As a number of crippling breaches have illustrated, federal government agencies and departments are frequent targets in today’s advanced attacks. The White House’s Office of Management and Budget (OMB), in partnership with the Department of Homeland Security (DHS), recently conducted a cyber risk assessment of 96 agencies across 76 metrics to measure their cyber security…

Cryptomania is dominating conversations from Silicon Valley to Wall Street. But ‘cryptocurrency’ is only one implementation of the underlying technology innovation that has the ability to transform the way future technology products are designed and built. Of course, that technology is blockchain, the decentralized digital ledger that makes Bitcoin and other cryptocurrencies possible. First, we…

A vulnerability affecting GnuPG has made some of the widely used email encryption software vulnerable to digital signature spoofing for many years. The list of affected programs includes Enigmail and GPGTools. About the vulnerability (CVE-2018-12020) CVE-2018-12020, dubbed “SigSpoof” by Marcus Brinkmann, the researcher which found it, arises from “weak design choices.” “The signature verification routine…

McAfee released a report detailing the numerous cybersecurity risks associated with blockchain-based cryptocurrencies, and asserts the necessity of making cybersecurity a top priority as industry builds out the foundations for the widespread implementation of blockchain technologies. Demand for blockchain technology continues to grow among some of the most established industries worldwide, including the government, finance,…

Organizations must manage known vulnerabilities in web applications. When it comes to application security, the Open Web Application Security Project (OWASP) Foundation Top 10 is the primary source to start reviewing and testing applications. The OWASP Foundation list brings some important questions to mind: Which vulnerability in the OWASP Foundation Top 10 has been the…

Google has issued a warning to G Suite users after researchers discovered that thousands of organizations expose sensitive information through misconfigured Google Groups instances. The Google Groups service allows users to create mailing lists, host internal discussions, and process support tickets. These types of communications can include highly sensitive information, which is why it’s important…

Berlin – The operator of the world’s largest internet hub challenged the legality of sweeping telecoms surveillance by Germany’s spy agency, a German court heard Wednesday. The BND foreign intelligence service has long tapped international data flows through the De-Cix exchange based in the German city of Frankfurt. But the operator argues the agency is…