Month: January 2017

Your Brain Is Bad at Security
Social Engineering

Your Brain Is Bad at Security

OAKLAND–Security teams are frustrated constantly by users who ignore warnings about phishing sites, bad certificates, or malware, and just click through to get wherever they were going. It turns out that behavior probably isn’t the users’ fault. It’s just human nature. There are many reasons why this behavior persists, even when users […]

Inside the Fight Against Bulletproof Hosting Providers
Hacking

Inside the Fight Against Bulletproof Hosting Providers

OAKLAND–For years, bulletproof hosting providers have been the bane of the Internet. They serve as havens for malware, cybercrime operations, and child exploitation rings, while dodging law enforcement by moving their operations early and often. But security researchers and cybercrime investigators are beginning to make some headway in the fight […]

Google Wants to Encrypt the Web. Now.
Privacy

Google Wants to Encrypt the Web. Now.

OAKLAND–The security engineers at Google have spent years working on improving the security and reliability of Chrome, and it’s had a remarkable effect. They’re not satisfied with just raising the security bar for one browser, though, and now are pushing the rest of the industry and the web community at large […]

On the Wire Podcast: Jeremiah Grossman
Podcast

On the Wire Podcast: Jeremiah Grossman

Jeremiah Grossman is one of the more well-respected and accomplished members of the security community and after more than a decade building WhiteHat Security, he recently joined SentinelOne as chief of security strategy. He’s been working on and thinking about the ransomware problem and trying to come up with answers […]

Facebook Unveils Delegated Recovery Account Security System
Authentication, Privacy

Facebook Unveils Delegated Recovery Account Security System

OAKLAND–Facebook has developed a new account-recovery system that eschews the typical communications channels used for this process, and instead relies on a user’s connections with other services. The scheme allows users to regain access to accounts without providing any identifiable information to other services. The Delegated Recovery system, which Facebook introduced […]

Chrome 56 Debuts With Insecure Page Warnings
Privacy

Chrome 56 Debuts With Insecure Page Warnings

Google has released a major update to its Chrome browser, which includes fixes for 51 vulnerabilities and marks the end of Flash and the beginning of warnings about pages that send sensitive information over plaintext connections. Chrome 56 has a number of security related upgrades, aside from the patches. The […]