, especially in healthcare, the security landscape is getting increasingly complicated, according to a report from Zingbox.
Fancy Bear Linked to DealersChoice Attacks in Europe
Larry Loeb  
3/19/2018   2 comments
Researchers at Palo Alto Networks believe the Russia-linked Fancy Bear group is behind a new exploit called DealersChoice that is targeting European governments and agencies.
Palo Alto Builds Automation, Compliance Muscle With $300M Buy
News Analysis  
3/16/2018   1 comment
Palo Alto Networks expects to seal the deal to buy the five-year-old security startup by April 30.
FBI & DHS Accuse Russia of Hacking Critical Infrastructure
News Analysis  
3/16/2018   1 comment
In a report from US-CERT, the FBI and DHS accuse Russia of trying to hack critical US infrastructure, including nuclear power plants, using an array of attacks. The report follows additional sanctions against the country.
Government Workers Believe Security Is Someone Else's Job
Larry Loeb  
3/16/2018   7 comments
A study from Dtex Systems finds a growing disconnect between government employees and the organizations that they work for over who is ultimately responsible for maintaining good security practices.
Google Chrome Enterprise Addresses Cloud Security
News Analysis  
3/15/2018   1 comment
Google is expanding its browser-based Chrome Enterprise offering with additional partnerships and enhancements that are geared toward businesses entrusting more data to the cloud.
AI: An Emerging Insider Threat?
Dawn Kawamoto  
3/15/2018   2 comments
As artificial intelligence increasingly gains a presence in the enterprise, concerns are already being raised of a new insider threat where AI will turn against its operators. How can security experts address this "frenemy"?
Former Equifax CIO Charged With Insider Trading
News Analysis  
3/15/2018   5 comments
The SEC and the Justice Department charged former Equifax CIO Jun Ying with insider trading for allegedly selling about $1 million in stock options before the company announced a massive data breach.
Equinix SmartKey Makes Encryption Easier
News Analysis  
3/14/2018   1 comment
New SaaS offering doesn't provide encryption but puts encryption keys safely where they are needed most in a multicloud environment.
AMD Chips Have Their Own Massive Hardware Security Flaws
Larry Loeb  
3/14/2018   3 comments
CTS-Labs issued a report this week that detailed 13 different vulnerabilities in AMD's Ryzen and EPYC processors that are as dangerous as the Spectre and Meltdown flaws that Intel has been trying to fix.
Fortnite Players Lob Shots at Epic Games Over Hacked Accounts
Dawn Kawamoto  
3/14/2018   Post a comment
A number of Fortnite players recently suffered a breach of their Epic Game accounts, costing them hundreds of dollars and leaving them frustrated when they could not immediately reach the company for a refund.
Kaspersky: Olympic Destroyer Creator Left 'False Flag' Clues
News Analysis  
3/13/2018   1 comment
The person or group behind the Olympic Destroyer attack that disrupted the opening ceremony of the 2018 Winter Games is hiding their tracks pretty well, according to a new analysis by Kaspersky Labs.
Intel, OEMs Push Out More Spectre Microcode Patches
News Analysis  
3/13/2018   1 comment
An updated Spectre patch list from Intel includes new microcode for its processors, including chips based on Ivy Bridge and Broadwell designs. OEMs such as Dell and Lenovo are also pushing out updates.
Trump Cites National Security to Kill Broadcom's Proposal for Qualcomm
News Analysis  
3/13/2018   2 comments
In an executive order released Monday, the Trump Administration cited national security concerns to block Broadcom's proposal to acquire Qualcomm.
McAfee: Cryptocurrency, Healthcare Attacks Increased in Late 2017
News Analysis  
3/12/2018   4 comments
A new look at the fourth quarter of 2017 by McAfee found that cybercriminals focused more of their attention on cryptocurrency, especially Bitcoin, as well as healthcare facilities.
DHS Has Some Serious Security Failures, Report Finds
Larry Loeb  
3/12/2018   4 comments
From running outdated versions of Windows, to not having effective backup, the US Department of Homeland Security has some serious security failings, according to a new report.
Increased IoT Use Causing Added Enterprise Security Concerns – Report
Larry Loeb  
3/9/2018   1 comment
A new study from Trustwave finds that 60% of enterprises are using IoT devices, but that these connected sensors have caused at least one security issue.
How 'Defense in Depth' Gets Data Protection Right
News Analysis  
3/9/2018   2 comments
Meeting the challenges of data protection requirements in today's increasingly connected, complex business environment demands alertness at all times. Here's how one energy company, Engie Insight, is meeting those challenges.
