Explainer Series: What is Clickjacking?
Here we go, another online trap ready to ensnare unsuspecting well, until now anyway users. As if Phishing , Cryptojacking, credential stuffing and old school scamming wasn’t enough, folks really just...
View ArticleClik here to view.
Datalog Educational System
DES 6.1 released. May 2018 Web site last update: May 24, 2018 The Datalog Educational System (DES) is a deductive database system with Datalog , SQL , Relational Algebra (RA), Tuple Relational Calculus...
View ArticleWe survived a DDoS attack that peaked at 250k requests-per-second. It cost us...
With the surge in interest in cryptocurrencies, the door has been opened for bad actors trying to crack blockchain-related businesses. The industry has been among the fifth most attacked by DDoS since...
View ArticleClik here to view.
Confidential Computing with Asylo
In this post, we look at yet another tool in Google’s massive open source trove: Asylo . The word Asylo translates to shelter, asylum, or sanctuary in Greek. Security is exactly what Asylo is...
View ArticleHuawei requests FTC hearing to fight U.S. national security ban
Banned by theUnited States andAustralian governments with a similar lockout looming inSouth Korea, embattled Chinese 5G hardware maker Huawei has asked the U.S. Federal Trade Commission (FTC) for a...
View ArticleClik here to view.
Why Security Needs a Software-Defined Perimeter
Most security teams today still don't know whether a user at the end of a remote connection is a hacker, spy, fraudster -- or even a dog. An SDP can change that. In 1993, Peter Steiner published a now...
View ArticleNest’s security system has had partial outages all day
Nest’s security system has been having troubles all morning. The system’s control unit ― the Nest Guard ― has appeared offline since around 4AM ET. While offline, homeowners haven’t been able to...
View ArticleClik here to view.
CyberMDX Research Team Discovers Two Major Medical Device Vulnerabilities
Becton Dickinson’s Alaris TIVA Syringe Pump & Qualcomm’s Capsule Datacaptor Terminal Server Show Vulnerabilities to Detrimental Hacks, Disclosed by ICS-CERT NEW YORK (BUSINESS WIRE) CyberMDX , a...
View ArticleBrandPost: Why Security and DevOps Desperately Need Couples Counseling
“Nobody thinks security is their friend,” laughed Brad Senetza , security assurance architect, Oracle in an on-camera interview at the 2018 Black Hat Conference in Las Vegas. While at the conference I...
View ArticleVery Good Security raises $8.5 million to handle companies' sensitive data
Companies today have to navigate a security and compliance maze to make sure that they’re storing customer data safely and not running afoul of any regulations. San Francisco startup Very Good Security...
View ArticleFree Cybersecurity Services Offer a First Step to Securing US Elections
Some key security vendors - including Microsoft, Google, Cloudflare - are offering pro bono services and tools for election jurisdictions and campaigns this election season. But will it help? It's too...
View ArticleClik here to view.
A test hack, don’t let Ghostscript haunt you, and a helpful hacker
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. Not a real hack, but maybe a test hack,...
View ArticleClik here to view.
Security tokens will be coming soon to an exchange near you
While cryptocurrencies have generated the lion’s share of investment and attention to date, I’m more excited about the potential for another blockchain-based digital asset: security tokens. Security...
View ArticleClik here to view.
An Introduction to AWS Cloud Security
Amazon Web Services (AWS) isn’t the novelty it was a decade ago. Resource-intensive, computer-heavy work today flows upward from giant enterprises 24/7 to the nebulous cloud where its processed by...
View ArticleASX100 lags on implementing protection against email spoofing
Just seven of the companies that are part of the ASX100 are fully compliant with DMARC, even though this is one of the more effective ways of avoiding email and domain fraud, the email security firm...
View Article2018年国家网络安全宣传周9月17日至23日举办
人民网北京8月29日电 (易潇)今日,2018年国家网络安全宣传周新闻发布会在京举办。中央网信办、成都市委市政府相关负责同志介绍了活动筹备情况。 今年的网络安全宣传周将于9月17日至23日在全国范围内统一举行,主题是“网络安全为人民,网络安全靠人民”,由中宣部、中央网信办等十部门共同举办。 届时,网络安全宣传周的开幕式、网络安全博览会、网络安全技术高峰论坛等重要活动将在四川省成都市举行。...
View ArticleVMworld 2018: VMware Aims to Make Cloud Management and Security Easier
Organizations areoperating in a multicloud world, often juggling multiple public cloud environments and private clouds as well. All of that can be daunting to manage, especially for small and...
View ArticleOptus, Brennan IT partner on NBN services migration
Optus has announced that Brisbane-based IT services company Brennan IT will migrate products and services to the National Broadband Network (NBN) using its Evolve platform. According to Optus Wholesale...
View ArticleIDG Contributor Network: The behavioral economics of authentication
A key strategic client of ours shared that their app suffered a material abandonment rate when they required their customers to implement strong passwords. Maybe this group doesn’t use a password...
View Article