Preparing Security For Windows 7 End-Of-Life Support
Moving to Microsoft’s latest OS may give you flashbacks to when XP support ended. Last month, Microsoft announced it will end support for Windows 7 in 2020, giving customers three years to upgrade their systems to Windows 10. In the short term, computers running Windows 7 will still work, and Microsoft will still share security…
RSA 2017: what are you trying to solve?
This year at the RSA Security Conference some 40,000 people packed the halls of the Moscone center in search of solutions (and light up swords) to solve their problems. Whatever the issue, they were looking for a salve to sooth their wounds in a manner of speaking. For all of the vendors hawking their wares there…
High Severity Flaw Patched in OpenSSL 1.1.0
A high severity denial-of-service (DoS) vulnerability was patched on Thursday in OpenSSL with the release of version 1.1.0e. The flaw, tracked as CVE-2017-3733, has been described as an “Encrypt-Then-Mac renegotiation crash.” The security hole, reported by Joe Orton of Red Hat on January 31, does not affect OpenSSL 1.0.2.
IDG Contributor Network: Who makes better cybersecurity decisions, men or women?
Unfortunately, it’s very common to assume that when women are stressed they are more emotional or that they rely more heavily on intuition or hunches. (If you agree with this notion, spoiler alert – you are wrong…. LOL. Then you’re probably going to rely more heavily on men, not women, in high pressure, high risk…
Bruce Schneier: Public-service technologists are needed to tame the IoT
The internet of things needs to be regulated and soon before it becomes even more of a tool to facilitate cyberattacks, and that means coming up with civic-minded technologists to help formulate government policies, security expert Bruce Schneier told an RSA Conference 2017 audience. The problem is governments lack the technological expertise to understand the…
Yahoo Notifies Users of Sophisticated Breach Methods
Yahoo said Wednesday it was notifying some users that hackers may have been able to use a maneuver to break into their accounts without stealing passwords. The latest notifications were in response to the record breach disclosed late last year affecting an estimated one billion users — which involved forging of “cookies” or files used…
IDG Contributor Network: Deletion is not destruction: ensuring the permanent removal of data
Some words of warning to all armchair data security “experts:” The Delete button is not a substitute for destruction; it no more eliminates data than a pink eraser removes magic marker, or a magic wand has the power to do anything more than — to ever be anything more than — a cheap prop. And…
Doubts abound over US action on cybersecurity
How should the U.S. respond to cyber attacks? That’s been a major question at this year’s RSA security conference, following Russia’s suspected attempt to influence last year’s election. Clearly, the government should be doing more on cybersecurity, said U.S. lawmakers and officials at the show, but they admit that politics and policy conflicts have hampered the…
Salted Hash: RSA Conference 2017 – Live Blog
All this week, Salted Hash will be on location at the RSA Conference in San Francisco. We’ll be updating the blog multiple times a day with news and other content from the show – so check-back often. Yesterday, we mentioned a lawsuit filed by CrowdStrike, which attempted to prevent NSS Labs from releasing test results…
‘Shock And Awe’ Ransomware Attacks Multiply
RSA CONFERENCE 2017 – San Francisco – The data-hostage crisis isn’t going away anytime soon: In fact, it’s starting to get a lot scarier and destructive, and with a more unpredictable outcome. Security experts long have warned that ponying up with the ransom fee only plays into the hands of ransomware attackers; it doesn’t necessarily…