Dr. Andrea Little Limbago, Chief Social Scientist at Virtru, and SC Senior Reporter Bradley Barth talk about the human side of cybersecurity, a theme she was happy to see at RSA 2020 as she believes it indicates that the industry is finally moving beyond humans as the weakest link in cybersecurity.
The saying goes: “On the internet, nobody knows you’re a dog.” But the more apt expression in this day and age might be “nobody knows you’re a bot.” Bots are becoming increasingly human-like, which presents a significant challenge to security professionals, website owners and social media network operators seeking to distinguish malicious and inauthentic bot…
Fresh off a financial settlement over its 2017 data breach that affected roughly half the U.S. population, Equifax is forging ahead with a $1 billion-plus investment in a new security plan — and CISO Jamil Farshchi was eager to tout the credit reporting agency’s progress so far in a session this week at the RSA…
Trust AwardBest Authentication TechnologyForgeRockForgeRock Identity Platform All journeys have a beginning, middle and an end, and it’s the job of the ForgeRock Identity Platform to ensure that every authentication journey, from start to finish, remains safe for the client and easy for the user. The platform’s Intelligent Authentication feature delivers the unique ability to visually map user authentication journeys with a drag-and-drop interface…
Iranian cyberespionage operations are continuing at a steady pace, but so far no reaction has been spotted in response to the January U.S. drone strike that killed Iranian Gen. Qasem Soleimani. Almost two months has passed since the Jan. 2, 2020 attack, Secureworks is only noting the continuation of previously implemented espionage operations from Iran/…
The northern-Michigan based Munson Healthcare group reported several employee email accounts were hacked and being accessed for two and a half months last year exposing PHI. The breach was discovered on January 16, 2020 and the investigation into the incident revealed the email accounts in question were being accessed by an outside source between July…
The facial recognition company Clearview AI is informing customers that a hacker stole its entire client list. Clearview AI gained unwanted notoriety earlier this year when it was disclosed that the company was obtaining billions of photos by scraping the internet for use by law enforcement agencies. Now the company has sent a notification to…
HackerOne reported an explosion in the number of people participating in its program and the amount of money they earned through bug bounties in 2019. HackerOne’s 2020 Hacker Report stated the number of people participating in its bug bounty programs more than doubled in the last year to 600,000 with the amount of money earned…
The inevitable rise and potential disruptive force quantum computing will present when it becomes a reality means it is never too early to start preparing. These words of wisdom came from McAfee CTO Steve Grobman during his keynote address at RSA Conference 2020. Grobman noted that even if quantum computing, and its ability to decrypt…
The Software Engineering Institute CERT Coordination Center advised that several ZyXEL network-attached storage devices contain a pre-authentication command injection vulnerability. CVE-2020-9054, if exploited, could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. The problem is it uses the weblogin.cgi CGI executable for authentication and that program fails to properly sanitize…
