New ways to fingerprint Tor Browser users discovered
Users who want to remain anonymous online often opt for using the Tor Browser, which hides their real IP address, but there are techniques that (more or less) malicious actors …
RSA Conference 2016: The infosec glass house?
A couple of years late to the party, but I finally made it to San Francisco with a real sense of excitement to attend what was described to me as the “Super Bowl of the …
My reflections after visiting RSA Conference 2016
RSA Conference has long been the place where security vendors announce new products and services, and industry trends are made. I was told by Centrify that recent breaches …
Most infosec pros consider government-mandated encryption backdoors a bad idea
Apple and the FBI have been engaged in a legal battle over the federal government’s right to require built-in smartphone encryption software that could aid law enforcement …
Companies are realizing that security and privacy go hand in hand
50 percent of companies over the past two years have increased the involvement of privacy professionals on their information security teams to enhance the prevention of data …
Is Hacking Team still using the same old, slightly modified malware?
A newly analyzed OS X malware sample shows that Hacking Team is likely still using old code for its newest spying tools. An alternative (but less likely) theory is that …
Security audit identified risky e-filing tax services
The Online Trust Alliance (OTA) evaluated the privacy, security and consumer protection practices of the thirteen IRS-approved free e-filing tax services. After an assessment …
European Commission presents EU-US Privacy Shield
The European Commission – the executive body of the European Union – issued the legal texts that will put in place the EU-US Privacy Shield, a new framework for …
Start getting ready for Europe’s new data protection regulation today
You are in charge of your organization’s security. Depending on how large and well resourced your business IT function is, your card might read IT director, CIO, CTO, or …
Insecure APIs allow anyone to mess with Nissan LEAF electric car
A vulnerability in the mobile app used to interact with Nissan LEAF, a popular electric car, can be exploited by remote, unauthenticated attackers to switch the car’s AC …
Review: ICLOAK Pro
Maintaining digital security and online privacy is difficult. As things move(d) online, cyber attacks of different kinds and magnitudes are constantly being mounted against …
Mastercard’s Selfie ID: Playing Russian Roulette with consumer identities?
At this week’s Mobile World Congress in Barcelona, MasterCard announced it will accept selfie photographs and fingerprints as an alternative to passwords when verifying …