Computer Security Tip of the Day
April 18th
The number one step for protecting your mobile device is making sure it has a strong screenlock on it so only you can access it.
Bruce Schneier on Security
April 18th
DNS hijacking isn't new, but this seems to be an attack of uprecidented scale: Researchers at Cisco's Talos security division on Wednesday revealed that a hacker group it's calling Sea Turtle carried out a broad campaign of espionage via DNS hijacking, hi…
April 17th
Presidential candidate John Delaney has announced a plan to create a Department of Cybersecurity. I have long been in favor of a new federal agency to deal with Internet -- and especially Internet of Things -- security. The devil is in the details, of cou…
April 16th
FireEye is releasing much more information about the Triton malware that attacks critical infrastructure. It has been discovered in more places. This is also a good -- but older -- article on Triton. We don't know who wrote it. Initial speculation was Ira…
April 16th
Researchers have found several vulnerabilities in the WPA3 Wi-Fi security protocol: The design flaws we discovered can be divided in two categories. The first category consists of downgrade attacks against WPA3-capable devices, and the second category con…
April 15th
Supply chain security is an insurmountably hard problem. The recent focus is on Chinese 5G equipment, but the problem is much broader. This opinion piece looks at undersea communications cables: But now the Chinese conglomerate Huawei Technologies, the le…
Dark Reading Security News
April 12th
Prioritizing key log sources goes a long way toward effective incident response.
April 9th
Using e-mail addresses and passwords from compromised sites, attackers most often targeted retail sites, video-streaming services, and entertainment companies, according to Akamai.
March 21st
Stronger encryption standards are improving the privacy of data in motion, but enterprises will need to adapt their security architectures to maintain visibility into network traffic.
March 20th
Cybercriminals focus on collecting credentials, blackmailing users with fake sextortion scams, and convincing privileged employees to transfer cash. The latter still causes the most damage, and some signs suggest it is moving to mobile.
March 9th
Card-present fraud is down, but attackers continue to find new strategies, and consumers are paying the price.
New Security Threats
April 19th
The U.S-focused eGobbler malvertising attacks are exploiting an unpatched Google Chrome bug.
April 18th
The flaw could enable an unauthenticated, remote attacker to access the devices, Cisco said.
April 18th
The ubiquitous nature of the flaw opens the door for rapidly spreading, crippling cyberattacks.
April 18th
After a report revealed that Facebook used user data to leverage its relationships with other companies, researchers are stressing that both firms and users need to re-assess data privacy.
April 18th
An ongoing campaign, active since 2017, has been stealing credentials via global DNS hijacking attacks.