WPA2 Key Reinstallation AttaCK or KRACK attack
Recently, Mathy Vanhoef of imec-DistriNet, KU Leuven, discovered a serious weakness in WPA2 known as the Key Reinstallation AttaCK (or KRACK) attack. Their overview, Key Reinstallation Attacks: Breaking WP…
GCHQ Collects Mass Social Media Data on Millions in UK—Report
The spy agency allegedly has collected info for decades, sharing it with foreign intelligence and law enforcement.
Employee Snooping is Widespread, with Most Looking for Sensitive Info They Don’t Need
Nearly two in three IT security pros admit they’ve specifically sought out company information they didn’t need.
Third of IoD Members Have Never Heard of GDPR
Institute calls on government and regulator to step up outreach efforts
ROCA Crypto Bug Compromises RSA Keys
Organizations urged to hunt down vulnerable Infineon chips
Report: 88% of Java Apps Vulnerable to Attacks from Known Security Defects
New Veracode report exposes the risks companies face from vulnerable open source components
McRee added to ISSA’s Honor Roll for Lifetime Achievement
HolisticInfoSec’s Russ McRee was pleased to be added to ISSA International’s Honor Roll this month, a lifetime achievement award recognizing an individual’s sustained contributions to the information security community, the advancement of the associati…
toolsmith #128 – DFIR Redefined: Deeper Functionality for Investigators with R – Part 1
“To competently perform rectifying security service, two critical incident response elements are necessary: information and organization.” ~ Robert E. Davis
I’ve been presenting DFIR Redefined: Deeper Functionality for Investigators with R across…
Google Rolls Out Advanced Protection for High-Risk Users
Users include journalists who need to protect the confidentiality of their sources, or people in abusive relationships.
DHS Mandates DMARC, HTTPS for All US Federal Agencies
Agencies will have 90 days to implement DMARC and 120 days to upgrade to HTTPS.