Arbor Networks: 1.7Tbit/s DDoS Attack Sets Record
News Analysis  
3/8/2018   3 comments
Arbor Networks detected and fought off a 1.7Tbit/s DDoS attack targeting a US-based service provider. The attack, which set new records, appeared to use Memcache as an enabler.
Kaspersky: 3 Mobile Malware Attacks Declined in 2017
Dawn Kawamoto  
3/8/2018   1 comment
Overall the number of attempted mobile malware attacks rose in 2017, but these three categories posted declines, according to a new report from Kaspersky Labs.
How Cryptocurrency Cyberthieves Target Your Mobile Device
Dawn Kawamoto  
3/7/2018   1 comment
Security researchers say it's unlikely the bad guys will mine for cryptocurrencies on your mobile device, but do expect them to try this other trick.
LTE Protocol Vulnerabilities Could Lead to ID Theft, Call Spoofing
Larry Loeb  
3/7/2018   6 comments
Researchers at Purdue and the University of Iowa find that LTE networks have some serious protocol flaws that could lead to a host of issues, including identity theft, call spoofing and the spread of false emergency reports.
Uber Faces Lawsuit in Pennsylvania Over 2016 Data Breach
News Analysis  
3/6/2018   3 comments
Pennsylvania's attorney general has filed a lawsuit against Uber, claiming that 13,500 residents had their personal information compromised and the company did not alert its customers.
Majority of Healthcare Companies Suffer a Data Breach
Dawn Kawamoto  
3/6/2018   32 comments
As healthcare organizations embrace new forms of digital technology, the percentage of these organizations that have reported a previous security breach is now at a record high, a new report finds.
Cisco Automates Security in 'Any Data Center & for Any Cloud'
News Analysis  
3/6/2018   2 comments
Cisco's updated Tetration analytics protects bare metal, virtualized and containerized workloads.
Icelandic Intrigue: Who Stole 600 Bitcoin Servers?
News Analysis  
3/5/2018   6 comments
Police in Iceland are investigating the physical theft of more than 600 servers used to mine Bitcoin and other cryptocurrencies, according to reports.
Intel's SGX Vulnerable to Spectre-Like Flaw
Larry Loeb  
3/5/2018   2 comments
Intel's SGX technology, which is used by several large cloud providers, is subject to its own Spectre-like vulnerability. However, this flaw seems much easier to fix.
Why 46% of Companies Keep Security Strategies Status Quo After an Attack
Dawn Kawamoto  
3/2/2018   11 comments
Nearly half of organizations surveyed say their security strategy remains unchanged following a cyberattack.
Cisco Security Report Finds Cloud-Based Attacks Increasing
Simon Marshall  
3/1/2018   5 comments
While enterprises are moving to the cloud to help cut costs and better secure data, attackers are also taking advantage of this shift to newer technologies and platforms.
Page 1 / 2   >   >>

Latest Articles
Palo Alto Network's Unit 42 has found the first cryptocurrency miner malware that spreads like a worm through the use of Docker containers.
Artificial intelligence (AI) is creating a new frontier in information security. Systems that independently learn, reason and act will increasingly replicate human behavior. Just like humans, they will be imperfect, but also capable of achieving great things.
Palo Alto Networks' Unit 42 researchers have discovered a new and previously undocumented Remote Access Tool (RAT).
Researcher finds Sophos firewalls can allow net-based RCE without authentication.
The rise of DevSecOps may be the reason that 70% of respondents to Radware's survey stated that the CISO was not the top influencer in deciding on security software policy.
Information Resources
upcoming Webinars
Top Tips for Blocking pwned [email protected]$$wOrds in Your Organization
Tuesday, October 29, 2019
12 p.m. New York/ 4:00 p.m. London
Podcast: Infrastructure Hunting – Stopping Bad Actors in Their Tracks
Being able to effectively build a threat intelligence ecosystem or threat-hunting identification response requires both user and systems sophistication and capabilities. Security, orchestration, automation and response (SOAR) is a new technology designed to provide organizations a single comprehensive platform they can use to implement an intelligence driven security strategy.
Podcast: Digital Transformation, SD-WAN & Optimal Security
Dan Reis chats to Cybera's Josh Flynn about how to achieve digital transformation without sacrificing security.
Podcast archive
Flash Poll
In a wide-ranging interview, Cisco security boss Gee Rittenhouse talks about how machine learning, AI, blockchain and other emerging technologies ...
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...
Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...
All Videos
Sponsored Video
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ...
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ...
This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video
All Videos
like us on facebook
Security Now
About Us     Contact Us     Help     Register     Events     Supporting Partners     Twitter     Facebook     RSS
Copyright © 2019 Light Reading, part of Informa Tech,
a division of Informa PLC. All rights reserved. Privacy Policy | Cookie Policy | Terms of Use
in partnership with