Help Net Security - Information Security News

Don't miss:

Google lays groundwork for secure offline app distribution

Execs don’t believe their companies learn the right lessons in cybersecurity

Inferring Internet security posture by country through port scanning

Hot stuff

world

Inferring Internet security posture by country through port scanning

In this podcast, Tod Beardsley, Director of Research at Rapid7, talks about the recently released National Exposure Index, which aims to better understand the nature of Internet exposure – services that either do not offer modern cryptographic protection, or are otherwise unsuitable to offer on the increasingly hostile internet – …

study

Working through the cybersecurity skills gap

It’s no secret that there’s a shortage of qualified personnel in the field of cybersecurity. It’s a problem that has long been noticed and one that is projected to get even worse—to the tune of 1.8 million by 2022, according to (ISC)². Despite this massive skills gap on the horizon, the number of breaches appears to be declining. Appearances, …

blockchain

Don’t start the blockchain revolution without making security a top priority

McAfee released a report detailing the numerous cybersecurity risks associated with blockchain-based cryptocurrencies, and asserts the necessity of making cybersecurity a top priority as industry builds out the foundations for the widespread implementation of blockchain technologies. Proof-of-work blockchain Demand for blockchain technology …

lock

Securing microservices and containers: A DevOps how-to guide

There is a simple reason for developers adopting the cloud and cloud-native application architectures. These “tools and methods” allow developers to accelerate innovation and feature delivery in the service of meeting business demands and keeping their enterprise competitive. While these tools and methods make noticeable improvements for …

money

Spotlight

Has paying the ransom become business as usual?

Idea

Execs don’t believe their companies learn the right lessons in cybersecurity

A majority of executives around the world feel their organizations can do better when it comes …

person

Early detection of compromised credentials can greatly reduce impact of attacks

According to Blueliv’s credential detection data, since the start of 2018 there has been a 39% …

(IN)SECURE Magazine 58

(IN)SECURE Magazine issue 58 released

building blocks

Will blockchain power the next generation of data security?

Expert corner

Will blockchain power the next generation of data security?

Dave Sikora CEO, ALTR

Will blockchain power the next generation of data security?

What CISOs can learn from Tyrion on Game of Thrones

Eitan Bremler VP of Product, Safe-T

What CISOs can learn from Tyrion on Game of Thrones

Combating fraud and money laundering with graph analytics

Yu Xu CEO, TigerGraph

Combating fraud and money laundering with graph analytics

Social media: The zero-trust game

Raj Samani Chief Scientist, McAfee

Social media: The zero-trust game

Are SMBs driving the adoption of security automation by enterprises?

Corey Nachreiner CTO, WatchGuard Technologies

Are SMBs driving the adoption of security automation by enterprises?

Why good security foundations are better than the best security mitigation

Netanel Davidi co-CEO, VDOO

Why good security foundations are better than the best security mitigation

Wi-Fi honeypots: Alive and well at RSAC 2018

Ryan Orsi Director of Strategic Alliances at WatchGuard Technologies

Wi-Fi honeypots: Alive and well at RSAC 2018

How many threats hit the mainframe? No one really knows

Ray Overby President at Key Resources

How many threats hit the mainframe? No one really knows

GDPR: It’s an issue of transparency

Robert Rutherford CEO at QuoStar

GDPR: It’s an issue of transparency

What’s your security story? How to use security as a sales tool

Sabino Marquez CSO at Allocadia

What’s your security story? How to use security as a sales tool

Information security can enable business as soon as we change the conversation

Raj Samani Chief Scientist at McAfee

Information security can enable business as soon as we change the conversation

Are there too many cybersecurity companies?

Ken Elefant Managing Director at Sorenson Capital

Are there too many cybersecurity companies?

