Computer Security Tip of the Day
October 30th
When hosting a video conference, make sure you password protect the conference so only authorized individuals can join. If there are any strangers or people who you do not recongize on the call, remove them.
Bruce Schneier on Security
October 31st
Interview with Mike Vecchione, Curator of Cephalopoda — now that’s a job title — at the Smithsonian Museum of National History. One reason they’re so interesting is they are intelligent invertebrates. Almost everything that we thin…
October 31st
Sunoo Park and Kendra Albert have published “A Researcher’s Guide to Some Legal Risks of Security Research.” From a summary: Such risk extends beyond anti-hacking laws, implicating copyright law and anti-circumvention provisions (DMCA &s…
October 30th
A security researcher discovered a wulnerability in Waze that breaks the anonymity of users: I found out that I can visit Waze from any web browser at waze.com/livemap so I decided to check how are those driver icons implemented. What I found is that I ca…
October 29th
Senator Ron Wyden asked, and the NSA didn’t answer: The NSA has long sought agreements with technology companies under which they would build special access for the spy agency into their products, according to disclosures by former NSA contractor Ed…
October 27th
Slate magazine was able to cleverly read the Ghislaine Maxwell deposition and reverse-engineer many of the redacted names. We’ve long known that redacting is hard in the modern age, but most of the failures to date have been a result of not realizin…
Dark Reading Security News
October 27th
Typically, blocklists are used to prevent users from picking easily guessable patterns, but a small neural network can do the same job and suggests that complex password requirements are not necessary.
October 24th
Ethical use will require some combination of consistent reporting, regulation, corporate responsibility, and adversarial technology.
October 23rd
But that's not the only type of web attack cybercriminals have been profiting from.
October 22nd
Dangerous gray areas like new BYOD policies and shadow IT devices have increased, thanks to the rapid shift to remote working.
October 22nd
Attacks involving an unmanaged device and no malware expose gaps in cybersecurity that must be addressed.
New Security Threats
October 31st
Cyber-researchers weigh in on what concerns them the most as the U.S. heads into the final weekend before the presidential election -- and they also highlight the positives.
October 31st
In all, WordPress patched 10 security bugs as part of the release of version 5.5.2 of its web publishing software.
October 31st
The DoNot APT threat group is leveraging the legitimate Google Firebase Cloud Messaging server as a command-and-control (C2) communication mechanism.
October 31st
Scammers bilked Wisconsin Republicans out of $2.3 million in a basic BEC scam — and anyone working on the upcoming election needs to pay attention.   
October 31st
Threatpost breaks down the scariest stories of the week ended Oct. 30 haunting the security industry -- including bugs that just won't die.