Network Security News, Articles and Updates

How's he doing, so far?

The cybersecurity and privacy communities have an abundance of advice for Donald Trump as he plots his cyber strategy.

Cloudflare patches bug that dumped data, but...

One errant character in a coding string caused a buffer overrun which, in turn, led to a memory leak that dumped personal data in plaintext from a variety of Cloudflare's customers' sites.

Survey explores the minds of hackers: 81% claim they can compromise target in under 12 hours

Eighty-eight percent of hackers surveyed at the 2016 DEF CON conference claimed they can compromise a target in less than 12 hours, while 81 percent said they can identify and exfiltrate a target's data in the same amount of time.

Trump gets mixed reviews on cybersecurity, one month in

The administration has hinted at cybersecurity policy, but no definitive strategy has emerged.

On shaky ground: SHA-1 web standard cracked

Researchers out to demonstrate inherent weaknesses in the SHA-1 internet security standard announced they had broken the legacy cryptographic algorithm using a so-called collision attack.

Privilege escalation flaw in Huawei Themes patched in software update

Huawei Technologies has released a new software update that patches a privilege escalation vulnerability in its Huawei Themes mobile app that could ultimately result in arbitrary code execution.

Confide in me! Encryption app leaks sensitive info from Washington DC

An encrypted messaging app called Confide is being used in Washington DC by White House staffers to leak embarrassing or sensitive information.

Lawsuit claims employee who moved to rival firm stole confidential info

In the ongoing antitrust case brought against Ticketmaster by rival SongKick, Ticketmaster is accused of using information stolen from SongKick by ex-employee.

Shamoon entry point detected, IBM report

Researchers are closer to uncovering the miscreant behind a deadly cyberattack that affected thousands of computers used by government and civil organizations in the Gulf states.

Congressional staffers eye response, future deterrents, in wake of Russian election interference

A trio of high-level Congressional staffers gathered at the 2017 RSA Conference this week in a joint session that sought to explore possible responses to Russia's interference in the 2016 U.S. presidential election, as well as future deterrents that might prevent future foreign cyberattacks.

Talking doll susceptible to hack: Destroy it, says German agency

Parents in Germany are being advised to destroy a talking doll called Cayla because its IoT technology could be accessed by outsiders.

Lieu joins Chaffetz in request that Oversight Committee investigate Trump security practices

Congressman Ted Lieu (D-Calif.) has asked the House Oversight Committee to investigate whether or not President Trump is jeopardizing national security by using an unsecured Android mobile device.

DDoS attacks fewer, more powerful in Q4, VeriSign

Last year was not a great time for companies targeted by distributed denial of service attacks (DDoS) - with the average peak size increasing by 167 percent, according to a new report from VeriSign.

Cryptography experts cast doubt on AI's role in cybersecurity

A panel of esteemed cryptographers at RSA 2017 expressed doubt over artificial intelligence's applicability in the cybersecurity space, tossing cold water on what otherwise appeared to be a hot technology at the conference.

Rogue apps plague IT teams, survey finds

IT security teams are unaware of nearly two-thirds of custom apps, according to a new report from the Cloud Security Alliance (CSA) and Skyhigh Networks.

The cloud goes Hollywood: Film production company tests migration of network to cloud

Determined not to be the next Sony Pictures, film production company New Regency Productions is currently testing a proof-of-concept for moving its business operations to the cloud, while securing its creative content and employee information with access management techniques.

Smart home device sales to reach $1.4 billion, security a concern: Ovum

Sales of smart home devices are expected to reach $1.4 billion by 2021, a 500 percent increase from the $90 million in 2016, according to new research from Ovum.

Trump, Abe public tete-a-tete on N. Korea prompts Chaffetz security probe

After reports emerged of Trump and Japan's Shinzo Abe discussing North Korea's missile test in a Mar-a-Lago dining room, House Oversight Chair Jason Chaffetz wants answers about security.

Adobe issues patches, Microsoft's usual Patch Tuesday fixes delayed

Adobe released security updates on Tuesday for Adobe Flash Player, while the usual Patch Tuesday fixes from Microsoft were put on hold.

Company boards and management becoming more engaged with cyber-risks

Survey from consulting firm shows there is still much work to do to identify and protect the 'crown jewels' of mission critical data.

Attacks up in Q4, Akamai

The Mirai botnet continued as one of the largest threats in the fourth quarter, a new study from Akamai found.

Intel Security's Chris Young: Attackers not just compromising home devices, they're weaponizing them

Adversaries are changing their tactics from compromising and stealing data from vulnerable home devices to weaponizing them, warned Christopher Young, SVP and general manager at Intel Security, at the 2017 RSA Conference.

One third of U.S. companies breached last year, study

A third of companies in the U.S. were breached in 2016, according to a study from Bitdefender issued on Tuesday.

Cyber Threat Alliance grows to six founding members; introduces Mike Daniel as president

The Cyber Threat Alliance tonight officially introduced Michael Daniel, former special assistant to the president and cybersecurity coordinator for the White House, as its very first president.

Linux IoT, Android and MacOS expected in 2017, SophosLabs

The attacks that took place and malware spotted during last several months of 2016 were a harbinger of things to come in 2017, with more IoT attacks, Mac products being targeted and more Android malware.

NCSC: UK government regularly assaulted with powerful cyber-attacks

In a recent interview the director of the new National Cyber Security Centre, Ciaran Martin gave the Sunday Times a glimpse of defending the UK government from cyber-attack.

Trump White House CISO Cory Louie reportedly removed from post

The White House has reportedly fired its chief information security officer Cory Louie, leaving another key internal cybersecurity position less than a month after former Federal CISO Gregory Touhill resigned from his post.

Permission denied?: Mobile application security

Mobile application security is becoming a tougher battle to wage for organizations, as these apps are demanding more access to users' data, reports Karen Epper Hoffman.

Uber, Intel and IoT firms join coalition to secure connected cars

A coalition of tech has formed to secure the connected cars of the future.