It used to be that adaptive authentication (also called risk-based authentication or RBA) forced a trade-off between usability and security, but that is no longer the case. A few years ago, security managers placed security above usability, forcing users to be like Chicago voters: authenticate early and often. Today’s RBA tools can improve overall customer experience and help compliance regulations as well as simplify a patchwork of numerous legacy banking technologies.
Threat intelligence (TI) means many things to many people. At best, TI is the collection and analysis of data that informs security teams about what actions to take to prevent, detect and respond to cyberattacks.
What do Arkansas, Georgia, Kentucky and Texas have in common? Well, depending on whom you ask, they’re all Southern states. But more to the point: They’re the four states up to bat this week in the protracted ballgame that is primary election season. (For reference, we’re barely in the third inning.)
CensorNet has announced its research into the application and internet habits of 1000 UK adults, through personal data and insights platform CitizenMe. The survey found that 46 percent were guilty of at least one of the following bad practices, that could potentially put company data or the work network at great risk:
Despite recurring headlines reporting high-level cyber attacks on organisations of various sizes, businesses are failing to protect themselves from escalating threats. The latest industry survey by ManageEngine, exploring UK-based IT professionals’ outlook on cyber security and cloud adoption, has revealed startling levels of disregard towards IT security, with almost half of the respondents reporting that they install security updates and patches rarely, only occasionally, or never at all.
The global surge in ransomware and zero-day malware has ushered in an explosion of innovation in the area of machine learning as a cybersecurity defense strategy. Often used interchangeably with “analytics” and “artificial intelligence (AI),” the term “machine learning” has also engendered a great deal of confusion.
One of the more useful features of masscan is the “–banners” check, which connects to the TCP port, sends some request, and gets a basic response back. However, since masscan has it’s own TCP stack, it’ll interfere with the operating system’s TCP stack if they are sharing the same IPv4 address. The operating system will reply with a RST packet before the TCP connection can be established.
Although bitcoin and blockchain technology may not take up quite as much mental bandwidth for the general public as it did just a few months ago, companies in the space continue to rake in capital from investors.
On any given day in the United States, more than 450,000 people are behind bars awaiting their constitutionally mandated fair trial. None of them have been convicted of a crime — they’ve been accused of committing a crime, but no formal ruling of guilt or innocence has been made. That means these hundreds of thousands of people are incarcerated simply because they don’t have the financial means to post bail.
Criminals and terrorists, like millions of others, rely on smartphone encryption to protect the information on their mobile devices. But unlike most of us, the data on their phones could endanger lives and pose a great threat to national security.
Pretty big encryption news this week. A well known flaw in HTML emails that are encrypted with S/MIME or PGP was “discovered” by some researches, and given the full name, website, and logo treatment. Even the EFF chimed in and astonishingly suggested people uninstall their encryption tools. The risk was largely overblown; take a look at the #efail tag on Twitter. Here are a few links that give part of the story.
The good news is about half the devices the I-Team found were likely law enforcement investigating crimes or our government using the devices defensively to identify certain cellphone numbers as they approach important locations, said Aaron Turner, a leading mobile security expert… The I-Team got picked up [by StingRay devices] twice off of International Drive, right near the Chinese and Israeli embassies, then got another two hits along Massachusetts Avenue near Romania and Turkey… The phones appeared to remain connected to a fake tower the longest, right near the Russian Embassy.
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, Chili’s parent company – Brinker International – announced that consumer credit and debit card information had been compromised at some locations. In addition, Trend Micro helped the FBI takedown hackers behind the notorious malware, Scan4You.
A new app called Siempo wants to un-addict you from your smartphone and its numerous attention-stealing apps. To do so, Siempo replaces an Android device’s homescreen, while also taking advantage of a number of design principles to push distractions further away, and give you more control over your notifications.
Mark H. Kim, a contributing writer at Quanta Magazine illuminates a recent paper published at the IACR, and contributed by Daniel J. Bernstein, Nadia Heninger, Paul Lou and Luke Valenta, postulate in their paper ‘Post-quantum RSA‘ that in fact, the RSA algorithm might very well not be broken by the use of a quantum computational devices when aprpriately manipulated.
“The negligent attitude toward Americans’ security and privacy by wireless carriers and intermediaries puts every American at risk,” Wyden said. “I urge the FCC expand the scope of this investigation, and to more broadly probe the practice of third parties buying real-time location data on Americans.” He is also calling for FCC Chairman Ajit Pai to recuse himself from the investigation, because Pai was a former attorney for Securus.
Ubuntu Security Notice USN-3645-2
May 18, 2018
Throughout the 2018 National Police Week, the Department of Homeland Security (DHS) honored law enforcement officers and their families for their service and sacrifice. In Washington and around the country, DHS has been involved in memorializing these heroes throughout the week.