Larry Loeb
Content posted in March 2018
VPNs Are Still Leaking Your Personal Information
Larry Loeb  
3/30/2018   33 comments
While VPNs are supposed to allow for safe, anonymous browsing, it turns out that STUN servers on the backend can still leak personal information and your whereabouts. Here's how to minimize that.
Researcher Finds etcd Servers Leak Passwords Like a Sieve
Larry Loeb  
3/28/2018   Post a comment
Security researchers find that etcd servers, an essential part of Kubernetes, as well as other database system, have been leaking passwords for a long time.
Cybercriminals Using Kubernetes, Docker to Bitcoin Mine
Larry Loeb  
3/26/2018   12 comments
Supposedly safe and secure Docker containers and the Kubernetes orchestration system can actually be manipulated to mine Bitcoin and other cryptocurrencies, researchers have found.
In Facebook Debacle, More Than Zuckerberg to Blame
Larry Loeb  
3/23/2018   19 comments
Facebook and CEO Mark Zuckerberg are rightly taking a lot of heat from the fallout over Cambridge Analytica and the firm's use of social media data. However, other businesses, as well as users, need to take some responsibility as well.
Crypto Crumple: A New Method of Balancing Privacy & Security
Larry Loeb  
3/22/2018   3 comments
In a new paper released this week, two professors describe what they call the "crypto crumple zone," which looks to balance encryption and privacy with government's ability to investigate possible crimes.
Oil & Gas Industry Face Significant Cybersecurity Threat – Study
Larry Loeb  
3/21/2018   Post a comment
A Ponemon survey finds a growing concern among cybersecurity professionals who work in the world's oil and gas industries.
Fancy Bear Linked to DealersChoice Attacks in Europe
Larry Loeb  
3/19/2018   2 comments
Researchers at Palo Alto Networks believe the Russia-linked Fancy Bear group is behind a new exploit called DealersChoice that is targeting European governments and agencies.
Government Workers Believe Security Is Someone Else's Job
Larry Loeb  
3/16/2018   7 comments
A study from Dtex Systems finds a growing disconnect between government employees and the organizations that they work for over who is ultimately responsible for maintaining good security practices.
AMD Chips Have Their Own Massive Hardware Security Flaws
Larry Loeb  
3/14/2018   3 comments
CTS-Labs issued a report this week that detailed 13 different vulnerabilities in AMD's Ryzen and EPYC processors that are as dangerous as the Spectre and Meltdown flaws that Intel has been trying to fix.
DHS Has Some Serious Security Failures, Report Finds
Larry Loeb  
3/12/2018   4 comments
From running outdated versions of Windows, to not having effective backup, the US Department of Homeland Security has some serious security failings, according to a new report.
Increased IoT Use Causing Added Enterprise Security Concerns – Report
Larry Loeb  
3/9/2018   1 comment
A new study from Trustwave finds that 60% of enterprises are using IoT devices, but that these connected sensors have caused at least one security issue.
LTE Protocol Vulnerabilities Could Lead to ID Theft, Call Spoofing
Larry Loeb  
3/7/2018   6 comments
Researchers at Purdue and the University of Iowa find that LTE networks have some serious protocol flaws that could lead to a host of issues, including identity theft, call spoofing and the spread of false emergency reports.
Intel's SGX Vulnerable to Spectre-Like Flaw
Larry Loeb  
3/5/2018   2 comments
Intel's SGX technology, which is used by several large cloud providers, is subject to its own Spectre-like vulnerability. However, this flaw seems much easier to fix.
Memcache Servers Being Used to Launch Massive DDoS Attacks
Larry Loeb  
3/1/2018   28 comments
Several reports over the last few days are finding that someone is using Memcache servers to launch massive DDoS attacks.




Latest Articles
Cisco's research has proven that beyond meeting compliance requirements, good privacy is good for business and individuals.
Once again, a novel 'speculative execution side-channel' attack has been discovered by researchers.
Security researchers have found that the implementation in Remote Desktop Gateway of string segmentation lays it open to memory corruption vulnerabilities.
In Q4 of 2019, the average ransom payment increased by 104% to $84,116, finds Coveware report.
DHS-CISA has issued a security advisory about GE Carescape medical instrumentation that enumerates many vulnerabilities present in them.
Information Resources
upcoming Webinars
ARCHIVED
Top Tips for Blocking pwned [email protected]$$wOrds in Your Organization
Tuesday, October 29, 2019
12 p.m. New York/ 4:00 p.m. London
Podcasts
Podcast: Infrastructure Hunting – Stopping Bad Actors in Their Tracks
Being able to effectively build a threat intelligence ecosystem or threat-hunting identification response requires both user and systems sophistication and capabilities. Security, orchestration, automation and response (SOAR) is a new technology designed to provide organizations a single comprehensive platform they can use to implement an intelligence driven security strategy.
Podcast: Digital Transformation, SD-WAN & Optimal Security
Dan Reis chats to Cybera's Josh Flynn about how to achieve digital transformation without sacrificing security.
Podcast archive
Flash Poll
Video
In a wide-ranging interview, Cisco security boss Gee Rittenhouse talks about how machine learning, AI, blockchain and other emerging technologies ...
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...
Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...
All Videos
Sponsored Video
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ...
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ...
This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video
All Videos
like us on facebook
Security Now
About Us     Contact Us     Help     Register     Events     Supporting Partners     Twitter     Facebook     RSS
Copyright © 2020 Light Reading, part of Informa Tech,
a division of Informa PLC. All rights reserved. Privacy Policy | Cookie Policy | Terms of Use
in partnership with