July 20, 2017
If you’re a startup developing native cloud apps, then resources like Amazon Web Services are a great way to test your assumptions and then scale your business. Used improperly, though, they’re also an excellent way to expose your code and customer data online. This November, Sean Cassidy, CTO of DefenseStorm, will show you how attackers […]
Read more
July 17, 2017
Apple has had its fair share of privacy and security controversies in the last few years. There was ‘Celebgate’, in which celebrities had their iCloud accounts hacked, causing Apple to hurriedly revamp its authentication process. It has endured a spat with the FBI over iPhone password access, while also admitting that it keeps the keys […]
Read more
July 3, 2017
Proving your identity and stopping others from impersonating you has always been a difficult problem to solve, both online and off. We haven’t cracked the problem yet. That’s why 6.6% of ID theft in the US last year involved forged government documents, and why passport theft is such a big business. When someone steals name, […]
Read more
June 12, 2017
Dealing with a security incident is difficult to do well, but easy to do badly. The headlines are filled with examples of bungled security incidents. There’s the fudging: UK telco TalkTalk initially confused customers with conflicting statements after its 2015 breach, which saw it lose 157,000 customers’ financial details. There’s the failure: The OPM’s mismanagement […]
Read more
June 2, 2017
Josh Zelonis is irritated. The senior analyst at Forrester Research got more frustrated every day that he read coverage of WannaCry, the ransomware strain that ravaged the Internet last month. Much of the public conversation focused on the NSA, arguing that it shouldn’t have let hackers (a mysterious group called the ShadowBrokers) steal its treasure […]
Read more
May 12, 2017
This month, Verizon released its Data Breach Investigations Report (DBIR) for 2017. One thing stood out: the rise in cyber-espionage. Spies take many different forms, but they’re all after corporate information. How can you stop them pilfering your secrets and getting a market advantage? Verizon saw more espionage-related breaches this year than last. 2016’s report […]
Read more
April 28, 2017
Cybersecurity strategists love quoting ancient Chinese military strategist Sun Tzu, who wrote the book on warfare. “If you know others and know yourself, you will not be imperiled in a hundred battles,” he said. “If you do not know others but know yourself, you win one and lose one.” Companies should think about that when […]
Read more
April 21, 2017
In May 2018, the most significant privacy regulation ever will take effect. The General Data Protection Regulation (GDPR) is an EU measure, but US and Canadian companies who think it doesn’t affect them are in for a rude awakening. GDPR affects anyone storing sensitive data about anyone in an EU member state, putting most larger […]
Read more
April 13, 2017
Note: Story updated on April 17 to reflect second dump of Shadowbrokers files. The ShadowBrokers hacking group made two more splashes this month, resulting in both a ripple and a wave. Firstly, it released the password for the archive of NSA hacking tools that it originally tried to sell off last August, causing a collective ‘meh’ […]
Read more
April 6, 2017
What happens if you’re a vendor that’s slow to patch a known flaw? It’s possible that someone else may step in and do it for you. That’s what has been happening for the past few months with products from vendors such as Adobe and Microsoft. Most recently, Slovenian security consulting firm Acros Security stepped in […]
Read more
March 31, 2017
A former Canadian hacker is back in the limelight – this time, with a documentary preaching cybersecurity, and a top film festival slot. So how did Michael Calce get from there, to here? Back in 2000 when Calce was 15, he was better known as Mafiaboy. He became infamous for discovering a common weakness in […]
Read more