- Google Patch to Block Spectre Slowdown in Windows 10
Microsoft will incorporate Google's Retpoline patch to prevent Spectre Variant 2 from slowing down its operating system.
- EU Takes Step Toward Cyberattack Sanctions
European leaders complete first step toward establishing a sanctions regime.
- WSJ Report: Facebook Breach the Work of Spammers, Not Nation-State Actors
A report by the Wall Street Journal points finger at group that is know to Facebook Security.
- Risky Business: Dark Reading Caption Contest Winners
Phishing, anti-shoulder surfing, Russia and other hysterical identity management puns and comments. And the winners are …
- Cyber Espionage Campaign Reuses Code from China's APT1
US, Canadian organizations in crosshairs of group with apparent links to a Chinese military hacking unit that wreaked havoc several years ago.
- How to Get Consumers to Forgive You for a Breach
It starts with already-established trust, a new survey shows.
- New Security Woes for Popular IoT Protocols
Researchers at Black Hat Europe will detail denial-of-service and other flaws in MQTT, CoAP machine-to-machine communications protocols that imperil industrial and other IoT networks online.
- Audits: The Missing Layer in Cybersecurity
Involving the audit team ensures that technology solutions are not just sitting on the shelf or being underutilized to strategically address security risks.
- Former Equifax Manager Sentenced for Insider Trading
Sudhakar Bonthu bought and sold Equifax stock options prior to the public disclosure of its 2017 data breach.
- 7 Ways A Collaboration System Could Wreck Your IT Security
The same traits that make collaboration systems so useful for team communications can help hackers, too.
- Apache Access Vulnerability Could Affect Thousands of Applications
A recently discovered issue with a common file access method could be a major new attack surface for malware authors.
- Getting Up to Speed with "Always-On SSL"
Websites can avoid the negative consequences of a "not secure" label from Google Chrome 68 by following four AOSSL best practices.
- Inside the Dark Web's 'Help Wanted' Ads
How cybercriminals recruit everyone from car drivers to corporate insiders and pay them according to the risk they assume.
- 3 Years After Attacks on Ukraine Power Grid, BlackEnergy Successor Poses Growing Threat
In what could be a precursor to future attacks, GreyEnergy is targeting critical infrastructure organizations in Central and Eastern Europe.
- Oracle Issues Massive Collection of Critical Security Updates
The software updates from Oracle address a record number of vulnerabilities.
- (ISC) 2 : Global Cybersecurity Workforce Short 3 Million People
With the skills gap still wide, security leaders explain the challenges of hiring and retaining security experts.
- Cybercrime-as-a-Service: No End in Sight
Cybercrime is easy and rewarding, making it a perfect arena for criminals everywhere.
- SEC Warns Public Companies on Accounting Control Use
A new SEC investigative report urges public organizations to keep cyberthreats in mind when implementing internal accounting tools.
- Startup Spun Out of Securosis Secures $2.5 Million Seed Investment
DistruptOps officially rolls out its SaaS for automating control of cloud operations and security.
- The Three Dimensions of the Threat Intelligence Scale Problem
To succeed, organizations must be empowered to reduce their attack surface and staff overload so they can get more out of their existing firewall and threat intelligence investments.