Use stronger authentication, urge White House and tech companies

Everybody, sing! “Use your fingerprint, your face or a code, at home or work or on the road!” Source: nakid security

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

WEBSITE SECURITY THREAT REPORT 2016

Discover what can be done to steel a website to malware and data breach attacks with comprehensive website security. Also uncover a breakdown of notable security events in 2015, and analyze key takeaways from real attacks on systems just like yours. Published by: Symantec Source: sec news whitepapers

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Targeted cyber attacks in the UK and Europe

This research from Quocirca examines the perceptions and experiences related to targeted cyber attacks across 600 European organisations. Published by: ComputerWeekly.com Source: sec news whitepapers

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Designing a Multilayered, In-Depth Defense Approach to Authentication

This white paper details the logical and administrative layers of security that you should implement to improve your authentication and authorization security posture. Uncover features you should look for in third-party solutions to supplement native security mechanisms. Published by: Dell Software Source: sec news whitepapers

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Understanding And Mitigating DDoS Attacks

This white paper reviews DNS Denial of Service attack concepts and mitigation strategies. Inside, you’ll learn 4 critical DNS concepts. Published by: Dyn Source: sec news whitepapers

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Top 5 SSL Attack Vectors

Discover not only the basics of SSL vulnerabilities, but what your enterprise can do to avoid the top 5 hazards that so many organizations fall prey to when deploying encryption. Published by: Symantec Source: sec news whitepapers

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

The Psychological Reasons Behind Risky Password Practices

Orome1 quotes a report from Help Net Security: Despite high-profile, large-scale data breaches dominating the news cycle — and repeated recommendations from experts to use strong passwords — consumers have yet to adjust their own behavior when it comes to password reuse. A global Lab42 survey, which polled consumers across the United States, Germany, France, New Zealand, Australia and the United Kingdom, highlights the psychology around why consumers develop poor password habits despite understanding the obvious risk, and suggests that there is a level of cognitive dissonance around our onlineRead More

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

The Yahoo Hackers Weren't State-Sponsored, Security Firm Says

itwbennett writes from a report via CSO Online: After Yahoo raised eyebrows in the security community with its claim that state-sponsored hackers were responsible for the history-making breach, security firm InfoArmor now says it has evidence to the contrary. InfoArmor claims to have acquired some of the stolen information as part of its investigation into “Group E,” a team of five professional hackers-for-hire believed to be from Eastern Europe. The database that InfoArmor has contains only “millions” of accounts, but it includes the users’ login IDs, hashed passwords, mobile phoneRead More

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Emergency Alert Texts Are Getting a Much Needed Upgrade

New FCC rules are going to make you hate those emergency alerts a whole lot less. The post Emergency Alert Texts Are Getting a Much Needed Upgrade appeared first on WIRED. Source: wired security feed

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

FCC Votes To Upgrade Emergency Smartphone Alerts

After recent bombings, the Federal Communications Commission has voted to update the four-year-old emergency smartphone alerts system, which is used by officials to ping smartphones to alert people of severe weather, missing children, terror attacks or other danger. Some of the new changes allow the system to send texts with links to pictures, maps and phone numbers. CNNMoney reports: The agency also voted to allow longer messages — 360 characters, up from 90 — and to require wireless providers to support Spanish-language alerts. Wireless carriers will be allowed to supportRead More

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Shadow Regulation: the Back-Room Threat to Digital Rights

When a new law threatens to stifle online speech, to limit our use of the Internet, or allow others to control our digital devices, we can push back in a variety of ways—participating in formal consultations, calling or petitioning our representatives, exposing the proposal through the media, and bringing a legal challenge if the law passes, and so on. When individual companies threaten our rights, we also have options, ranging from boycotting that company, to “shaming” it into changing its practices, or if nothing else works, bringing a lawsuit orRead More

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Four States Sue To Stop Internet Transition

An anonymous reader quotes a report from The Hill: Republican attorneys general in four states are filing a lawsuit to block the transfer of internet domain systems oversight from the U.S. to an international governing body. Texas Attorney General Ken Paxton, Arizona Attorney General Mark Brnovich, Oklahoma Attorney General Scott Pruitt and Nevada Attorney General Paul Laxalt filed a lawsuit on Wednesday night to stop the White House’s proposed transition of Internet Assigned Numbers Authority (IANA) functions. The state officials cite constitutional concerns in their suit against the National TelecommunicationsRead More

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Researchers Shoot Down Yahoo Claim Of Nation-State Hack

InfoArmor says the attackers who stole a half-billion Yahoo user accounts were seasoned cybercriminals who later sold the booty to an Eastern European nation-state. Source: dark reading attack

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Backdoored D-Link Router Should be Trashed, Researcher Says

A researcher who found a slew of vulnerabilities in a popular router says it’s so hopelessly broken that consumers who own them should throw them away. Source: threatpost

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Hexis Cyber Solutions' HawkEye AP: Product overview

Expert Dan Sullivan examines the HawkEye AP platform, a big data security analytics product from Hexis Cyber Solutions that can parse hundreds of different data formats. Source: security news daily

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Zerodium Triples its iOS 10 Bounty to $1.5 Million

Zerodium tripled the bounty it offers for an Apple iOS 10 remote jailbreak, boosting the reward to $1.5 million. Source: threatpost

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

The World Trade Organization Sets its Eyes on the Internet

This week, EFF has been at the World Trade Organization (WTO)’s annual Public Forum. Best known to the general public as the locus of anti-globalization protests at its 1999 Ministerial Conference, it’s ironic that the WTO is today the most open and transparent of trade negotiation bodies—an honor it holds mainly because of how closed and opaque the trade negotiations conducted outside the WTO are, such as the Trans-Pacific Partnership (TPP), or on its margins, the Trade in Services Agreement (TISA). This year’s Public Forum, although notionally focusing on inclusiveRead More

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Mozilla to drop WoSign as a trusted certificate authority

Citing a long list of transgressions, Mozilla prepares to sanction Chinese certificate authority WoSign by removing it from its list of trusted certificate issuers. Source: security news daily

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Yahoo Challenged on Claims Breach Was State-Sponsored Attack

Experts challenge Yahoo’s assertion that state-sponsored hackers were behind a 2014 breach that resulted in 500 million lost records. Source: threatpost

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Yahoo breach calls into question detection and remediation practices

The Yahoo breach was the largest in history and the fallout is widespread, including a lawsuit, possible SEC investigation and questions about Yahoo’s breach detection and response. Source: security news daily

Spread the love
  •  
  •  
  •  
  •  
  •  
  •