In the sharing & collaborative economy we live in, we are witnessing two major trends at play. First, an increasing number of people are getting online. Recent statistics suggest that 4 billion people around the world are now using the internet (this is half of the world’s population): https://wearesocial.com/blog/2018/01/global-digital-report-2018 Second, the … [Read more...]
Meltdown and Spectre CPU Vulnerabilities
On 3 January 2018, security researchers at Google, Graz University of Technology, and several other education institutions disclosed multiple vulnerabilities found in most modern Intel, AMD and ARM processors. The more severe vulnerability, Meltdown (CVE-2017-5754), appears isolated to Intel processors developed in the last 10 years. Spectre (CVE-2017-5715 and CVE-2017-5753) on … [Read more...]
macOS High Sierra Password Theft Vulnerability
A security researcher spoiled Apple’s release of macOS High Sierra today when he published a video showing a zero day exploit of the built-in password management system, Keychain. macOS uses the Keychain system to securely store encrypted passwords, cryptographic keys, and SSL certificates. Normally, applications should not be able to programmatically retrieve plaintext … [Read more...]
Should The Responsible Disclosure Process Be Standardized?
For every cyber-villain looking to exploit software and hardware vulnerabilities, there’s a cyber-hero fighting to expose (and close) those same security flaws. That reporting process is called responsible disclosure. But in today’s complex cyber landscape, the rules of responsible disclosure can vary dramatically. Begging the question, should the industry be standardizing this … [Read more...]
Major Cybersecurity Concerns for 2017 – Experts Weigh In
It’s 2017 and it’s safe to say that cybersecurity will continue to be a major concern for businesses, governments and the general public this year. As factors like the election, nation-state hacking and new advanced threats contribute to uncertainty about the future of the industry, a recent CSO Online article presented security predictions for 2017 from top vendors and … [Read more...]