News

broken lock amid binary code and circuits

EFAIL: Critical PGP and S/MIME bugs could reveal plaintext of encrypted emails

There's currently no fix for the critical flaws in PGP and S/MIME that could reveal plaintext of encrypted email. Users are advised to disable PGP plug-ins and not to use decryption in email clients.

security bug

Katie Moussouris: It’s dangerous to conflate bug bounties and vulnerability disclosure

“There are two extremes right now: no idea where to start or do a bug bounty,” says Moussouris, who built Microsoft's vulnerability disclosure program.

email bullseye with three red arrows

Researchers warn PGP and S/MIME users of serious vulnerabilities

A professor at Münster University issued a warning on Sunday about serious vulnerabilities in PGP and S/MIME – two widely-used methods for encrypting email – which, if exploited, could reveal plain text communications. The issue also...

rings neighbors app

Ring modernizes the neighborhood watch with its Neighbors app

Residents can use Ring's Neighbors app to report 'suspicious' people and activities, while police departments can use it to share real-time crime alerts with communities.

04 cyberlaws gavel

Georgia governor vetoes bill that would criminalize good-faith security research, permit vigilante action

Veto comes in response to overwhelming criticism from industry. Georgia cybersecurity folks had been outraged about SB 315, and warned that it could cost the state jobs.

05 iot

‘I'm hacked’ message left on dozens of defaced Canon IoT security cameras in Japan

More than 60 Canon IoT security cameras in Japan were hacked and defaced -- another example of why users must change default passwords.

vulnerable gdpr breach security cyber attack

Salted Hash Ep 28: GDPR deadline fast approaches

The deadline for the General Data Protection Regulation (GDPR) is almost here. During our trip to the RSA Conference last month, Salted Hash spoke to an expert on the subject, and learned some interesting things when it comes to...

forensics threat hunter cyber security thumbprint

Who wants to go threat hunting?

Rob Lee talks about how he became one of the first threat hunters and how you can become one. It will take skills in IR, forensics, and security analytics.

CSO: Have you met these hackers? [slide 06]

Bitcoin network 3 to 10 times more 'evil' than the rest of the internet

New research published by Rapid7 reveals that the bitcoin network is at least three times "more evil" than the entire internet.

NSA surveillance

NSA tripled phone record surveillance, collected 534M records in 2017

A transparency report from the Office of the Director of National Intelligence revealed a significant spike in the NSA’s surveillance of call and text records.

intro biggest security startups 2018

The biggest security startup deals of 2018 (so far)

Recent VC investment in cybersecurity has tended to favor companies applying machine learning techniques to security problems. Here are some of the largest dealmakers that will be bringing you the next wave of security technology.

apple store

Apple means business when protecting intellectual property

Apple takes the protection of intellectual property very seriously. In 2017, it says 27 people were caught and 12 arrested for revealing inside information.

jobs collaboration careers network

Security executives on the move and in the news

Find up-to-date news of CSO, CISO and other senior security executive appointments.

greetings from augusta georgia

Hackers protest Georgia’s SB 315 anti-hacking bill by allegedly hacking Georgia sites

Hackers claim to have credentials from the City of Augusta and Georgia Southern University and to have defaced the Georgia websites in retaliation for the anti-hacking bill.

Election 2016 teaser - Electronic voting security for digital election data

Online voting is impossible to secure. So why are some governments using it?

If you thought electronic voting machines were insecure, wait 'til you meet online voting. Dr. Vanessa Teague has twice demonstrated massive security flaws in online voting systems. Instead of fixes and support, she got official...

2016 audi sportback e tron graffiti wall

Car hackers find remotely exploitable vulnerabilities in Volkswagen and Audi vehicles

Researchers discovered flaws in the Audi A3 Sportback e-tron and the Volkswagen Golf GTE that make the vehicles vulnerable to remote hacking.

north korea statue pyongyang

North Korean anti-virus uses old Trend Micro components

Researchers at Checkpoint have published a report showing that North Korea's SiliVaccine, the country's anti-virus product, uses functional elements taken from a ten-year-old copy of Trend Micro's anti-virus.

Will LaSala

Salted Hash Ep 24: Defending against mobile threats

Welcome back! After shooting several episodes during the RSA Conference in San Francisco, this week Salted Hash talks mobile threats with VASCO's Will LaSala. In addition to this week's episode, we've also got some additional footage...

brain-computer interface - binary mind - telepathic computing

China increases employee surveillance, creating its own Thought Police

China has a form of Orwell’s Thought Police -- surveillance tech to monitor employees’ brainwaves and emotions.

windows boot drive bsod

PoC code triggers BSOD on vulnerable Windows boxes even if PC is locked

A malware researcher published proof-of-concept code that can cause the dreaded Blue Screen of Death on Windows machines even if the system is locked.

Load More