The updated security payment standard's goal is to “address emerging threats and technologies and enable innovative methods to combat new threats” to customer payment information, the PCI Security Standards...
Read moreMore Than Ever, Security Matters
April 1 2022Public policy proposals must consider technical, practical, and real-world security effects, and make sure we avoid unintended consequences.
Read moreMore Than Ever, Security Matters
April 1 2022Public policy proposals must consider technical, practical, and real-world security effects, and make sure we avoid unintended consequences.
Read moreBypassing Two-Factor Authentication
April 1 2022These techniques are not new, but they’re increasingly popular:
…some forms of MFA are stronger than others, and recent events show that these weaker forms aren’t much of a...
Read more
More Apple zero-days - mobile devices, laptops and desktops affected. Update now!
Read moreOn Tuesday, KrebsOnSecurity warned that hackers increasingly are using compromised government and police department email accounts to obtain sensitive customer data from mobile providers, ISPs and social media companies....
Read moreCISA urges organizations using affected technologies to implement recommended mitigation measures.
Read moreThe exploit requires a specific nonstandard configuration to work, limiting the danger it poses, but future research could turn up more broadly usable attacks.
Read moreRansomware: Should Companies Ever Pay Up?
March 31 2022Ransomware is a major threat, and no business is "too small to target." So what should you do after an attack? Is negotiating with criminals ever the answer?
Read moreThe cybersecurity market is red-hot. But with so many still-unfilled positions, companies may be more willing to bend or break some hiring rules.
Read more
Recent Comments