Events

Events

SC Media opens nominations for the 2020 SC Awards

SC Media is announcing a call for nominations for the 2020 SC Awards, which will be bestowed to the winners during a gala dinner celebration, to be held in February 2020 in San Francisco. The cybersecurity community is encouraged to submit nominations for its best and brightest companies, technologies and individuals in the following categories:…

UK businesses far more confident re GDPR than their European counterparts

Researcher: GDPR’s Right of Access policy can be abused to steal others’ personal info

An Oxford University scholar says he was able to trick dozens of European companies into sending him sensitive data about his fiancée, simply by impersonating her while invoking GDPR’s “Right of Access” policy. Doctor of philosophy student James Pavur, who presented his research findings Thursday at the Black Hat conference in Las Vegas, exploited the policy…

Destructive malware attacks double as attackers pair ransomware with disk wipers

IBM Security’s X-Force Incident Response and Intelligence Services (IRIS) team reported this week that it witnessed a 200 percent increase in destructive malware attacks over the first half of 2019, compared to the second half of 2018. These malware attacks typically incorporated a disk wiper component to them. Wipers are historically associated with nation-state-sponsored attacks…

Selling zero-days to governments takes some business savvy, says former bug broker

Not all researchers are comfortable with the ethics of selling the zero-day vulnerabilities they’ve discovered to governments and offensive security companies. But those who do seek profit beyond that of a traditional bug bounty reward will require a fair share of business savvy to seal the deal, according to former vulnerability broker Maor Shwartz, in…

‘Know thyself:’ To combat external ATP threats, first look inward

To most effectively combat sophisticated and stealthy cyberattacks by advanced nation-state actors, today’s modern-day security operations center must first truly understand their own businesses, according to Monzy Merza, vice president of security research at Splunk. “They have to understand where the risks are, where the threats are based on the environment that they’re living. So…

Black Hat withdraws Hurd as speaker one day after naming him keynoter

One day after announcing Rep. Will Hurd, R-Texas, as its keynoter, organizers of the 2019 Black Hat security conference promptly revoked the invitation. “Black Hat has chosen to remove U.S. Representative Will Hurd, as our 2019 Black Hat USA keynote,” conference leadership said in a statement posted on the event’s website. “We misjudged the separation of technology and politics. We…

RiskSec: Angelo Longo, CISO at Resorts Casino Hotel

We’ve all heard how IoT technologies have and will continue to cause massive challenges to the execution and maintenance of security controls for organizations. How can security teams implement plans and policies to address the security vulnerabilities wrought by IoT-related technologies being leveraged in their organization’s building, products and more? At RiskSec 2019, gain a…

Is PSD2 the next GDPR? Not quite, but…(video)

The finance, banking and payment services industries have until September 2019 to comply with PSD2, a revised set of European Union regulations that give consumers more options and safer ways to make payments online. At RSA 2019, Geoff Sanders, director of product at anti-fraud and MFA company iovation (and former co-founder and CEO of iovation…

United Airlines CISO: To soar, security teams must focus on business, not technology

Many corporate IT security organizations are starting to realign their strategies by taking less of a technology-focused approach and instead prioritizing what’s most important from a global business perspective according to Emily Heath, VP and CISO at United Airlines. This approach requires security teams to develop an understanding of the most critical functions that drive…

New York CISO: State committed to helping its local municipalities bolster cyber defenses

There are 62 counties in New York State, and nearly 1,000 cities and towns within them. Many lack adequate resources to devote to cybersecurity, but New York is committed to making sure these local municipalities are nevertheless protected against digital threats, according to the state’s CISO Deborah Snyder, speaking today at a conference. In a panel…

Next post in Election Coverage