Spectre Patches Reach More CPUs as New Attack Variants Appear

Intel has released microcode patches to address the Spectre vulnerability on additional families of CPUs. Meanwhile, researchers have found a new way of implementing the Meltdown and Spectre attacks, but the variants are covered by existing patches. “We have now released production microcode updates to our OEM customers and partners for Kaby Lake- and Coffee..
Read more

Cisco Report Confirms Cyber Attacks More Sophisticated

An annual report on the state of cybersecurity released Feb. 21 by Cisco Systems suggests cybercriminals are becoming more sophisticated and devious in their attacks to compromise IT environments. Based on a survey of 3,600 chief security officers (CSOs) and security operations (SecOps) managers from 26 countries, the report finds the volume of instances in..
Read more

What the Meuller/Russia Indictment Means for Cybersecurity

On Feb. 16, a federal grand jury in Washington, D.C. returned an indictment against 13 Russian citizens and three Russian companies for a scheme involving information warfare against the political institutions of the United States. Does this portend a new strategy for dealing with cyberthreats or is this merely political theater? The answer, of course,..
Read more

Report: Software Vulnerabilities Increased 30 Percent in 2017

The number of software vulnerabilities recorded last year grew by 31 percent compared to 2016 and one-third of them have public exploits, according to a new report. Vulnerability intelligence firm Risk Based Security, which maintains its own vulnerability database called VulnDB, recorded a total of 20,832 security flaws last year. Around 7,900 of those flaws..
Read more

Project Lakhta: Russian Meddling Gets Russians Indicted

The U.S. Department of Justice (DoJ) announced Feb.16 that a Federal grand jury dropped the hammer on a gaggle of Russian citizens and three Russian entities for their hand in the meddling in the U.S. presidential election of 2016. This Russian intelligence effort, code-named “Project Lakhta,” was conducted from 2014 to 2016 and is an..
Read more

Identity Documents Exposed in FedEx-Owned Amazon S3 Bucket

More than 119,000 scanned identity documents, including passports and drivers’ licenses, belonging to people from the United States and abroad were exposed in an insecure Amazon S3 storage bucket. The storage bucket belonged to a company called Bongo International that provided services for cross-border transactions between U.S.-based online merchants and international customers, complete with anti-fraud..
Read more

Security Boulevard’s 5 Most-Read Stories for the Week, Feb. 12-16

Another week has gone by with our fair share of security stories. This week the 2018 Winter Olympic Games dominated the headlines, as well as the cyberattacks on the Olympics website. Missed out on any of the news this week? Here are the five most-read stories on Security Boulevard to help you out. Be sure..
Read more

5 Ways to Reduce Cybersecurity Risk and Win Over Your CEO and CTO

In today’s always-connected world it’s important to realize that, historically and traditionally, cybersecurity was the responsibility of the IT department. Any time a cyberincident or data breach occurred or security questions arose, these got deferred to IT for the answers. But with today’s massive data breaches and very costly cyberattacks, the responsibility of cybersecurity has..
Read more

HHS Deputy CIO Amélie Koran on Security’s Challenges

Meet Amélie Koran, deputy CIO for the U.S. Department of Health and Human Services, Office of the Inspector General, and one of the keynote speakers at the upcoming InfoSec World 2018 March 19-21 in Lake Buena Vista, Florida. Her March 19 keynote address, “Are We There Yet? Getting There is Only Half the Trip,” highlights some..
Read more
Page 1 of 2212345...1020...Last »