Help Net Security

Don't miss:

Yahoo breach was not state-sponsored, researchers claim

D-Link DWR-932 router is chock-full of security holes

The psychological reasons behind risky password practices

Hot stuff

password

The psychological reasons behind risky password practices

Despite high-profile, large-scale data breaches dominating the news cycle – and repeated recommendations from experts to use strong passwords – consumers have yet to adjust their own behavior when it comes to password reuse. A Lab42 survey, which polled consumers across the United States, Germany, France, New Zealand, Australia and …

mobile

Mobile security stripped bare: Why we need to start again

We’re all familiar with the cartoon image of a character stopping a water leak by plugging a finger into the hole, only for another leak to start, needing another finger, and so on, until the character is soaked by a wave of water. It’s a little like the current, fragmented state of mobile security – the range of threats is growing fast, …

firefighters

Incident response survival guide

All organizations are impacted by a security breach at some point. As the joke goes in the security industry, businesses fall into two categories: those that have been breached and those that don’t know they have been breached. Some organizations don’t know they have had a security incident until the FBI informs them. A breach can have …

city night

IoT-based DDoS attacks on the rise

Cybercriminal networks are increasingly taking advantage of lax Internet of Things device security to spread malware and create zombie networks, or botnets, unbeknownst to their device owners. When lax security becomes a huge problem Symantec’s Security Response team has discovered that cybercriminals are hijacking home networks and everyday …

(IN)SECURE Magazine 51

Spotlight

(IN)SECURE Magazine issue 51 released

brain

Spotlight

Artificial intelligence in cybersecurity: Snake oil or salvation?

research

Spotlight

How a security researcher is tackling IoT security testing

Yahoo

Yahoo breach was not state-sponsored, researchers claim

The massive 2014 Yahoo breach isn’t the work of state-sponsored hackers as the company …

Confide

Enhance iMessage security using Confide

One of the new features in iOS 10 offers the possibility of deploying specially crafted …

mobile

Mobile security stripped bare: Why we need to start again

osquery

OS analysis tool osquery finally available for Windows

Expert corner

Mobile security stripped bare: Why we need to start again

Avi Rosen CEO at Kaymera Technologies

Mobile security stripped bare: Why we need to start again

Incident response survival guide

Bob West Managing Director at CareWorks Tech

Incident response survival guide

Google’s smart search for security

Jason Hart VP and CTO for Data Protection at Gemalto

Google’s smart search for security

Should you trust your security software?

Roy Katmor CEO at enSilo

Should you trust your security software?

Why DNS shouldn’t be used for data transport

Rod Rasmussen Vice President of Cybersecurity at Infoblox

Why DNS shouldn’t be used for data transport

Can an automated defence network protect Britain from low-level threats?

Piers Wilson Head of Product Management at Huntsman Security

Can an automated defence network protect Britain from low-level threats?

Microsoft ends Tuesday patches

Michael Gray VP of Technology at Thrive Networks

Microsoft ends Tuesday patches

Can biometrics and the FIDO Alliance save us from password overload?

Michael Lynch Chief Strategy Officer at InAuth

Can biometrics and the FIDO Alliance save us from password overload?

What is access governance? A brief deep dive

Dean Wiech Managing Director at Tools4ever

What is access governance? A brief deep dive

Risk and the Pareto Principle: Applying the 80/20 rule to your risk management strategy

Joe Fantuzzi CEO at RiskVision

Risk and the Pareto Principle: Applying the 80/20 rule to your risk management strategy

Cyber attacks: Hindsight is 20/20, GDPR is even better

Jason Hart CTO Data Protection at Gemalto

Cyber attacks: Hindsight is 20/20, GDPR is even better

Incident response challenge: How to get out of Firefighter Mode

Vijay Bolina VP of Information Security at Blackhawk Network

Incident response challenge: How to get out of Firefighter Mode

What's New

D-Link DWR-932

D-Link DWR-932 router is chock-full of security holes

Security researcher Pierre Kim has unearthed a bucketload of vulnerabilities affecting the LTE router/portable wireless hotspot D-Link DWR-932. Among these are backdoor accounts, weak default PINs, and hardcoded passwords. Kim went searching for …

Businessman

What’s driving boards of directors to make cyber security a top priority?

Almost half (46 percent) of board members believe compliance regulations help establish stronger security, but nearly 60 percent struggle with meeting increased mandates—a nearly 20 percent jump over the past two years, according to a nationwide …

files

Why digital hoarding poses serious financial and security risks

82 percent of IT decision makers admit they are hoarders of data and digital files, according to research conducted by Wakefield Research among 10,022 global office professionals and IT decision makers to look into how individuals manage data. …

Confide

Enhance iMessage security using Confide

One of the new features in iOS 10 offers the possibility of deploying specially crafted applications within iMessage. Most users will probably (ab)use this new functionality for sending tiresome animations and gestures, but some applications can …

password

The psychological reasons behind risky password practices

Despite high-profile, large-scale data breaches dominating the news cycle – and repeated recommendations from experts to use strong passwords – consumers have yet to adjust their own behavior when it comes to password reuse. A Lab42 …

Reviews

Review: Boxcryptor

Review: Boxcryptor

Review: Protecting Patient Information

Review: Protecting Patient Information

Review: iStorage datAshur Pro

Review: iStorage datAshur Pro

Review: Cyber Guerilla

Review: Cyber Guerilla

Review: True Key for iOS

Review: True Key for iOS

Review: iStorage diskAshur Pro

Review: iStorage diskAshur Pro

Review: Linux Server Security

Review: Linux Server Security

Review: GuardKey

Review: GuardKey

Review: DevOpsSec

Review: DevOpsSec

Review: Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own

Review: Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own

Review: ProtonMail

Review: ProtonMail

Signal

Review: Signal for iOS

Don't miss

Yahoo

Yahoo breach was not state-sponsored, researchers claim

D-Link DWR-932

D-Link DWR-932 router is chock-full of security holes

password

The psychological reasons behind risky password practices

Confide

Enhance iMessage security using Confide

Businessman

What’s driving boards of directors to make cyber security a top priority?

Tesla

Tesla introduces code signing to harden their cars’ security

Industry

ICS-CERT releases new tools for securing industrial control systems

osquery

OS analysis tool osquery finally available for Windows

mobile

Mobile security stripped bare: Why we need to start again

Encryption

Many tech senior decision-makers don’t understand encryption

ms-project-springfield

Project Springfield: Cloud-based fuzz testing for uncovering million-dollar bugs

Apple iOS 9

Looking for an iOS jailbreak? Beware of scammy offers

Malware news

How ransomware is impacting companies in six major industries

BitSight analyzed the security ratings of nearly 20,000 companies to identify common forms of ransomware and to determine which industries (amongst Finance, Healthcare, Education, Energy/Utilities, Retail, and Government) are most likely to …

Surge in polymorphic attacks and malicious Android apps

UK online banking customers are back on fraudsters’ radar

Malicious torrents management tool uncovered

HDDCryptor ransomware uses open source tools to thoroughly own systems

Privacy news

Yahoo breach was not state-sponsored, researchers claim

The massive 2014 Yahoo breach isn’t the work of state-sponsored hackers as the company has claimed to believe, say researchers from identity protection and threat intelligence firm InfoArmor. Instead, the breach was effected by a group of …

Enhance iMessage security using Confide

Cybersecurity is not receiving enough attention from presidential candidates

Repercussions of the massive Yahoo breach

Google’s smart search for security