RSS Reader for Computer Security Articles
Host Steve Ragan reports from the show floor at RSA 2018, where talks with Chris Roberts, chief security architect at Acalvio Technologies, about the benefits and misconceptions of deception technologies.
Credit to Author: Gregg Keizer| Date: Mon, 21 May 2018 13:45:00 -0700
Google has further fleshed out plans to upend the historical approach browsers have taken to warn users of insecure websites, spelling out more gradual steps the company will take with Chrome this year.
Starting in September, Google will stop marking plain-vanilla HTTP sites – those not secured with a digital certificate, and which don’t encrypt traffic between browser and site servers – as secure in Chrome’s address bar. The following month, Chrome will tag HTTP pages with a red “Not Secure” marker when users enter any kind of data.
Eventually, Google will have Chrome label every HTTP website as, in its words, “affirmatively non-secure.” By doing so, Chrome will have completed a 180-degree turn from browsers’ original signage – marking secure HTTPS sites, usually with a padlock icon of some shade, to indicate encryption and a digital certificate – to labeling only those pages that are insecure.
Credit to Author: Mike Elgan| Date: Sat, 19 May 2018 03:00:00 -0700
Have you heard about those special bags, cases and wallets that protect your electronics from hack attacks?
It’s a signal-blocking container, basically a tinfoil hat for your gadget.
Tinfoil hats are associated with conspiracy theorists concerned about secret government mind-control programs. But when it comes to your wireless gadgets, they really are out to get you.
For example: It’s not a conspiracy theory to believe that companies you’ve never heard of are tracking your location.
In the past two weeks, we’ve learned that a company called Securus Technologies sold the real-time location data of millions of people. It got this data from another company called LocationSmart, which itself was buying the data from AT&T, Sprint, T-Mobile and Verizon.
Cryptocurrency such as Bitcoin has garnered most of the media coverage and hype to date, but keep your eye on blockchain – this new technology is poised to change IT in much the same way open-source software did a quarter century ago.
Credit to Author: Ken Mingis| Date: Fri, 18 May 2018 04:00:00 -0700
For many companies, GDPR has become a four-letter acronym.
The European Union’s new General Data Protection Rule – which applies to virtually any kind of data that can be used to identify a person – goes into effect May 25. And companies around the world are rushing to make sure they’re in compliance, or at least can demonstrate that they’re hard at work trying to meet the EU demands.
GDPR is designed to protect personal privacy, (hopefully) make companies more secure from data breaches and force them to get their collective hands around all the data they collect, use and distribute.
CSO's Michael Nadeau and Steve Ragan join Computerworld's Ken Mingis and IDG Communications' Mark Lewis to look at what the new EU privacy rules means. They offer insights on how companies can prepare – and what happens if they don't.
Credit to Author: Woody Leonhard| Date: Thu, 17 May 2018 12:22:00 -0700
We just got a smattering of patches that seem to be in the “Oh yeah, we forgot” bucket. Windows 7 and 8.1 received Previews (which you should never install, of course). Win10 1607 (out of support for Home and Pro on April 10) and 1703 got the usual laundry list of minor fixes.
I bet Win10 1709 and 1803 updates will be out soon.
Here’s the roundup:
KB 4103713 – Win7 Monthly Rollup preview. Doesn’t solve the network driver uninstallation bug, but does add a new “SMB1 access auditing on Windows Server 2008 R2 SP1.” You have to turn on the auditing with a registry change.
Credit to Author: Lucas Mearian| Date: Thu, 17 May 2018 03:11:00 -0700
Blockchain could one day solve the online privacy problem by encrypting or scrambling personally identifiable information and issuing each person a random string of bits – a private key – created explicitly for unscrambling their data.
The person holding the blockchain private key could issue various public keys controlling who has access to the personal data on the blockchain. So, for instance, if a car rental agency needed to verify you have a driver’s license, you could use a public key to give them access to that information.