Information

The digital skills gap, especially in cybersecurity, is not a new phenomenon, with the problem now further exacerbated by the prevalence of burnout Discussion of the resourcing issues within the cybersecurity sector is not a new phenomenon; according to Cybersecurity Ventures, the number of unfilled cybersecurity positions worldwide grew 350% between 2013 and 2021, from 1 million to 3.5 million. The article breaks this number down further, estimating that there are 1 million cybersecurity workers in…

Windows used to be the big talking point when it came to exploits resulting in mass casualties. Nowadays, talks turned to other massive attack platforms like #cloud and cars In years past, a massive Windows exploit netted mass casualties, but here at Black Hat, talks turned toward other massive attack platforms like clouds and cars. Windows is no longer alone at the front of the pack, hackwise – it has company. It makes sense. If…

The Sender Policy Framework can’t help prevent spam and phishing if you allow billions of IP addresses to send as your domain Twenty years ago, Paul Vixie published a Request for Comments on Repudiating MAIL FROM that helped spur the internet community to develop a new way of fighting spam with the Sender Policy Framework (SPF). The issue then, as now, was that the Simple Mail Transfer Protocol (SMTP), which is used to send email…

Don’t worry, elections are safe – this is just one highlight from the DEF CON 30 conference. Scattered around a bevy of tables in the election hacking village here at DEF CON 30 are all the devices – opened wide – that are supposed to keep elections safe. Oh, the irony. It’s unclear how some of these devices ended up here, another unsolved mystery. Luckily, they contain a myriad of tamper-resistant defenses, but from the…

This week’s news offered fresh reminders of the threat that ransomware poses for businesses and critical infrastructure worldwide A number of reports published this week offered a reminder of the threat that ransomware poses for organizations and critical infrastructure worldwide, and were also an indication of the enormous repercussions that a successful ransomware attack can have for the victims – and beyond. For example, an analysis by the U.S. Treasury Department has found that financial…

by Naked Security writer It’s only a week since Elon Musk’s take-private of Twitter on 28 October 2022… …but if you take into account the number of news stories about it (and, perhaps ironically under the circumstances, the volume of Twitter threadspace devoted to it), it probably feels a lot longer. There’s been plenty to set the fur flying, starting with Musk’s curious choice of metaphor in arriving at Twitter HQ on takeover day with…