A few weeks ago, it seemed like everyone in the tech industry was glued to Mudge’s congressional testimony. Not only is he one of the most irreproachable people in the security space, the drama around
I had to split this article into two parts. Part one describes what I think is wrong and part two, which is coming next week, is a proposed architecture to improve it. Discussions and comments for thi
Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcast s or PodcastOne . The Army is exploring how to use Software Bills of Mat
How Security Leaders Draw The Line Published in The Gray Area · 5 min read · Nov 11, 2022 -- Recently there have been reports of security leaders abruptly leaving public organizations. Departures like
San Diego’s MedCrypt, which provides cybersecurity technology for medical devices, snagged $25 million in a second round of venture funding despite today’s tough environment for young firms seeking to
The Federal Trade Commission plans to take the rare step of bringing individual sanctions against the CEO of alcohol delivery company Drizly for data privacy abuses, following allegations that the com
A HackerOne employee stole vulnerability reports submitted through the bug bounty platform and disclosed them to affected customers to claim financial rewards. The rogue worker had contacted about hal
Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet. See More → A technologist and maintainer of a popular piece of open source s
Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet. See More → Crypto.com, one of the largest cryptocurrency exchanges in the wo
Application Security The computer security industry is bracing for travel on long, bumpy roads littered with Log4j security problems as experts warn that software dependency patching hiccups will slow
An Oregon man and a former employee of Ubiquiti Networks was arrested and charged today with hacking the company's servers, stealing gigabytes of information, and then attempting to extort his employe
A Rare Win in the Cat-and-Mouse Game of Ransomware A team of private security sleuths, in their first public detailing of their efforts, discuss how they used cybercriminals’ mistakes to quietly help
On Thursday, Reuters revealed that the ransomware hacking group that hobbled gas distribution in the US for days in May was itself hacked and pushed offline by a coordinated operation led by multiple
Oct 21 (Reuters) - The ransomware group REvil was itself hacked and forced offline this week by a multi-country operation, according to three private sector cyber experts working with the United State
Soon, a cybersecurity professional at the Department of Homeland Security could make as much money as the vice president of the United States, $255,800 — or more, up to $332,100, if they’re in a geogr
Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet. See More → Missouri Gov. Mike Parson wants to prosecute a journalist who war
As most Americans are still learning about the hacking-for-cash crime of ransomware, the nation’s top homeland security official is worried about an even more dire digital danger: killware, or cyberat
Cyber Crime Innovation Is Lucrative Cybercrime rewards innovative organizations. These can innovate at the tactical level (e.g. new or updated tactics, techniques, and procedures (TTP)), the strategic
The hard truth about ransomware: we aren’t prepared, it’s a battle with new rules, and it hasn’t near reached peak impact. Published in DoublePulsar · 21 min read · Jun 8, 2021 -- I’ ve talked about r
This post will talk about my initial thoughts on The OWASP Top 10 release for 2021 . Let me start by saying that I have respect for the people working on this project, and that as a project maintainer
GitHub has resolved numerous vulnerabilities in Node.js packages tar and @npmcli/arborist, with the worst allowing file overwrites and arbitrary code execution. On Wednesday, GitHub said the company r
Security Chaos Engineering: How to Security Differently By Tiffany Knudtson | March 3, 2021 12 minute read “The growth of complexity in society has got ahead of our understanding of how complex system
Public markets DGAF about cybersecurity. The infosec industry shills the harrowing narrative of how damaging data breaches are to businesses – that if a super sophisticated nation state targets your c
The American cops took the slower, cheaper train from Kyiv to Donetsk. After repeatedly traveling between Ukraine and the United States, there were more comfortable ways to make this final, 400-mile j
Published 3 July 2021 Share page About sharing Image source, Gustav Ceder By Joe Tidy Cyber security reporter, BBC News Some 500 Coop supermarket stores in Sweden have been forced to close due to an o
Economics Economics Indicators Central Banks Jobs Trade Tax & Spend Inflation & Prices Economics Argentina Economy Grew in July Despite Recession on Horizon Checkout Cost-of-Living Stress Fuels Crime
Published 3 July 2021 Share page About sharing Image source, Getty Images About 200 US businesses have been hit by a "colossal" ransomware attack, according to a cyber-security firm. Huntress Labs sai
Update: PrivacyShark appears to have been the first to report this, and has now obtained a statement from LinkedIn, below. A second massive LinkedIn breach reportedly exposes the data of 700M users, w
Credit... Cayce Clifford for The New York Times News Analysis Are We Waiting for Everyone to Get Hacked? It’s been almost a decade since Leon Panetta, then the secretary of defense, warned of an impen
The D.N.C. Didn’t Get Hacked in 2020. Here’s Why. A devastating email breach of the D.N.C. roiled Democrats in the final months of 2016. An unassuming security official made it his mission to prevent
After a cyber attack, Colonial said it was moving toward a partial reopening of its pipeline system -- the largest fuel network between Texas and New York JIM WATSON Servers for Darkside were taken do
Biden Plans an Order to Strengthen Cyberdefenses. Will It Be Enough? A hacking of a major pipeline, the latest evidence of the nation’s vulnerabilities to cyberattacks, prompted questions about whethe
Published 10 May 2021 Share page About sharing Image source, Colonial Pipeline By Mary-Ann Russon Business reporter, BBC News A cyber-criminal gang that took a major US fuel pipeline offline over the
This year has seen no shortage of blockbuster hacks, from the SolarWinds supply chain meltdown to China’s blitz against Microsoft Exchange servers . It’s a lot. But the outsized focus on those hacking
Code-hosting service GitHub is actively investigating a series of attacks against its cloud infrastructure that allowed cybercriminals to implant and abuse the company's servers for illicit crypto-min
(Suad Kamardeen / Unsplash) The nearly year-long SolarWinds/Sunburst hacking campaign that targeted government and private-sector computers succeeded because the adversaries used U.S.-based servers to
There is a seminal paper in finance by Charles Ellis called the The Loser’s Game which, in simple terms, foretells the move from active to passive investing and the reasons for it. My favorite bit of
Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet. See More → All of the major carriers made a significant change to how SMS me