News Category: Security

New IEEE Position Statement Supports Strong Encryption

On 24 June, the IEEE Board of Directors adopted a position statement in support of strong encryption for confidentiality and data integrity.  The essence of the position is that: “IEEE supports the use of unfettered strong encryption to protect confidentiality and integrity of data and...
Read 0 Comments

Wi-Fi Security Is Starting to Get its Biggest Upgrade in Over a Decade

Wi-Fi devices have been using the same security protocol for over a decade. But today, that’ll begin to change: the Wi-Fi Alliance, which oversees adoption of the Wi-Fi standard, is beginning to certify products that support WPA3, the successor to the WPA2 security protocol that’s been in use since...
Read 0 Comments

​The Return of Spectre

The return of Spectre sounds like the next James Bond movie, but it's really the discovery of two new Spectre-style CPU attacks. Vladimir Kiriansky, a Ph.D. candidate at MIT, and independent researcher Carl Waldspurger found the latest two security holes. They have since published a MIT paper, ...
Read 0 Comments

Over 20,000 Container Management Dashboards Are Exposed on the Internet

Even though it’s highly discouraged to expose any kind of management dashboard directly to the internet, there are many users who continue to ignore this recommendation, and it seems that infrastructure admins are no exception. A recent study by cloud security firm Lacework found over 22,000...
Read 0 Comments

What Is the NIST Cybersecurity Framework?

Learn what the NIST Cybersecurity Framework is, who it impacts, and how to implement it in Data Protection 101, our series on the fundamentals of information security. Set forth by the National Institute of Standards and Technology under the United States Commerce Department, the Cybersecurity...
Read 0 Comments

How to Balance Development Goals with Security and Privacy

Now, as a software security evaluator, I see that sometimes even the simplest data protection is missing from programs, which highlights that the problem with building in security and privacy is not complexity, per se—it’s our habit as engineers to work hard on what is emphasized and visible. We...
Read 0 Comments

Best Free Linux Firewalls of 2018

A firewall is an important aspect of computer security these days, and most modern routers have one built in, which while helpful, can be difficult to configure. Fortunately there are also distributions (distros) of the free operating system Linux which have been specifically designed to function...
Read 0 Comments

How to Build a Strong DevSecOps Culture: 5 Tips

We have a tendency in IT to treat security as fundamentally a technology problem. Hence, we also tend to focus on technology solutions. Tools and processes do matter: But if you’ll recall our recent look at the seven habits of strong security organizations, the top of the list had nothing...
Read 0 Comments

Router Vulnerability and the VPNFilter Botnet

On May 25, the FBI asked us all to reboot our routers. The story behind this request is one of sophisticated malware and unsophisticated home-network security, and it’s a harbinger of the sorts of pervasive threats — from nation-states, criminals and hackers — that we should expect in coming years...
Read 0 Comments

Intel Chip Flaw: Math Unit May Spill Crypto Secrets to Apps – Modern Linux, Windows, BSDs Immune

A security flaw within Intel Core and Xeon processors can be potentially exploited to swipe sensitive data from the chips' math processing units. Malware or malicious logged-in users can attempt to leverage this design blunder to steal the inputs and results of computations performed in private by...
Read 0 Comments

Pages

Click Here!