SEARCH
All Articles
Dennis Has Some Questions About…Passwords
People love to hate passwords and most of us aren't very good at creating and remembering them. But we still need them so here's how to create strong passwords.
Disclose.io Offers Security Researchers Safe Harbor
Disclose.io provides a clear legal framework to protect organizations and researchers engaged in vulnerability disclosure programs. The goal is to protect those engaged in good-faith security research from legal action.
Reddit Breach Illustrates Dangers of 2FA Over SMS
Reddit had two-factor authentication enabled on the employee accounts that was breached. The SMS-based method is susceptible to attacks, and Reddit learned that the hard way.
DHS to Protect Critical Infrastructure with National Risk Management Center
Homeland Security secretary Kirstjen Nielsen announced the creation of the National Risk Management Center to evaluate threats and defend US critical infrastructure. The center will initially focus on the energy, finance, and telecommunications sectors to start.
Microsoft Adds Support for WebAuthn in Edge
Microsoft Edge now supports the Web Authentication API, allowing users to login to sites without needing a password.
Data Breach Reports Spike After GDPR
GDPR mandates organizations self-report data breaches, and in the two months since the new privacy regulation went into effect, the number of reports have surged.
Senators Question Law Enforcement Agencies on Use of Facial Recognition
Several senior senators have asked the heads of 39 federal law enforcement agencies to detail any and all use of facial recognition systems.
Errors and Ethical Questions Hit Facial Recognition Tools
A new study by the ACLU found Amazon's Rekognition software misidentified 28 members of Congress as people in arrest photos.
NetSpectre Highlights New Ways to Exploit Speculative Execution
NetSpectre is not an immediate threat: no known malware exists in the wild. The research is important because it deepens our understanding of microprocessor architecture and ways speculative execution can be abused.
Senator Asks NSA, DHS, NIST to End Government Use of Flash
Sen. Ron Wyden has sent a letter to the heads of the NSA, DHS, and NIST, asking them to mandate the elimination of Flash from government sites and computers.
Bluetooth Bug Lets Attackers Listen In
A flaw in the Bluetooth specification could let a nearby attacker intercept traffic between two paired devices.
Dennis Has Some Questions About…2FA
Two-factor authentication is a vital part of many corporate security strategies, and is now offered by lots of consumer apps, as well. We wanted to see how much users know about it, so we asked one.
Google Marks Popular Sites as ‘Not Secure’ for Using HTTP
Google is done with reminders and warnings. It began marking web pages not using HTTPS as "Not Secure," and it turns out some of the world's most popular sites are affected.
Government Seeks Answers in the Disinformation Age
Lawmakers and the federal government are looking for ways to counter influence and disinformation campaigns on social media and the wider Internet.
Disinformation as a Form of Cyber Attack
If we continue to think about cyber-warfare in the context of mass destruction and physical damage, we miss the fact that attackers are now taking more covert approaches to subvert existing systems. Disinformation is a dangerous tool.