Latest news

FTC Demands Info From PCI Auditors
Authentication

FTC Demands Info From PCI Auditors

The Federal Trade Commission has sent an order to nine of the larger companies that do PCI DSS assessments, demanding that the organizations turn over detailed information on how they conduct those audits, how often they actually declare a company non-compliant, and many other details. The PCI standard was created […]

Facebook Fixes Account-Takeover Bug
Authentication

Facebook Fixes Account-Takeover Bug

Facebook has fixed a simple yet potentially dangerous bug in its beta platform that could allow an attacker to take over another user’s account by brute-forcing the passcode that Facebook sends to users who forget their passwords. When a Facebook user forgets her password, she is directed to a form […]

FCC Looking for Help Securing 5G, IoT Devices
Device Security

FCC Looking for Help Securing 5G, IoT Devices

SAN FRANCISCO–The FCC is appealing to the security and cryptographic communities for help in defining new security standards for both the forthcoming 5G wireless network and the exploding number of smart devices that make up the IoT. David Simpson, the chief of the FCC’s public safety and homeland security bureau, […]

Balancing Privacy and Security in the Backdoor Debate
Device Security, Privacy

Balancing Privacy and Security in the Backdoor Debate

SAN FRANCISCO–The Apple-FBI debate has brought up many old arguments about wiretapping, surveillance, backdoors, and law enforcement, but while the discussions aren’t new, the technological context is. Cryptographers and privacy experts who are studying the case say that the recent proliferation of encrypted communications and devices has raised the stakes […]

On the Wire Podcast: Rick Holland
Podcast, Social Engineering

On the Wire Podcast: Rick Holland

Rick Holland has seen the security world from a variety of interesting angles. He’s been a practitioner, an industry analyst, and is now the vice president of strategy at Digital Shadows. He’s been digging around in all of the interesting data that the company collects from the public Internet and […]