13 hours ago No stars for Internet of Things securityZDNet View Synopsis+1
At this week's AusCERT 2016 conference, an embedded device security specialist proposed a 'Security Star' rating for consumer IoT devices. It's a great idea, but it'll never happen.
Sadly, there's not much services can do to save users from their own poor habits.
By Dustin Volz, Mark Hosenball and Joseph Menn WASHINGTON/ SAN FRANCISCO (Reuters) - After a rampage that left 14 people dead in San Bernardino, key U.S. lawmakers pledged to seek a law requiring technology companies to give law enforcement agencies a "back door" to encrypted communications and electronic devices, such as the iPhone used by one of the shooters. Draft legislation that Senators Richard Burr and Dianne Feinstein, the Republican and Democratic leaders of the Intelligence Committee, had circulated weeks ago likely will not be introduced this year and, even if it were, would stand no chance of advancing, the sources said. Key among the problems was the lack of White House support for legislation in spite of a high-profile court showdown between the Justice Department and Apple Inc over the suspect iPhone, according to Congressional and Obama Administration officials and outside observers.
7 hours ago What's a backlog for anyway?IT Toolbox Blogs View Synopsis+1
In my job, we have a good ideas go to die. It's called "The Backlog". I don't like it. I don't think it's a good thing. But it's true and real.
In practice our backlog has become a parking lot for anything we forgot, couldn't get done or came up after it was too late to do. It's a bone yard for ideas. Our backlog contains partial solutions
The co-developer of RSA's SecureID explains how he fought against Chinese crack
AusCERT In March 2011, a suspected-to-be-Beijing-backed hacking unit infiltrated security giant RSA, successfully subverted its SecureID product and hacked top American defence contractor Lockheed Martin.
The U.S. Congress delves into the issue of whether CISOs should report to CIOs, a topic that leads the Friday, May 27, 2016, edition of the ISMG Security Report, an on-demand audio report offered every Tuesday and Friday.
A new TorrentLocker campaign has been detected by Heimdal Security that is geographically focused on Sweden. And like earlier campaigns, this ransomware threat is delivered by email spam - this one spoofing an invoice from the international Telia communications firm headquartered in Stockholm, Sweden.
1 hour ago 5 ways to secure OS XTechRepublic View Synopsis+1
With OS X security exploits on the rise, Jesus Vigo takes a look at 5 ways to better protect your Mac from malware infections and data loss.
27 minutes ago Under The Ocean of the Internet - The Deep WebSANS Reading Room View Synopsis+1
The Internet was a revolutionary invention, and its use continues to evolve. People around the world use the Internet every day for things such as social media, shopping, email, reading news, and much more. However, this only makes up a very small piece of the Internet, and the rest is filled by an area called The Deep Web.
This article was originally published at Stratfor.com. Editor's Note: The Global Affairs column is curated by Stratfor's editorial board, a diverse group of thinkers whose expertise inspires rigorous and innovative thought in our analyses. Though their opinions are their own, they inform and sometimes even challenge our beliefs. We welcome that [...]
In the light of several recent data breaches and account compromises, Reddit has decided to kick off a service-wide hunt for account takeovers and is prompting users to reset their passwords when such an issue is detected.
Start preparing immediately for the EU's new General Data Protection Regulation - even though it doesn't go into force for two more years - because it mandates a number of new privacy and security requirements, warns cybersecurity expert Brian Honan.
2 hours ago FOURTH bank hit by SWIFT hackersThe Register View Synopsis+1
Has Sony Pics' Lazarus crew come back from the dead?
A fourth bank, this time in the Philippines, has been attacked by hackers targeting the SWIFT inter-bank transfer system.
DRAM, dude! Rowhammer brings down secure browser
Security researchers have discovered a means to use previously unknown vulnerabilities found in in-memory deduplication to attack otherwise well-defended systems.
3 hours ago SWIFT eyes new technology to spot cyber theftYahoo Security View Synopsis+1
By Tom Bergin LONDON (Reuters) - The SWIFT secure messaging service, which banks use to transfer money around the world, outlined on Friday areas in which it hopes to improve security, following attacks in which hackers stole millions of dollars from banks in Bangladesh and Ecuador. SWIFT said on Friday it would consult its users, which are also its owners, about new measures, including the potential to develop new tools that could allow it to spot fraudulent payment instructions. Historically, the Society for Worldwide Interbank Financial Telecommunication's (SWIFT) core business has focused on simply passing authenticated messages between banks.
'Have I Been Pwned?' Walks the Line Between Notification, PrivacyTroy Hunt, who runs one of the most prominent services for discovering if your data has been exposed in a data breach, shares his thoughts on LinkedIn's recent breach and how his approach to disseminating data breach details continues to evolve.
The leaders of the Group of Seven industrialized economies pledged to tackle major economic and political risks including terrorism, floods of refugees, climate change and cyber-attacks. Here are highlights ...
3 hours ago EU member states should stress-test banks' cyber risks: European Banking Authority chairmanYahoo Security View Synopsis+1
By Matthew Miller BEIJING (Reuters) - Domestic authorities in European Union member states should stress-test their financial institutions for cyber risks, a top E.U. supervisor said, warning banks might be required to hold extra capital as a buffer against what is an emerging threat. Speaking to Reuters in Beijing on Friday, Andrea Enria, chairman of the European Banking Authority (EBA), said cyber security had become an important issue for E.U. member states. "But if you ask me would I recommend competent authorities to think more on this and consider running this type of stress test?
Code similarities between two pieces of malware has led to security vendor Symantec saying the group responsible for the $81 million Bangladesh Bank heist hit a bank in the Philippines beforehand.
11 hours ago Spring Updates for CRMIT Toolbox Blogs View Synopsis+1
Spring Updates Promise Better Customer Experience
SugarCRM recently announced the release of the latest version of their platform, Sugar 7.7, which includes enhancements designed to improve both productivity and the customer experience. Microsoft Dynamics CRM 2016, first released in November, is adding a new update that comes with a brand-new
Symantec becomes the second firm to link the hack to the Sony Pictures attack.