What's New

Google Play

Google lays groundwork for secure offline app distribution

Google will start adding security metadata to Android application packages (APKs) distributed via Google Play, so that users with limited internet access can check whether the apps they get via peer-to-peer app sharing are legitimate. The move, …

insider threat

Employee negligence still poses major security concerns

With one-third of working adults in the U.S. admitting to potentially risky behavior at work, employee negligence poses major security concerns for U.S. businesses, according to a Shred-it survey conducted by Ipsos. When assessing the cause of …

Google Firebase

3,000+ mobile apps leaking data from unsecured Firebase databases

Appthority published research on its discovery of a new HospitalGown threat variant that occurs when app developers fail to require authentication to Google Firebase databases. Appthority security researchers discovered the HospitalGown …

reload

Visibility across the digital experience is critical to manage it successfully

Riverbed found that 99% of business decision makers agree that optimizing digital performance is essential to business performance, and 98% agree that digital, including the delivery of digital services and applications, is critical to the …

Idea

Execs don’t believe their companies learn the right lessons in cybersecurity

A majority of executives around the world feel their organizations can do better when it comes to learning from their past cyber mistakes, according to the results of a newly released global survey conducted by The Economist Intelligence Unit …

world

Inferring Internet security posture by country through port scanning

In this podcast, Tod Beardsley, Director of Research at Rapid7, talks about the recently released National Exposure Index, which aims to better understand the nature of Internet exposure – services that either do not offer modern …

mask

Fraudster exploited US govt staff info stolen in 2015 OPM breach

The data breach suffered by the Office of Personnel Management (OPM) is, by now, very old news, but some of the people involved and affected are still feeling the repercussions. Stone data used for identity theft The US Attorney’s Office …

Reviews

Review: EU GDPR Documentation Toolkit

Review: EU GDPR Documentation Toolkit

Review: Cato Cloud

Review: Cato Cloud

Review: Securing the Internet of Things

Review: Securing the Internet of Things

Review: Pwnie Express Pulse

Review: Pwnie Express Pulse

Review: Acunetix 11

Review: Acunetix 11

Review: Advanced Persistent Security

Review: Advanced Persistent Security

Review: Data Breach Preparation and Response

Review: Data Breach Preparation and Response

Review: The Internet of Risky Things

Review: The Internet of Risky Things

Review: DNS Security

Review: DNS Security

Review: iStorage diskAshur Pro SSD

Review: iStorage diskAshur Pro SSD

Review: The Basics of Cyber Safety

Review: The Basics of Cyber Safety

Review: IS Decisions UserLock

Review: IS Decisions UserLock

Don't miss

Google Play

Google lays groundwork for secure offline app distribution

Idea

Execs don’t believe their companies learn the right lessons in cybersecurity

world

Inferring Internet security posture by country through port scanning

insider threat

Employee negligence still poses major security concerns

Google Firebase

3,000+ mobile apps leaking data from unsecured Firebase databases

iPhone 8

iOS 12 will allow users to share their exact location with emergency services

mask

Fraudster exploited US govt staff info stolen in 2015 OPM breach

person

Early detection of compromised credentials can greatly reduce impact of attacks

dark

French authorities dismantle Black Hand dark web market

(IN)SECURE Magazine 58

(IN)SECURE Magazine issue 58 released

money

F-Secure acquires MWR InfoSecurity

building blocks

Will blockchain power the next generation of data security?

Malware news

Google removes inline installation option for Chrome extensions

Google is shutting down an often used vector for delivering malicious Chrome extensions to users by removing the inline installation option. What will happen? The announcement was made by Extensions Platform Product Manager James Wagner, who …

Fooling security tools into believing malicious code was signed by Apple

Cryptomining malware digs into nearly 40% of organizations worldwide

Traffic manipulation and cryptocurrency mining campaign compromised 40,000+ machines

VPNFilter malware targets new devices, can deliver exploits to endpoints

Whitepapers and insight

Analyst research: ROI of Pen Testing as a Service

Dr. Chenxi Wang, industry thought leader and analyst, examined the Return on Investment that organizations may realize by using Cobalt’s Pen Testing as a Service (PTaaS) platform. This study took a detailed look at the benefits and costs of …

Whitepaper: Future-proofing your password policy

Whitepaper: DNS Threat Intelligence vs. AI Network Security

Report: What two years of real pen testing findings will tell you

Download: CISSP Exam Study Guide