It is time for information security to escape the Dark Ages, according to Amit Yoran, president of RSA, the security division of EMC.
While technology may soon be capable of accelerating its own development, “we are still in the Dark Ages of Information Security,” he told the opening session of RSA Conference 2015 in San Francisco.
Hackers and cyber-thieves are outmanoeuvring the cybersecurity industry, which is stuck in a "Dark Ages" mindset, a major security conference was told Tuesday.
Opening the RSA 2015 conference in San Francisco, RSA president Amit Yoran, said the epidemic of cyberattacks revealed over the past year show the industry is losing the battle.
Yoran said too many security professionals are stuck in a centuries-old mindset "To keep the barbarians away, we're simply building taller castle walls and digging deeper moats. Taller walls won't solve our problem," he said.
The first academic study into the market for zero-day flaws has shown some surprising results, not least that throwing money at ever-larger bug bounty payouts might well be counterproductive.
The research – which was carried out by MIT principal research scientist Michael Siegel and Katie Moussouris, chief policy officer of bug bounty organizer HackerOne – traced the dynamics of the market for zero-day flaws by monitoring the activities both of crooks who collect vulnerabilities for attacks and researchers who report them to increase software defences.
Cybercriminals deployed an Adobe Flash Player zero-day exploit embedded in online ads for close to two months in an attack that targeted US users with a ransomware payload, researchers said here today.
Virtually every computer sold today comes with a dirty little secret. It can spy on you.
What’s more, if hackers can infect your computer with malware they can hijack your webcam and secretly watch you too – regardless of whether they’re based down the street or on the other side of the world.
Adi Sharabani and Yair Amit have revealed a zero-day vulnerability in iOS 8 that, when exploited by a malicious wireless hotspot, will repeatedly crash nearby Apple iPhones, iPads and iPods.
The Skycure bods say the attack, dubbed "No iOS Zone", will render vulnerable iOS things within range unstable – or even entirely unusable by triggering constant reboots.
Everyone’s used to receiving a few updates on Patch Tuesday, but today will be a bit different as Microsoft seems poised to push out an impressive number of patches in an unscheduled release.
To Jonathan LeBlanc, global head of developer advocacy at PayPal, the problem is simple: "Passwords are not secure, they need to be replaced."
That's the basic premise of a presentation he's giving at tech gatherings around the world called "Kill All Passwords." "Passwords are so complex it's just a system that doesn't work anymore," said CNET editor Dan Ackerman.
Bad news Mac users - even if you have kept your operating system up-to-date, it looks like your computer is still vulnerable to the Rootpipe flaw.
A quick recap for those who haven't been following the Rootpipe saga closely:
Back in October 2014, Swedish white-hat hacker Emil Kvarnhammar revealed that he had uncovered a dangerous vulnerability in some versions of OS X (including the then newly-released 10.10 Yosemite) that could allow a hacker to take complete control of your desktop Mac or MacBook laptop.
After receiving a lot of interest in Trivia Cracker, a Chrome extension that lets you easily cheat in the popular game Trivia Crack, I decided it might be interesting to see if the same kinds of vulnerabilities existed in other popular games. Given its insane popularity, the first game I thought to investigate, of course, was Candy Crush.
