Security Bytes:

Security


March 31, 2018  6:01 PM

Privacy protections are needed for government overreach, too

Rob Wright Profile: Rob Wright
Security

After the unfortunate yet predictable Facebook episode involving Cambridge Analytica, several leaders in the technology industry were quick to pledge they would never allow that kind corporate misuse of user data. The fine print in those pledges, of course, is the word 'corporate,' and it’s...

February 23, 2018  9:31 PM

Facebook’s 2FA bug lands social media giant in hot water

Rob Wright Profile: Rob Wright
Security

At Black Hat USA 2017, Facebook CSO Alex Stamos said "As a community we tend to punish people who implement imperfect solutions in an imperfect world." Now, Facebook has found itself on the receiving end of such punishment after users who had enabled two-factor authentication reported receiving...


February 8, 2018  8:55 PM

Symantec’s untrusted certificates: How many are still in use?

Rob Wright Profile: Rob Wright
Security

The fallout from Google's decision last year to stop trusting Symantec certificates has been difficult to quantify, but one security researcher has provided clarity on how many untrusted certificates are still being used. Arkadiy Tetelman, senior application security engineer at Airbnb, posted...


January 26, 2018  3:05 PM

Blizzard security flaw should put game developers on notice

Rob Wright Profile: Rob Wright
Security

Imagine you could reach into an application that had none of the enterprise security protections we've come to appreciate but was still used by millions of people -- themselves blissfully unaware of the risks the application posed -- and use that vulnerable application to hack into millions of...


January 18, 2018  4:38 PM

The strange case of the ‘HP backdoor’ in Lenovo switches

Rob Wright Profile: Rob Wright
Security

Concern about government-mandated backdoors in technology products may be at an all-time high, but the recent discovery of an "HP backdoor" in Lenovo networking gear should prove equally alarming for the IT industry. The computer maker last week issued a security advisory, LEN-16095, for an...


January 9, 2018  6:50 PM

Intel keynote misses the mark on Meltdown and Spectre vulnerabilities

Rob Wright Profile: Rob Wright
Security

When Intel CEO Brian Krzanich took the stage last night at CES 2018 in Las Vegas, he began his keynote by addressing the elephants in the room – the recently disclosed Meltdown and Spectre vulnerabilities affecting


December 28, 2017  9:15 PM

After 2017, data breach fatigue should be a thing of the past

Rob Wright Profile: Rob Wright
Security

After the number of major data breaches in 2017, it wouldn't be surprising to see some measure of data breach fatigue set in for both the general public and enterprises. Such an occurrence, however, would mean we missed valuable lessons from some of this year's worst breaches. First, a...


November 22, 2017  5:33 PM

Uber data breach raises unsettling questions for infosec

Rob Wright Profile: Rob Wright
Security

Uber Technologies, Inc., is no stranger to self-inflicted wounds, but the latest visit to the infirmary goes far beyond the kinds of running-with-scissors episodes that have made the ride sharing company infamous. Bloomberg Technology reported Tuesday that Uber suffered a massive data breach in...


May 3, 2017  8:14 PM

Verizon DBIR 2017 loses international contributors

Michael Heller Michael Heller Profile: Michael Heller
Security

Looking at the overall numbers for the contributors to the Verizon Data Breach Investigations Report (DBIR) from the past five years, it would seem like the amount of partners is hitting a plateau, but looking at the specifics raises questions about international data sharing. The number of...


February 24, 2017  7:39 PM

RSA Conference 2017: Are software regulations coming for developers?

Rob Wright Profile: Rob Wright
Security

Security expert Bruce Schneier dragged an uncomfortable but very real possibility into public view during RSA Conference 2017, and it should have developers of all types pondering a very grim future full of software regulations. Schneier discussed his case for internet of things (IoT) regulation...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: