- 2018's Most Common Vulnerabilities Include Issues New and Old
The most common vulnerabilities seen last year run the gamut from cross-site scripting to issues with CMS platforms.
- VC Investments in Cybersecurity Hit Record Highs in 2018
But rate of funding appears unsustainable, according to Strategic Cyber Ventures.
- GDPR Suit Filed Against Amazon, Apple
An Austrian non-profit, led by privacy activist and attorney Max Schrems, has filed suit against 8 tech giants for non-compliance with the EU General Data Protection Regulation.
- PCI Council Releases New Software Framework for DevOps Era
The PCI Software Security Framework will eventually replace PCI DA-DSS when it expires in 2022.
- The Rx for HIPAA Compliance in the Cloud
For medical entities, simply following HIPAA cloud service provider guidelines is no longer enough to ensure that your practice is protected from cyber threats, government investigations, and fines.
- 8 Tips for Monitoring Cloud Security
Cloud security experts weigh in with the practices and tools they prefer to monitor and measure security metrics in the cloud.
- Black Hat Europe
- Black Hat Asia
- Black Hat USA
- 773 Million Email Addresses, 21 Million Passwords For Sale on Hacker Forum
Data appears to be from multiple breaches over past few years, says researcher who discovered it.
- Facebook Shuts Hundreds of Russia-Linked Pages, Accounts for Disinformation
Facebook says the accounts and pages were part of two unrelated disinformation operations aimed at targets outside the US.
- Microsoft Launches New Azure DevOps Bug Bounty Program
A new program will pay bounties of up to $20,000 for new critical bugs in the company's Azure DevOps systems and services.
- New Attacks Target Recent PHP Framework Vulnerability
Multiple threat actors are using relatively simple techniques to take advantage of the vulnerability, launching cryptominers, skimmers, and other malware payloads.
- The Security Perimeter Is Dead; Long Live the New Endpoint Perimeter
The network no longer provides an air gap against external threats, but access devices can take up the slack.
- 'We Want IoT Security Regulation,' Say 95% of IT Decision-Makers
New global survey shows businesses are valuing IoT security more highly, but they are still challenged by IoT data visibility and privacy.
- Simulating Lateral Attacks Through Email
A skilled attacker can get inside your company by abusing common email applications. Here are three strategies to block them.
- Go Hands-On with New Security Tricks at Black Hat Asia
Get up close and personal with the latest tools and techniques for testing (and breaking) everything from HTTPS to deep neural networks to Microsoft Office!
- Malware Built to Hack Building Automation Systems
Researchers dig into vulnerabilities in popular building automation systems, devices.
- Oklahoma Data Leak Compromises Years of FBI Data
The Oklahoma Securities Commission accidentally leaked 3 TB of information, including data on years of FBI investigations.
- How the US Chooses Which Zero-Day Vulnerabilities to Stockpile
When it comes to acceptable circumstances for government disclosure of zero-days, the new Vulnerabilities Equity Process might be the accountability practice security advocates have been waiting for.