Cybersecurity |
Sponsored by |
|
U.S. National Security Agency (NSA) will halt its controversial warrantless surveillance program which collects Americans' emails and texts sent to and from people overseas and that mention a foreigner under surveillance, according to a New York Times report today. more
One thing was clear from a recent presentation by the new leaders of the SF-Bay Internet Society (ISOC) Chapter Working Groups: inclusion and collaboration will be the key to these groups' success. As Dr. Brandie Nonnecke, the Internet Governance Working Group (WG) Chair said, "We haven't yet cracked the code on what 'multistakeholder' means." But that won't stop her and Dr. Jaclyn Kerr, the Data Protection, Privacy, and Security WG Chair, from trying. more
As an admin, app security should be a top priority - but SaaS apps represent a difficult challenge in that regard. How can you protect your business from their risks, while enjoying all their rewards? Within the average enterprise, there are 508 unique cloud applications in use. That number's overwhelming enough on its own without considering that 88% of those applications aren't enterprise ready, or the fact that one in five cloud applications has data sharing as a core functionality. more
Pawn Storm, also known as Sednit, Fancy Bear, APT28, Sofacy, and STRONTIUM, is a cyber espionage organization operating for over a decade which has been particularly aggressive in the past few years. more
According to a new report by the Danish government's Center for Cybersecurity, hackers have breached email accounts and servers at both the Defense Ministry and the Foreign Ministry in 2015 and 2016. more
Walden Savings Bank will be the fifth bank in New York state to switch its domain name from a .com top-level domain (TLD) to the new .bank TLD in May of this year. more
The UK government has released the results of national cybersecurity survey revealing nearly seven in ten large companies in the country have identified a breach or attack in the past 12 months. more
M3AAWG is a trade association that brings together ISPs, hosting providers, bulk mailers, and a lot of infrastructure vendors to discuss messaging abuse, malware, and mobile abuse. (Those comprise the M3.) One of the things they do is publish best practice documents for network and mail operators, including two recently published, one on Password Recommendations for Account Providers, and another on Password Managers Usage Recommendations. more
Last week, the G20's ministers responsible for the digital economy met in Düsseldorf to prepare this year's G20 summit, scheduled for Hamburg, July 2017. Building on important strides initiated two years ago during the G20 summit in Antalya and based on the G20 Digital Economy Development and Cooperation Initiative (DEDCI), which was adopted last year under the Chinese G20 presidency, the Düsseldorf meeting adopted a "G20 Digital Economy Ministerial Declaration" which also includes a "Roadmap for Digitalisation". One day before the ministerial meeting, non-state actors were invited to discuss "Policies for a Digital Future" within a so-called Multistakeholder Conference. more
With the increasing popularity of IoT devices and the added interest of transition to IPv6, a whole new range of threat vectors are evolving that allow attackers to set up undetectable communications channels across networks. more
Also known loosely as "phlashing" in some circles, Permanent Denial-of-Service (PDoS) is an increasing popular form of cyberattack that damages a system so badly that it requires replacement or reinstallation of hardware. more
U.S. Internal Revenue Service Commissioner (IRS) testified before the Senate Finance Committee stating the agency has discovered fraudsters could use someone's personal data to fill out a financial aid application, and the "Data Retrieval Tool" would populate the application with tax information. more
In a post on a developers’ forum, software engineer on the Google Chrome team Ryan Sleevi has announced Google’s plan to start gradually distrust all existing Symantec-issued certificates. more
It is one of those oddities that occurs around Washington from time to time. During the same hour today, the Federal Communications Commission (FCC) was meeting at its downtown headquarters trying to stop robocalls, while a large gathering of government and industry cybersecurity experts were meeting a few miles away at Johns Hopkins Applied Physics Lab advancing the principal means for threat information sharing known as STIX. more
The security flaw was discovered by the company's own security researchers in WikiLeaks' most recent disclosure of classified information, released last week. more