Cybersecurity
Voters must have confidence that the voting was fair, regardless of how much money is spent or what security controls are put in place. That makes securing election infrastructure categorically different than almost any other information security challenge today.
Read More
A culture of blame and fear when it comes to security means end users won’t tell you if they are using an unsanctioned app, have clicked on a malicious link or have seen unusual activity until it’s too late. Security teams should empower users with a culture of personal responsibility so that they treat data security in the same way they approach other company policies like health and safety.
Read More
The 5G race is on, and China holds an ominous advantage 5G is going to touch every company and person in the next year or two, as service providers drive new high-bandwidth offerings. But currently, as discussed in a Beltway conference a few weeks ago – raising the anxiety of the audience – China is […]
Read More
Researchers have devised a new attack that allows unprivileged code running on computers to steal secrets, such as cryptographic keys, that are stored in what should be protected memory regions. The attack is possible because of a known design issue with modern DRAM chips that has been exploited in the past to modify protected data. […]
Read More
In 2011 things shifted into high gear. Enter the Stuxnet Worm. This was to become the world’s first weaponized attack. Stuxnet targeted Iran’s nuclear program, causing physical damage to their enrichment centrifuges. This was not the act of a lone hacker, prankster or script kiddie. This was the work of a Nation State.
Read More
Shopping carts are attractive targets because they collect payment information from customers: if your malware can tap into this data stream, you have a ready-made card collection tool.
Read More
As a company that suffered a data beach, UK newspaper Racing Post underwent its own rethink around security strategy, while also navigating three acquisitions that could potentially have been problematic if approached in the wrong way.
Read More
If you don’t collect it, no one can steal it. I’m guessing some of the people in this 200 million-record breach would agree. Sometimes the best way to secure customer data is not to collect it in the first place. While it can be tempting to “collect it all” just in case, most enterprises need […]
Read More
Researchers have found new flaws in Intel processors that could allow hackers to defeat the security boundaries enforced by virtual machine hypervisors, operating system kernels and Intel SGX enclaves, putting data on both servers and endpoint systems at risk. The new attack techniques can be used to leak sensitive secrets like passwords or encryption keys […]
Read More
Opsec definition Operations security, or opsec, is a process by which organizations assess and protect public data about themselves that could, if properly analyzed and grouped with other data by a clever adversary, reveal a bigger picture that ought to stay hidden. It’s a discipline of military origins that in the computer age has become vital for […]
Read More
